Internet Security: 11 Tips to Keep Your Company Safe

In the wake of the WannaCry Ransomware attack, here are a few things companies should keep in mind when it comes to Internet security.

Internet Security is becoming one of the top most important aspects of workplace security. You need look no further than the recent WannaCry Ransomware attack as proof. These issues can cost companies large of sums of money to incorporate and protect. The costs are even more devastation if and when you have an internet security problem or breach.

RELATED: Here’s how you can protect yourself from WannaCry

There are many security issues related to your internet connections and use of email by all of your employees. The number of data records stolen almost doubled between 2015 and 2016 to 1.4 billion. This increased factor did take place due to several reasons; cyber hackers, accidental data breaches, employee mistakes and malicious insiders, according to Gemalto’s Breach Level Index Report.

The statistics do not stop here and it is not just big business that is being breached. Nearly half of all cyber-attacks globally last year were committed against small business. Ransomware attacks rose more than an astonishing 300% in 2016. Lastly, every second 12 people online become a victim of cybercrime, according to System Care.

So, what can the average day to day employee do to help protect the company and themselves from being breached while working with all their electronic gadgets? Remember that in the last two years, 60% of companies have had a security breach that can be traced back to poor email security practices by employees.

11 Simple Employee Good Cyber Habits

• NEVER click on a link in your email. Make a phone call to the source in the email or look up there “real” email and utilize more safely.

• NEVER reply to a suspicious email. If you are even slightly not sure, don’t respond in any fashion. Once again verify by phone or researching who or what they are.

• Avoid free Wi-Fi to protect against hackers. There are ways now to work around Free Wi-Fi or limit any work done to simple correspondences and do not engage in anything that needs protected such as bank accounts, charge cards, company confidential files, etc.

• Spyware on your system will show signs; unwanted pop-up ads, sudden sluggishness, freezing, failure to boot, crashes or internet connection failures.

• Be aware of “phishing” which are emails that appear to be legitimate and they request you to click on a link or fill out a form.

• Spot “Generic Greetings” such as “Dear Customer”.

• Don’t get caught up in “Alarming Statements” urging you to act immediately.

• Beware of emails that ask for personal information.

• Spot misspellings and grammar errors.

• If you find a thumb drive laying on the floor or the ground outside do NOT plug it in and explore the contents.

• Do not leave your passwords out in the open on sticky notes and change your passwords at least twice a year.

Imagine 20 years ago, “cybercrime” was barely a thing and certainly was not a major concern, but current estimates are that now it is costing our country and businesses as much as a half trillion dollars per year in financial losses!

The total security prevention solution starts with each person at each desk and the cybercriminals have found small businesses to be more and more lucrative to attack and breach. There is a strong need to educate our employees on the simple mistakes we are committing each day.

Timothy Dimoff

President, SACS Consulting & Investigative Services, Speaker, Trainer, Corporate Security Expert

Timothy A. Dimoff, CPP, president of SACS Consulting & Investigative Services, Inc., is a speaker, trainer and author and a leading authority in high-risk workplace and human resource security and crime issues. He is a Certified Protection Professional; a certified legal expert in corporate security procedures and training; a member of the Ohio and International Narcotic Associations; the Ohio and National Societies for Human Resource Managers; and the American Society for Industrial Security. He holds a B.S. in Sociology, with an emphasis in criminology, from Dennison University. Contact him at info@sacsconsulting.com.

Share
  • Email
  • Next up: Is My Business Too Small To Outsource IT Support and Services?
  • More in Operations
  • Is My Business Too Small To Outsource IT Support and Services?

    IT support and services run the gamut from design and installation of new networks, advice on technology upgrades, onsite support for tech issues and remote troubleshooting , to more technically demanding services like virtualizations, security implementation, and data retention compliance. 

    “Many small business owners think outsourcing is just for bigger companies, but choosing to let professionals handle your IT support and services can be a wise decision for any small business owner. It is a great option if you are at that point in your business where you need to be focused on your goals rather than the day-to-day functions of your business.

    IT support and services run the gamut from design and installation of new networks, advice on technology upgrades, onsite support for tech issues and remote troubleshooting , to more technically demanding services like virtualizations, security implementation, and data retention compliance. Some benefits of outsourcing IT include:

    Time Savings – As small business owners we wear many hats, but technology is advancing at such a rapid pace it can be extremely time consuming to stay knowledgeable.

    On Demand Services – Outsourcing is often more cost-effective than hiring. Many small- to medium-sized businesses don’t require full time IT support. Outsourcing allows you to call only when you need help; keeping salary, benefits and overhead costs down.

    Filling the Gaps – Even if you currently have in-house IT support, you may need supplemental help at times.  In-house support staff can’t be experts at everything and certain projects may be out of the realm of their expertise.  Outsourcing is a great way to fill the gaps or help complete large-scale projects.  

    Small businesses often feel that they are too small to outsource IT services, but the decision to do so should be based on the function and needs of the company, not the size. When choosing a technology consultant to partner with, referrals are always the best place to start your search; people do business with people they trust.  When you outsource IT services, you are giving someone the keys to the kingdom, so be sure you choose professionals that understand your technology and goals, and can be a true partner in helping you achieve success in your business.”

