Cybersecurity: Are Passwords Your Vulnerability?

Cybersecurity strategies need to take into account vulnerable areas, such as employee passwords.Don’t let employee negligence be the source of a data breach. Cybersecurity has never been more important, yet too few companies are doing what they should to protect themselves in areas that can be easily remedied with a few important steps.

According to a study by password management firm Keeper Security, 81 percent of data breaches are due to weak passwords, or passwords that were stolen or still set to default. The same study found that almost 60 percent of people use the same password for everything. What can you do to ensure your employees are practicing safe password procedures?

Cybersecurity attacks continue to become more targeted and severe, carrying heavy consequences for victims. Despite the threat, a study by the Ponemon Institute shows that instead of becoming more prepared, many companies are doing less.

The Ponemon survey found that 61 percent of respondents had reported a cyberattack, which is a six percent increase over the year prior. Almost 54 percent reported that their data had been breached, which is up from 50 percent a year earlier. A ransomware attack became a reality for 52 percent of respondents, and more than half of those said they got hit more than once.

What steps can you take to protect against a cyberattack?

·       Gain more visibility into employee password practices

·       Don’t use the same passwords for accessing multiple accounts

·       Don’t share passwords

·       Use strong passwords that are not easily compromised

·       Develop a password policy and enforce it

·       Implement a control policy regarding BYOD (bring your own device)

·       Train security staff more frequently

·       Update antivirus software and encryption software

The costs associated with stolen records are severe; enough to sink some companies, particularly when you consider the average cost of a data breach is around $1 million-plus. The ongoing lack of preparation and neglect of developing more robust password policies puts many companies at great risk, which is why it’s important to take proactive steps to remediate weaknesses.

At Focal Solutions, we’ve developed a number of processes that make telecom easy. Our team is committed to the success of your business, and that includes making sure you’re secure with robust cybersecurity solutions. We have a mission to develop long-term advocacy for our clients and know industry best practices. Contact us today to learn more.

Staying Safe When Utilizing Cloud Storage

CloudWhen it comes to data storage, many enterprises are finding better accessibility and cost savings in the cloud compared to on-site servers. If you have yet to make that move, it’s likely one of your chief concerns is the safety of your data. If so, you’re not alone.

Safety and security are the top talking points for those who haven’t embraced cloud-based solutions. However, large cloud providers are extremely vigilant when it comes to security. The resources available to large providers far exceed what even medium-sized organizations are able to produce on their own, making cloud options even more secure than keeping things in-house.

One area that still remains a challenge with security is that encrypted storage isn’t 100% impervious to attack, especially if drive-based encryption is used, and there is evidence that automatic encryption practices can be vulnerable to attack. Encrypting a server with a custom key set is the way around this issue. What other ways can you protect your data?

Protect Against Damage and Deletion
If you’ve taken every step to fully encrypt your data, it’s still vulnerable to damage or deletion if hardware failure occurs. Bad software and malicious operators can also make your data vulnerable.

If you move data to an area where it can’t be compromised, you will ensure your data is more secure. Protect data from exposure through frequent backups and by making offline copies.

Be Diligent About Management
Make sure you’re partnering with a data center that doesn’t have chaotic data management practices. They should be experts at managing partial datasets and trash. Critical files should never be allowed in low-security areas, and they should practice a metadata-driven approach that offers greater control.

Be Careful of Your Insiders
Did you know the majority of data losses have been at the hand of an insider? These are people whom you’re trusting with your data. Protect yourself by using multi-factor authentication. This may seem like too much of a time investment, but it’s not as much as the time lost in the wake of a data breach.

Human error is also a cause of data loss. Know the common mistakes and develop a strategy for when they occur in order to remain proactive rather than reactive.

At Focal Solutions, we invest in our clients by offering comprehensive solutions. For cloud services, our clients have confidence in our data center solutions and disaster recovery strategies. Contact us today and find out how seriously we take the safety of your data.

Dynamic, Evolving Solutions to IT Security

ITIn the last year alone, IT security has seen an increase in corporate attention and funding, yet security breaches increase. How could this be?

In short, cybersecurity is not simply a concern you can “throw money at” and expect to go away. The only approach to IT security must be one that is dynamic and ever-evolving. Here are three common mistakes that cause threats to a business’s cybersecurity:

Outdated Defenses

More enterprises now invest in IT security personnel and software than ever before. Yet while IT departments keep an increasing focus on end point defenses, it is imperative to remember that processes that prevent data breaches today will not be effective or relevant forever.

