Data Security Must Be a Priority for Your Organization
After 143 million people had their personal information put at risk in the Equifax data breach, it comes as no surprise that data security is an even hotter topic than usual. As much as youâd like to think that a breach like that would never happen to your business, this is an unrealistic hope that wonât do you any good if the threat of a data breach does come around. It is much better to be prepared.
Tip of the Week: Know Exactly How Far It Is from Point A To Point B With Google Maps
Who needs a GPS device when you have all that you need, right in your pocket? Weâre talking, of course, about your smartphone. Whether you have an Android device or an iPhone, Google Maps can make for a great alternative, and it sure beats trying to use an atlas. You can use Google Maps to chart the distance between any target destinations and your current location. You can even use it to get the total distance for an upcoming vacation.
Before you get started, take a moment to make sure that you have the latest version of your Google Maps app for multiple platforms, including iOS or Android. You can find it on the Play store or iTunes.
You can start by opening the Google Maps app and navigating to the place you want to measure distance to. All you do is drop a pin on the location by tapping it. You can then proceed to expand the menu at the bottom of the screen and tap Measure distance. The location will appear in a set of crosshairs on the map.
The next step is to add another point near your location. You can just use whatever bend in the road is closest to your current location. The app will then calculate the distance between your points after you place each one. Once youâve accomplished this, just select Measure Distance.
One notable thing to keep in mind is that the app can only tell you the distance between your desired location and your current location if you took a direct route there. Itâs likely that there will be lots of complications if you drove your car there in a straight line. To tell the driving distance from one location to the next, you must place points all along the streets youâll use to get to your location. This lets you calculate the exact distance youâll be travelling.
If you like these tips and tricks, share these blogs on your social media accounts!
How To Spot A SMiShing Attempt
Phishing–itâs a threat that tells a tantalizing lie to entrap its target, and one that youâve likely heard of before. However, as technology has advanced, so have the opportunities that cybercriminals have to leverage phishing attempts. Smartphones, for instance, make it so that you must be aware and on the lookout for SMiShing scams.
SMiShing?
SMiShing is the mobile version of phishing. Instead of catching the target with an email message, SMiShing attempts are sent via SMS, or text. Other than the method of introduction, there is little difference between SMiShing and the traditional phishing. For instance, both require the target to take the phisher (or, in the case of SMiShing, âsmisherâ) at their word and comply with any instructions.
Despite the general public learning to be more wary of cyber threats that come through the computer, there is still a lack of anticipation that these threats can also come in via cell phone. SMiShing is meant to use the disguise of a familiar contact to steal credentials and data, or delete it entirely.
A âsmisherâ will use any stolen credentials to access the userâs accounts and cause all sorts of chaos for them. For example, if you have any sensitive client information located on-site or stored in an online account, hackers can gain access to it with your credentials. Another way that a smisher might take advantage of you is by sending you a fake link via an SMS and request that you authenticate yourself or face a recurring fee. If this is the case, you should report the attempt to IT and give the smisher no response.
Spotting a SMiShing Scam
The first thing you should do if you receive a message that you suspect is part of a SMiShing attempt is to reach out to the supposed sender to confirm that it was legitimate. This should be done via some means other than text. Calling the contact or one of their representatives can help you to judge if the message is authentic or not without leaving yourself vulnerable to further threats.
It more or less boils down to leaving SMS messages from unknown senders alone. This is especially true of â5000â numbers, which indicate that the message was originally an email sent as a text. Scammers have been known to use this tactic in their schemes.
Furthermore, messages with downloadable applications are another warning sign, as this is a common method of infecting a mobile device with malware. A good rule of thumb is to only download and utilize apps that come from your mobile deviceâs official marketplace, as those that donât are very likely to turn out to be malware in disguise.
How To Protect Yourself
As mentioned above, if there is any doubt about the validity of a message, confirm its authenticity through an alternative line of communication. For added security, it helps to augment the practices weâve outlined here with the use of a virtual private network, or VPN, safeguarding your mobile activity.
For help in securing your business devices and communications, call Catalyst Technology Group at (317) 705-0333.
Equifax Freeze PINs Arenât As Secure As They Could Be
The Equifax data breach has been a considerable issue for countless individuals, exposing sensitive information that could lead to identity theft and so much more. In response to this breach, some experts are recommending that consumers go as far as freezing their credit lines because of the potential for breaches. Well, it all comes down to a PIN–something that can be easily guessed by a hacker under the right circumstances.
