Directive Blogs

You might be shocked to find out that your mobile device holds a considerable amount of personally identifiable information on it. This has prompted many users to secure their phones at all times, but others simply ignore the threat and brush it aside. Since Google makes it so easy, there’s no excuse for Android users not to secure their devices. Here’s how you can do it.

It can be easy, with all the threats covered in the news, to assume that the biggest dangers to your business all come from the outside. This is a dangerous mistake, as there are plenty of vulnerabilities that originate from within your organization, making it easier for outside threats to come in, if not being bigger threats in and of themselves. Below, we’ll review some of the biggest, mostly internal dangers that your business may face.

You might hear the term “zero-day” when discussing security threats, but do you know what they actually are? A zero-day threat is arguably one of the most devastating and dangerous security issues your business could face, and if you’re not prepared, they could be the end of it.

With a meager market share that is one-third the size of Google’s, one would think that Bing would be trying to keep controversy away from a user’s search results. However, the Microsoft search engine has recently encountered a few notable PR disasters that may be enough to convince some not to use it - especially if it leads to a security breach.

If your business was breached, would it be better to keep it a secret, or should you disclose it to your clients? Uber has proven that trying to hide it is a mistake, and a costly one at that.

Security is paramount. These days, hackers are aggressive and relentless when it comes to using exploits to test your security. So much so that even when applying multiple layers of protection across a site, the server, and keeping everything patched, threats can sneak in. This is why it is critical to have a first line of defense; in this case, a CAPTCHA.

Election Day in the United States is coming up quick on November 6th. It doesn’t matter what your thoughts or opinions on U.S. politics are--the fact remains that millions of Americans will be using the technology available at polling places to cast their ballots, and if this technology isn’t secured properly, the integrity of the voting system will be at risk.

We continually cite just how important IT security is, but like most things, people may not completely understand just how crucial it is until it hits home. Otsego County, would seem to be too small of a place to attract a hacker’s attention, but the Otsego County county government network was reportedly attacked. County Information Technology Director Brian Pokorny said hackers gained access to the county website and other files through a zero-day vulnerability,

It’s October, and time again for the Department of Homeland Security (DHS) to bring extra attention to the issue of security. This year there is a focus on the personal and professional interactions that intersect in the virtual space. The more these two worlds become connected, the more likely the possibility of a hacker gaining access to one or both worlds, using access they acquired from one or the other.

Every business in operation today needs to have some kind of comprehensive network security. Simply put, there are too many threats that can come in through an Internet connection for them to continue doing otherwise. The past year provides plenty of anecdotal proof of this fact, as a quick glance back can show.

Today, we’ve compiled some statistics that give these threats context, as well as a list of some of the most devastating hacks from the first half of 2018. Hopefully, these lists will put into perspective just how important building a network security strategy is for your company. Here are some statistics to help reinforce just how important cybersecurity is:

In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.Nearly 1-in-3 organization have experienced some sort of cyberattack in the past.Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.100,000 organizations were infected with the WannaCry ransomware (400,000 machines).5.4 billion WannaCry attacks were blocked in 2017.The average monetary cost of a malware attack is $2.4 million.The average time cost of a malware is 50 days.Ransomware cost organization’s over $5 billion in 2017.20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.Phone numbers are the most leaked information.21 percent of files are completely unprotected.41 percent of companies have over 1,000 sensitive files left unprotected.Ransomware is growing at 350 percent annually.IoT-based attacks are growing at about 500 percent per year.Ransomware attacks are expected to quadruple by 2020.7.7 percent of web requests lead to malware.There were 54 percent more types of malware in 2017 than there were in 2016.The cybersecurity market will be worth over $1 trillion by 2025.

If that isn’t scary enough, below are some of the attacks that have taken place in 2018. We’ve broken them down into public (individuals, governments, etc.), and private (businesses). Keep in mind all these events took place before the calendar turned to July:

Public January

The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees.

March

Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta’s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million.India’s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person’s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database.Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn’t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event.

June

Fellow business owners, do you ever feel like you need to walk around on eggshells when it comes time to implement a new process or policy with your employees? Does it seem like your staff fights back tooth and nail when there is any technology change or IT restriction? You aren’t alone.

Dealing with other people, whether in the office or a home environment, can often be troublesome. There is always a case of someone trying to be better than someone else, or trying to take advantage of their naiveté. There are solutions out there that make it easier than ever to help keep your home and business safe. Here are some of the best out there.

As you may expect, the average Internet scammer isn’t above resorting to dirty tricks to claim their ill-gotten prize from their victims. A recent scam demonstrates just how dirty these tricks can truly be, and unfortunately, how ill-prepared many are to handle them.