    Patty Zinn, CEO, Micro Systems Management

    Want more expert advice? Check out COSE Expert Network, an online forum connecting business owners with creative solutions to the tough questions they face every day.

    This article originally appeared in the March 23, 2015, edition of Small Business Matters.

    Share
  • Email
  • Next up: Ask the Expert: IT in the Sky: Is the Cloud Right for Your Business?
  • More in Operations
  • Ask the Expert: IT in the Sky: Is the Cloud Right for Your Business?

    What is the “cloud” phenomenon all about? You hear it constantly, but what does it mean and how can it be used to help small business owners? The cloud has been a buzzword for several years, and with good reason. The cloud is rapidly reducing costs and improving efficiencies for businesses globally. In its simplest form, the cloud consists of services and software that are accessed through the Internet instead of your local network. Cloud environments are housed in highly available, fully redundant and compliant third-party audited data centers and are built on enterprise hardware. 

    What is the “cloud” phenomenon all about? You hear it constantly, but what does it mean and how can it be used to help small business owners?

    The cloud has been a buzzword for several years, and with good reason. The cloud is rapidly reducing costs and improving efficiencies for businesses globally. In its simplest form, the cloud consists of services and software that are accessed through the Internet instead of your local network. Cloud environments are housed in highly available, fully redundant and compliant third-party audited data centers and are built on enterprise hardware. It’s safe to return to an old business axiom: When transformation occurs it brings new challenges; it also brings opportunity. Small and mid-size businesses must become comfortable understanding the cloud infrastructure and all they can gain from utilization. Careful due diligence will help businesses make confident decisions in finding the right providers to launch them into this space.

    Reasons to move to a cloud platform are many. Perhaps you are facing a hardware refresh, new levels of compliance requirements, security and /or law, or your company may wish to move toward applications that can drive and grow your business. You may want to beef up your disaster recovery and business continuity strategies or be prepared to scale your IT to meet varying customer demands. Connecting your mission critical apps into facilities that have faster performance and higher security than your own makes good business sense.

    The idea that the cloud is only for larger companies is inaccurate. There are many budget-friendly cloud options for small and medium-sized businesses. Find a cloud company that will work with you on a Proof of Concept (POC) and, in phases, fit you into the cloud. A POC will determine the feasibility of moving to the cloud; it can also be a useful tool to see how well you and the vendor work together.

    Look for a cloud provider capable of moving you to a global economy. An important business consideration in today’s fast-paced and ever-changing technology landscape is leveraging IT ecosystems. It’s important to partner with groups that can understand your business and collaborate to meet and exceed your objectives.

    By virtualizing your IT applications and infrastructure, your company can create opportunities to become more efficient and reduce your overall IT footprint. As you move toward the cloud, be sure to leverage the umbrella of your provider’s audits and compliance to laws and best practices. By entering the cloud layers, you will reduce and eliminate single points of failure, and bring your company to the outside world in a highly reliable and secure way. 


    Kevin Goodman is managing director and partner with Blue Bridge Networks, a cloud data center and managed services business headquartered in downtown Cleveland.

    This article originally appeared in the June 22, 2015, edition of Small Business Matters.

    Share
  • Email
  • Next up: Is There REALLY a Software Developer Talent Shortage?
  • More in Operations
  • Is There REALLY a Software Developer Talent Shortage?

    From the NEOSA Quarterly Survey, we know nearly every local tech company is hiring. And we also know that many report difficulties landing top tech talent, from the survey and from anecdotal conversations.

    From the NEOSA Quarterly Survey, we know nearly every local tech company is hiring. And we also know that many report difficulties landing top tech talent, from the survey and from anecdotal conversations.

    Well, we’re not alone with that challenge, but most folks probably realized that already. In a recent survey of companies across the US and Canada, 83% of respondents answered “yes” when asked, “Is there a talent shortage?” The survey was commissioned by the University of Phoenix and the Technology Councils of North America (of which NEOSA is a member); seven hundred and sixty (760) people responded from 29 states and 3 Canadian provinces. NEOSA members were also solicited and participated in the study too.

    Aside from the kind of obvious question around whether or not there really is a shortage, some very interesting information emerged:

    • More than half of respondents cited a dearth of local talent as their region’s primary cause of a shortage
    • 54% indicated that a lack of in-migration of talent was NOT the most significant cause

    In terms of critical skills:

    • Java and Software Architecture were consistently cited across three roles: mobile developer, application developer and web developer.
    • Soft skills were considered by the vast majority to be equally as important as technical skills

    Education expected? Far and away, respondents want to see a 4-year degree.

    And how are companies handling or responding to the shortage?

    • Conducting internal training (68%)
    • Offering internships for students (64%)
    • Retraining employees (53%)
    • Network building (51%)

    This study and its results are certainly interesting, and they’ll be helpful as we build out our Talent Services and continue to work with other organizations addressing the tech talent shortage here, such as Regional IT Engagement and NorTech.