Personal identification numbers–contrary to popular belief–are the exact same thing as passwords. They are codes designed to keep someone from accessing sensitive information. However, access control devices like this need to follow the same guidelines, regardless of what they are called. They need to be complex and secure so as to keep hackers from guessing them. You should include both upper and lower-case letters, numbers, and symbols, and include them in a seemingly random order.
Youâre probably thinking, âGreat. Now I know enough to make my Equifax PIN as strong as possible.â Except⊠thatâs not how this works.
Due to the way that Equifax generates your PIN, your credit lines could be placed at risk. The PINs used by Equifax are ten digits long, stemming from the date that the credit line was frozen, as well as the specific time which it was frozen. The order of these variables is the following: DdMmYyHhMm. This significantly cuts down on the amount of possible combinations available for a PIN. Furthermore, there are only a certain number of reasonable times within a day where you could apply for a credit line freeze, further limiting the amount of potential variables including the access code.
If Equifax had kept it a simple ten-digit randomized string of numbers, this wouldnât be an issue. But thatâs just not how the cookie crumbled.
As of September 11th, 2017, Equifax has addressed that this PIN generation process needs to be changed. Hopefully, the change will be enough to secure peopleâs sensitive information properly.
What are your thoughts about this development? Are you certain that your passwords and PINs are secure enough to protect your organization (and your identity) from being compromised? For assistance securing your personal and organizational information, reach out to Catalyst Technology Group at (317) 705-0333.
Tip of the Week: 5 Reminders To Protect You Against Ransomware
The Internet is a vast place filled to the brim with threats, especially for businesses that need to preserve the integrity of their infrastructure and keep critical data safe. The Cisco 2017 Annual Cybersecurity Report states that ransomware is growing at a yearly rate of 350%, which is a considerable number to say the least. Here are five tips that can help you keep your business safe from ransomware infections.
Remember Your Employees
Often times itâs your employees who are the first to come into contact with ransomware. Ransomware is often spread through spam messages that lurk in the inboxes of your employees. Itâs best to educate them on how to avoid ransomware in the first place, as it can quickly become a pain to deal with once ransomware makes its home on your network.
Donât Pay the Ransom
Even if your data is threatened by ransomware, itâs not worth paying the ransom to get it back. The mindset you need to keep is that you have to assume the worst. What if you pay up and you donât get your data back at all? You canât trust crooks to keep their word. Youâre better off reaching out to a trusted IT service provider for assistance with your predicament.
Take Regular Backups
Since you canât trust hackers to hand over the decryption key, youâll have to resort to a more reliable way of ensuring your dataâs safety. Data backup can help you prepare for the day you need to restore your data following a disaster. The ideal data backup solution will take multiple backups of your data several times throughout the day, and send them to an off-site data center or the cloud for safekeeping. The idea here is to make sure that your data backups arenât stored on an infected network so that they will work properly when push comes to shove.
Ensure Your Security is Up to Date
Ransomware is always trying everything it can to slip through the cracks found in enterprise security. Therefore, you must take a proactive stance by updating your networkâs security protocol so that all known variants of malware can be kept out of your infrastructure. This includes updating your software solutions, including your operating system and applications, to ensure maximum security.
Be Wary of Email
As we mentioned before, ransomware prefers email as its movement medium. Encourage any and all users on your network to be cautious of any unsolicited messages–especially those that contain links and attachments.
Microsoft users who want to find out more about ransomware can do so at the Ransomware FAQ that is regularly updated in the Windows Defender Security Intelligence (WDSI) database of threats. If you want a more personalized approach to ransomware security, however, reach out to Catalyst Technology Group at (317) 705-0333.
Business Continuity In 3 Easy Steps
Business continuity is an incredibly important part of running a business, but some smaller organizations underestimate just how crucial it is in the event of a disaster. Although FEMA estimates that more businesses are taking advantage of business continuity than ever before, not enough are. Business continuity is something that must be planned for, practiced consistently, and updated as needed. Does your business have a business continuity plan?
Here are three things to keep in mind when putting together a quality business continuity plan.