Although we’re in the habit of discussing ways to keep your business more secure, we unfortunately have to discuss how to keep yourself more secure against a business. Walmart recently filed a patent that could potentially be used to undermine the security of everyone there, from shoppers to employees. We took the time and dug into the jargon in the patent to give you a better look at the situation.

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

Even if you try to ban them in the office, it’s inevitable that your employees will bring their mobile devices to the workplace anyway. Instead of worrying about them wasting away the day, why not try to turn the devices to your advantage? There are more tools out there than ever before to not only add smartphones to your workflows, but to make them profitable and valuable for your organization.

When you are surfing the web, do you know if you are secure? Typically, your browser will tell you when a site is secure or not. This is especially important if you are putting in sensitive information, like passwords or credit card information. Google Chrome is stepping up it’s game to keep users safe.

In light of all the data leaks and vulnerabilities that have been brought to light over the past few years, network security has to be a priority for every business. One problem many organizations have is that while they are protecting their network and infrastructure from threats outside their company, the real threats are actually coming from inside. Today, we’ll look at four ways threats can cause havoc from inside your organization.

With every successful intrusion and theft of data, the images of hackers as criminal masterminds and unstoppable forces of technology gone awry grow. In fact, there’s an increasing narrative that hackers are everywhere, just waiting to use their mad ‘skillz’ to steal your credit card information and buy their limited edition dolls, sorry, “action figures.” Worse, they’re just waiting to hold your data hostage and extort ransom from your business.

It’s been about a year and a half since the Meltdown and Spectre exploits became publicly known. While patches and updates were administered to reduce their threat, they continue to linger on in a less serious capacity. Of course, this doesn’t mean that the threat has entirely been neutered--you still want to know what these threats do and whether or not you’re safe from them.

Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization.

If you thought that small town Oneonta wasn’t at risk of cybersecurity attacks and scams that you see in the headlines, you might want to think again. Most of the time, smaller businesses (especially around upstate New York) feel that they’re not a viable target for cybercriminals. After all, these kinds of issues are just concerns for bigger companies in larger cities, they surely don’t happen here, in Oneonta... right?

Blockchain is one of the latest and greatest developments to come in computing. The spotlight is on Bitcoin, Ether, Litecoin, Dogecoin, and several other cryptocurrencies that take advantage of the blockchain, but it’s important to remember that it’s not exclusive to cryptocurrencies. In fact, it has several great uses, with some of the most important being cyber security, transparency, and privacy.

Cryptocurrencies are still one of the better known uses of blockchain technology, and though their values seem to have leveled off since the explosive growth they experienced a few months ago, that has not stopped people from seeking them out. Of course, where there’s money to be had, you’re sure to find cybercriminals.

There are a lot of benefits to implementing a Bring Your Own Device policy for your business. Firstly, people will be able to use the devices that they’ve purchased, and have grown accustomed to, for work. Moreover, many times they can access company information with the use of easy-to-use mobile apps, providing them with more opportunities to be productive. In fact, many organizations that install a BYOD policy see the majority of their workforce work more, which creates more opportunities for revenue growth, and ultimately, higher profitability of the endeavor.

Humankind has always adapted and improved technology to make life easier, starting all the way back at fire and the wheel. Nowadays, our approach to making life easier through technology is centered around productivity and security - if we can accomplish more than before in the same amount of time, without worrying that it will be stolen, we’re happy.

The most significant resource any business has is their team. Yes, unfortunately, many companies view their staff as disposable cogs, to be worn down and tossed once every ounce of passion for their job has been drained away. Some of these businesses even manage to turn a profit.

It’s easy to dismiss network security if you run a small business that seemingly isn’t a target of malicious attacks. Unfortunately, this dismissive attitude can put your organization at risk, as even a simple security issue could be enough to expose your company to dangerous entities. In fact, we would call it foolish not to secure your organization; and one of the most infamous security failings in history stems from this.

The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and use of organizational computer networks with multiple endpoints, understanding the basics of network security is helpful when implementing and employing network security systems. Today, we take a look at the parts of your network, their functions, and what you need to do to protect them.

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

How much time does your business spend every day on issuing patches and security updates? How about basic maintenance and management practices that leave your network technicians tied up for hours on end? Thanks to automation, these menial tasks that take a considerable amount of time and resources can be simplified and offer a great return on investment.

Email is a modern classic as far as business solutions are concerned, and you’d be hard-pressed to find an office that didn’t use it in some capacity or another. However, because email is so popular, it has become a favorite attack vector of malicious users. Fortunately, there are some basic practices that will help keep your email account secure and your communications private.

Oh no. You slap your pockets in a sudden panic, but you only confirm what you suddenly feared: you’ve lost your mobile device, the one with all of your business data on it. You haven’t an idea where you might have left it - all you know is that it’s just... gone.