    Share
  • Email
  • Next up: Is This Email OK to Open? 9 Warning Signs to Watch
  • More in Operations
  • Is This Email OK to Open? 9 Warning Signs to Watch

    You probably receive dozens, if not hundreds, of emails every day. If just one of these has a hidden virus inside, it could create havoc at your company. Here are nine things to look at before you do any clicking in that email.

    Email is the most often used vehicle to infect a computer or network. Deploying good business class, installing licensed anti-virus software and spam filtering are the proper first steps when protecting a computer or network.

    Most studies show humans are the cause of many computer and network breaches. Employees are still the weakest link in the security chain and hackers use social engineering to exploit that weakness. With that, employers need to educate their employees to recognize the danger signs of suspicious and dangerous emails. Users must stop and look at an email and consider the following warning signs before clicking on embedded links and attachments or responding to the email.

    Here are nine things to look for to determine if the email you’re about to open is safe.

    1. The from: line

    Do you know the sender? If not, be cautious. Even if you know the sender, does the sender’s name match the email address? For example, it is highly unlikely American Express will be sending emails from a Gmail account and not from americanexpress.com. Is the email from someone within your company but looks suspicious or out of the norm? Although the sender’s address may be familiar, the cybercriminal might be spoofing that address, making it look like it is coming from a trusted source when it is really coming from a spammer or someone sending a phishing email. Does the sender’s address look suspicious, perhaps containing a slight misspelling? An example might be an email coming from micorsoftsupport.com. Can you spot the incorrect spelling of Microsoft before you open the email, attachment or click on an embedded link? If you have had no prior communication or relationship with the sender, the email may be dangerous.

    2. The subject: line

    If the wording/text in the subject line does not match the wording/text in the body of the email or has nothing to do with the content in the body of the email, the email might be a phishing or virus email.

    3. Main Body (content/text of the email)

    Does the email contain bad grammar and spelling? These are two good indicators the email may be phishing or worse. But don’t rely on bad grammar alone, as today’s cybercriminals have improved their grammar and spelling. Does the email have a high sense of urgency, asking you to click on a link or open an attachment to avoid something or to receive a reward? Does the text of the email simply look wrong and you have an overall bad feeling about the email? If so, then restraint is best.

    4. The to: line

    You receive an email and there are many other recipients in the to: line and you recognize few, if any. Perhaps an individual has been hacked and their contact list is being used by the spammer and your address happens to be in that contact list. The cybercriminal is now sending emails to all the people in that list, you included.

    5. The CC: line

    The same situation as the to: line.

    6. Attachments

    The email contains an attachment and the file extension looks suspicious, especially if the attachment is a .exe or zip file.   

    7. Embedded Links

    Does the email contain a link and the sender requests you click on the link in order to update some information or download information? Does the link address have relevance to the email? Is the link address exceptionally long or does it seem to have a misspelling such as the micorsoftsupport example? Can you spot the misspelling before you click on the link?

    8. Unsubscribe

    Does the email contain a link where you can unsubscribe? If so, be cautious when you unsubscribe as the link might launch a virus. Also, spammers send out millions of emails in bulk, often to addresses that may not exist in hopes that some are correct and arrive in an inbox and are then opened. If you unsubscribe, you are sending a message back to the spammer that you are a real person and spamming will continue.

    9. Alias Addresses

    Does your company, like most, use alias addresses such as sales@, info@, hr@ and others? These types of addresses usually forward an incoming email to many others in the organization. Cybercriminals will target these addresses as they know their email will be forwarded to many others in the organization with a greater chance of the email being opened.

    If any of the above are relevant to an incoming email, be cautious before opening or clicking on links or attachments. Deploy network security processes and products and educate your employees in order to greatly reduce the chance of malware hitting your network.

    Steve Giordano is president of TeamLogic IT. Learn more about the company by clicking here.

    Share
  • Email
  • Next up: It's Chilly In July - We're Talking to You, Restaurant Owners!
  • More in Operations
  • It's Chilly In July - We're Talking to You, Restaurant Owners!

    In the heart of the summer people are so eager to be out and about, soaking up the sun and shaking off those last bits of winter frostbite. What a consumer doesn’t want is to taste that frostbite on their steak and asparagus!

    In the heart of the summer people are so eager to be out and about, soaking up the sun and shaking off those last bits of winter frostbite. What a consumer doesn’t want is to taste that frostbite on their steak and asparagus! The temperature outside being so hot does not mean that your freezer needs to be compensating for it - it’s costing you money, probably in more ways than one. Your refrigerator ought to stay above 35 degrees Fahrenheit - anything lower - and you’re paying extra. Catching this oversite and being continuously mindful of ways to conserve energy will save money in the short run. Serving nice people with great food on an outdoor patio is what a successful restaurant owner has been looking forward to all year; regain some capital by following this easy tip:

    Place a thermometer in a glass of water and place it in the center of the refrigerator. Simultaneously place a thermometer in between packages in the freezer.  Read the results in 24 hours and adjust temperatures to save on energy consumption.

    For more information on this matter, please read here.

    Share
  • Email
  • More in Operations