Keep Each Department in Mind
Business continuity is something that should be applied to the entirety of your business–not just your IT infrastructure. You want to ensure that your entire in-house team has a say in your business continuity plan, specifically to ensure that–in the event of a disaster–they are able to get back in action as soon as possible. If each of your departments can ensure access to important information post-disaster, it makes it much easier to recover in the long run. A good rule of thumb is to ensure that each department has access to mission-critical data, that their processes are moving forward at a steady pace, and has three points of contact within the organization.
Practice Often
A plan is worthless if you donât know how to implement it. You should think of practicing your business continuity plan as a fire drill for your organization. By planning for the worst and practicing what you do in the event of a data loss disaster, you ensure that your business can realistically pull off what the business continuity plan demands in your time of need. Make sure that each of your team members knows their individual roles in your business continuity plan, and keep everyone updated on changes made to the process so that your staff is on the same page. Depending on how often you practice your business continuity plan, youâll start to see whether certain details are missing or obsolete, giving you time to change them before your plan is needed at all.
The 3-2-1 Data Recovery Rule
It wouldnât be a business continuity plan if it didnât include data backup and disaster recovery in at least some capacity. Manually backing up your data can be a dangerous tactic, as youâre relying on systems that arenât automatic and could be subject to user error. Furthermore, you need more than just one copy of your businessâ data in order to ensure proper recovery. If one copy is destroyed, you better have a backup in place. A way to guarantee that this doesnât happen to your organization is the 3-2-1 rule.
Hereâs a quick run-down of the 3-2-1 rule:
- You should have three backups of your data at the very least.
- Two of these should be stored on various types of media, such as a server, external hard drive, USB drive, etc.
- One of these should be stored off-site, like in the cloud or a secure data center.
By using this method, if one of your data backups is destroyed it wonât ruin your business (or your comprehensive continuity plan).
Catalyst Technology Group can help your business build a business continuity plan specifically designed to suit the needs of your organization. To learn more, reach out to us at (317) 705-0333.
Cybersecurity Awareness Is a Featured Theme in October
Every October, the Department of Homeland Security (DHS), United States Computer Emergency Readiness Team (CERT), and the Federal Bureau of Investigation (FBI) join forces to drive cyber security awareness. Cybercrime is a constant threat to individuals and businesses, alike. In fact, the risk is so significant that the US government decided to step up and offer information and resources stressing the importance of cyber security and raise awareness on the best practices to utilize when protect your nonpublic information.
Hereâs a brief overview of the National Cyber Security Awareness Month (NCSAM) themes for 2017, followed by a video made by the DHS that shows the tremendous threat that we are faced with every day and what is being done to keep us safe.
- Week 1: October 2-6 â Theme: Simple Steps to Online Safety
- This week highlights the things needed to keep consumers safe and ways to protect themselves. While itâs targeted more at individuals than businesses, they offer great resources for best practices that everyone should follow, both professionally and personally.
- Week 2: October 9-13 â Theme: Cybersecurity in the Workplace is Everyoneâs Business
- Next, DHS shows organizations how they can protect against cybercrimes that target them. There will be information on creating a cyber security culture among you and your employees.
- Week 3: October 16-20 â Theme: Todayâs Predictions for Tomorrowâs Internet
- The future has arrived and you need to be prepared. This week looks at emerging technology and how you can protect your nonpublic information moving forward.
- Week 4: October 23-27 â Theme: The Internet Wants YOU: Consider a Career in Cybersecurity
- The demand for those with IT security experience has far surpassed the number of qualified candidates.
- Week 5: October 30-31 â Theme: Protecting Critical Infrastructure from Cyber Threats
- The final week is a bit more on the technical side, highlighting the tie between cybersecurity and our nationâs critical infrastructure. As a business owner, it will affect you at every level.
Months to Milliseconds
You can start building a more cyber-secure business today by implementing these tips recommended by the FBI to combat threats like ransomware, and other malware attacks.
- Raise Awareness: Make sure employees are aware of ransomware and of their critical roles in protecting the organizationâs network and data.
- Updates and Patches: Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Auto Update Security Software: Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Limit Super Users: Manage the use of privileged accountsâno users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Access Control: Configure access controls, including file, directory, and network share permissions appropriately. If users only need read-specific information, they donât need write-access to those files or directories.
- Filters and Application Control: Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
- Data Backup & Disaster Recovery Plan: Backup data regularly and verify the integrity of those backups to ensure redundancy.