Cyber attackers evolve, and cyber attacks grow more sophisticated. Recent IT security breaches have come from spear phishing e-mail scams, which can compromise an entire corporate network if just one employee is tricked by the scam.

This is why it is important to stay on top of the current threats to a company’s IT security, while also anticipating that new or evolved threats will certainly arise in the future. Anyone who has dealt with a next-generation malware virus knows this: there is nothing more damaging than a malware attack when the antivirus software signatures aren’t available yet.

Tunnel Vision: Compliance Requirements

One marker of IT staff success is compliance with security requirements. But that is only one marker. Too many companies face a crisis after IT security professionals develop tunnel vision, proceeding as if compliance guarantees prevention of data breaches. All too often this is not the case, despite industry periodical CIO’s report that 58% of the companies plan to invest more in meeting compliance in the next year.

This is because cybersecurity threats evolve at a faster rate than compliance standards. The vigilance of a company’s IT team must move beyond compliance. A dynamic cybersecurity strategy goes beyond compliance standards and anticipates the evolving nature of security threats.

Adapting New Tech, Not New Security

Third-party cloud storage sites and file sharing apps can make a business more productive and increase employee communications. That is, as long as these channels are secured. Too often, companies embrace new technologies without first laying the groundwork to protect that data. This can have disastrous consequences after a security breach.

A Dynamic Solution

Moving forward, some strategies to bolster the IT security of a company include:

  • Assess which clouds store company data, and evaluate how secure they are.
  • Embrace encryption-based data security, as well as access controls. This doesn’t just mean on laptops and desktops; every cloud and site of Big Data must be encrypted.
  • Have IT professionals work beyond meeting compliance standards to stay on top of ever-evolving security threats.

 

Formulating a Strategic Security Plan

Cyber security threats continue to impact countless networks and IT servers. From viruses to foreign intrusion, web-based invasions are of paramount concern for security professionals and firms. According to a recent IASCA survey, 74% of cyber security managers expect to be attacked in 2016.

It is critical for enterprises to formulate sound security strategies this year. Without a comprehensive and cohesive security platform, all new and existing firms are susceptible to:

  • Viruses and intrusion that steal and expose confidential information
  • Customer information theft and trade secrets exposure
  • Complete lock down of all cloud-based servers, software apps, and hardware


In order to combat the growing number of cyber security threats, businesses need a formidable defense plan that offers optimal online protection of all networks and assets.

 

Assessing Vulnerabilities

The first step to deploying sound security measures is to assess current platforms. With an experienced security firm, clients are able to analyze all vulnerable areas. This can reinforce anti-virus and anti-malware programs while truly protecting the business against cyber crime. Without a field-proven, cost-effective, and customized security solution, companies can experience:

  • Online reputation damage and loss of brand and company validity
  • Exposure to liability and loss of clients due to sensitive information breaches
  • Viruses and malware that can serve as phantom solicitors for new business, resulting in costly damages and irreparable harm

 

Scanning E-Mail Attachments

As simple as it may seem, scanning all incoming e-mail and attachments is still a great security measure. Sadly, many unscrupulous individuals and companies utilize e-mail for viruses, phishing, malware, spyware, and spamming. As a result, it is imperative for all brands to employ strategic security techniques to ensure optimal safety across the board.

Firewalls Are Still Essential

Firewalls are vital in preventing unauthorized network access. They also prohibit access to inappropriate web content while restricting infected file downloads. Firewalls ensure optimal security for corporate IP and VPN networks. Most of all, these security tools ensure:

  • Protection from legal, regulatory, and productivity threats
  • Employees abide by stringent rules, guidelines, and regulations when surfing the web
  • Maximum protection from deceptive websites, links, or social media content

 

Denial of Service

In recent months, countless sites have been impacted by Denial of Service (DoS) hacks. These methodical techniques are utilized by hackers to bring company operations to a screeching halt. This has resulted in millions of dollars in damages, along with irreparable harm to a number of companies’ online reputations. DoS attacks continue to soar in popularity, and are now the preferred choice for hackers that want to hold businesses hostage and receive money to discontinue the attacks.

It is of paramount importance for businesses to discuss these ongoing problems with security providers. To learn more about formulating a strategic security plan,  contact us today.