- Multiple Storages: Make sure they arenât connected to the computers and networks they are backing up.
As a IT service provider, we are always looking to stress the importance of IT security – not just to our clients, but to the community as a whole. Please take a few seconds to share this blog and help us make everyone a bit more #CyberAware. Would you like to step up your cyber security efforts? Call the IT professionals at Catalyst Technology Group at (317) 705-0333.
Tip of the Week: IT Has A Lot Of Jargon⊠How Much Do You Know?
If you spend more than ten minutes with anyone from the technology industry, you may notice that they have a rather colorful vocabulary. Itâs not too vulgar or anything, but it is chock-full of buzzwords that you may not fully understand. Here are some of the most frequently used words in the IT industry.
Actionable Analytics
Businesses are capable of harnessing the power of analytics like never before. However, itâs important to remember that only certain data will actually be useful. The data that can be used to improve operations and measure progress is called actionable analytics, and itâs likely some of the most important data youâll acquire.
Artificial Intelligence
Suspend any knowledge of artificial intelligence that science-fiction movies like The Matrix or Terminator have introduced over the years, and consider instead what intelligent technology can do for your business. You can use it to process lots of data all at once, or make educated decisions using this data. Other types of machinery are capable of speech recognition, learning, planning, and even problem solving.
Blockchain
Blockchain technology is pretty complicated, but the basic idea of it is that each time a file is changed, the changes are recorded, encrypted, and stored in a change log that cannot be edited or changed in any way. Blockchain technology is used in most cryptocurrency transactions, but also has uses in electronic medical records and legal agreements.
Chatbots
Chatbots are commonly considered programs that can build upon conversation, whether itâs through a chat window or spoken over the phone. Itâs basically a way to automate certain functions for your business, allowing individuals or groups to get the support they need, even if they donât speak a specific language. Chatbots can use databases and natural language processing to translate sentences in one language to another.
Cloud-Based Services
Cloud computing has allowed organizations to offer their assets âas a service.â What this means is that services can be delegated to organizations in a scalable, affordable, cloud-based environment that defies the boundaries of traditional hardware and software infrastructures. Furthermore, the company offering the services is generally responsible for any maintenance or security the service requires, while providing the consumer with the ability to control user permissions. Letâs say you purchase virtual server space–you pay a monthly fee, which keeps you from purchasing an entirely new server unit. Itâs a considerable cost savings, to say the least.
Datafication
Since businesses are digitizing so much data, it is now being analyzed to transform the way that itâs utilized. This is called datafication, which is the process of turning aspects of everyday life into data that can be used for various purposes. One example is using social media to understand just who your potential employees are. In this sense, social media can, to an extent, replace personality tests. In fact, analyzing data is often a more accurate gauge of character than a personality test.
Decentralized Cryptocurrency
Cryptocurrency is something that is often used on the dark web to make sketchy sales. On the other side of the coin, however, is the ability to send and receive private, encrypted transactions outside of traditional banking. Cryptocurrency is a virtual asset that doesnât rely on a physical currency to function, so in a lot of ways, itâs useful. One example of a rather popular cryptocurrency is BitCoin.
Gamification
When they first entered the computing world, video games made a huge splash. Chances are that your younger workers grew up with video games in at least some capacity. You can use this to your advantage with gamification techniques designed to enhance productivity through making work fun–or, at the very least, offering goals or âexperience pointsâ for your team to meet. If they earn enough points, they can level up and earn a reward.
Machine Learning
Machine learning is an aspect of artificial intelligence that allows a computer to collect data from different sources, and transform that data into reliable predictions. Businesses might use this information to make educated decisions about their future. For example, a company could use machine learning to collect data from potential customers and use it to increase the possibility that the target would buy specific products or services.
Microservices
If you donât want each and every service that an application or a program has to offer, thereâs often the choice to invest in a microservice, which breaks each of these features down into bite-sized pieces. You can then pay for them individually so as not to purchase services that you donât need, and they can easily be swapped out or changed as needed.
Open Source
Open-source programs are built off of public source code that can be modified to suit the general needs of the organization. Itâs often free and available for any organization that wants to use it. Businesses that want to create custom-made applications can often use open-source code to build working applications with a negligible price margin.
For more information about the many, and often confusing, words in the IT technicianâs vocabulary, reach out to Catalyst Technology Group at (317) 705-0333.
Data Backup is Much More Complicated Than It Seems
You must consider a series of worst-case scenarios if you want to protect your business in the long run. While various factors such as physical security, employee training, and network security can help you mitigate the majority of issues you face, what happens when each of these efforts fails? You know what they say–prepare for the worst and youâll never be surprised by a data loss event again.
With a quality data backup and disaster recovery solution, youâll be prepared for whatever life throws at your business. Larger companies generally donât have as much to worry about, as their budgets are more flexible and can accommodate the spending required to ensure business continuity. Yet, smaller businesses can take advantage of these benefits as well, and itâs all thanks to managed IT services. The same backup and disaster recovery services that large enterprises take advantage of can work for your business, too, and it all starts with a business continuity plan. Here are four major concerns that any SMB should take into consideration for preserving their data infrastructure.
Firewalls
Do you store your businessâs data backups in a location where theyâre not protected by security solutions? If so, youâll need to reconsider how you store your data backups. Firewalls are designed to keep threats from traveling to and from your infrastructure, and if the data that youâre storing your data backups in isnât adequately protected by them, youâre going to have a bad time.
Antivirus
The same can be said for an antivirus solution, which protects your data by eliminating threats to it. All it takes is one threat to corrupt your businessâs computing infrastructure. Think about what would happen if your data backups were to be corrupted by some ransom strain of malware. Would you be able to restore a backup like that in good faith that it wouldnât pose a threat to your organization? Probably not–and you shouldnât be in this situation in the first place. Implement an enterprise-level antivirus solution so that you donât have to worry about whether your data backups are any good.
Backup Tests
Letâs say that your business experiences a data loss incident. You try to restore your data as soon as possible, but something goes wrong. The data is corrupted. Itâs not as complete as youâd like it to be. Regardless of the reason, your business is down and out because you just assumed that your data backups would work as intended. You should be periodically testing your data backups to ensure that they will work when called upon.
Use Automation
The chances of your businessâs data backups not working as intended will be drastically reduced if you remove one of the most unpredictable parts of it–the human element. Tape backups require your employees setting tapes to run backups at the end of every day. A cloud-based BDR, however, will accomplish the same goal automatically and send the backup directly to the cloud. There is no room for error here. Everything is handled seamlessly and without human intervention.
Does your business have a comprehensive business continuity plan? If not, be sure to give us a call at (317) 705-0333. Our trusted technicians can help you build the perfect backup solution for your business.
Where Does Deleted Data Go?
Have you deleted a file and immediately regretted it? Well that may be easy enough to get the file back. What if your intention was to make that file disappear for good? Then you have to understand that the way many operating systems handle the deletion of files may present problems for you.
Depending how you went about deleting the file in question, they may not be deleted at all; and, if they hold sensitive information, they will still be accessible by hackers looking to profit off of your negligence. Below weâll outline what happens when you delete a file to give you an idea what exactly the process is to get rid of data. That kind of awareness is critical for you to protect your data, and your companyâs data.
Deleting a PC File
On your standard PC, running some form of Windows, when you delete a file it is moved to your Recycle Bin. You may think that the files are gone, but that isnât the case at all. The location of the file is changed, thatâs all. If you access the file path inside the Recycle Bin, you can still open it and restore it. You canât even get a file to open if you delete it out of the Recycle Bin. Doing so eliminates the file path and is labeled âfreeâ, but the file itself is not overwritten.
This data wonât be gone in perpetuity until it is overwritten by another file, which is rather unlikely if you are using massive storage facilities for smaller files. Since you never really want to be that close to maxing out your available data storage, overwriting deleted file data happens less than a computerâs user would like.
Cloud Storage Considerations
If you are using a cloud storage facility like Google Drive or Microsoft OneDrive and you want to delete a file, the provider typically keeps this information for a couple of days after the initial deletion, just in case a user made a mistake. After that, however, consumer-grade cloud services customer probably wonât have much luck retrieving any data they had deleted.
Business cloud storage solutions are another story altogether. If your business is a customer of any notable cloud provider, itâs likely to come with redundancy built in. This is a strategy to protect businesses from human error.
Catalyst Technology Group can help your business equip itself with a data storage structure that keeps your data under control. For more information contact us today at (317) 705-0333.