Ransomware doesn’t discriminate with its targets, as the city of Atlanta, Georgia now knows so painfully well. The city became the target of a ransomware attack that crippled many of its critical system workflows. The municipal government suffered from one of the most advanced and sustained attacks in recent memory.

As smartphones have become smarter, they have become filled with more and more data that needs to be kept private for the owner’s safety and security. This is why it is fortunate that there are also more ways to secure a smartphone against unauthorized use. We’ll examine the many options to devise which is the most secure.

We are going to switch things up a bit and walk you through a retelling of a ransomware attack through the eyes of a business owner. Usually when we talk about these types of threats, we approach it from our perspective and talk about what you should do to prepare and what the threats are, but we wanted to try to show you what an event like this could feel like, for you, in your position, and in your own eyes. We hope that this will raise awareness of how crippling an event like this can be on your company, and we hope you let us know if this perspective helps you, your colleagues, and your staff get a more personal sense of what ransomware can do. Enjoy!

Security is a part of business that is constantly changing and evolving. What worked ten years, five years, or even two years ago may not be relevant in today’s security environment. What are some of the major changes that your company can expect to see in the coming years? We’ll walk you through some of the ways that security will be changing in the foreseeable future, and what you can do about it.

In 2017, ransomware became a huge threat for businesses, so when discussing how nefarious actors will be leveraging new ransomware streams in 2018, you have to do so with some urgency. Today we will provide some information on ransomware, the current trends, and some trends you have to be very mindful of going forward.

Ransomware is a growing problem for businesses, being one of the most difficult threats to remove from an infrastructure. Not only is it easy to spread, but difficult to avoid as a whole. How can your organization prepare for this threat? It starts by being mindful of how ransomware is spread and how your employees react to it, both now and in the future.

We often talk about how the Internet of Things can create security issues in businesses if not properly handled. While there are some very real threats that can be posed by the IoT in the workplace, there is no denying that it can also serve some very real utility there as well.

This guide was created so that business owners, office managers, and IT departments can provide it as an educational resource to showcase some of the most basic IT security practices that can be implemented in your workplace. We recommend printing this out and handing it out to your staff for maximum results.

Spam is a tricky subject to talk about, as it seems everyone has a different definition for it. Yet, most have come to the conclusion that spam is a bad thing. For today’s Tech Term, we want to delve deep into the different kinds of spam out there, as well as theorize where the term even came from.

Whether you’re just a small business looking to get operations moving in your chosen location, or you’re an enterprise with multiple offices across the country, one thing is universally the same: you need IT support in some capacity. As more technology is added to networks of all sizes and complexities, the need to manage this technology improves. Thankfully, you don’t necessarily have to go at it alone--you have third-party outsourcing at your disposal, which can save you both time and money in the long run.

The following guide is designed to be used by business owners and office managers as an educational resource to establish some basic IT security best practices in the workplace. Feel free to print it out and hand it out or post it in common areas.

The Internet is notorious for being a minefield of threats, many of which lurk hidden behind innocent-looking links. In order to go about business safely, you need to be able to identify which links you can click; and, which should be skipped.

Data loss can have lasting effects upon your business, usually measured in lost productivity and capital. In other words, data loss is often measured by the cost required to retrieve, restore, and/or repair its effects. Of course, this is only the beginning of how data loss can impact your operations.

Mobile devices are so common nowadays that you’ll likely encounter your employees bringing multiple devices to the office on a regular basis. Little do they know that everything they bring with them, from their Fitbit to their laptop, poses a security threat. Of course, the threat level from each individual device will depend on what it is exactly, but the point stands that the less you do about mobile device security now, the more danger your organization will be in down the road.

Someday, you’re going to encounter a situation where you absolutely need Wi-Fi and the only option will be a public connection. This becomes rather problematic, as a public Wi-Fi connection is far from secure for business purposes. A method to maximize productivity without compromising security is needed for every business that has employees working out of the office, but what’s the best way to do it?

The unfortunate truth of increased technology use in the workplace is that there is a corresponding increase in the potential for cybercrime, more specifically identity theft, to strike the workplace. The question is, what can you do to help prevent it, and how should you react to it should it strike?

Does your business need an antivirus solution to keep threats out of your network? It’s a simple question with a simple answer, but some companies still don’t see the need for antivirus software on their computers. They might think they are immune, but hackers know the truth--and it’s all too apparent in the face of a data loss incident that hindsight is 20/20.

Email is a solution that needs to be protected, lest you expose important information to any onlookers while messages are in transit. Encryption is one of the key ways you can make sure that your messages are safe, but email hasn’t always used this method to secure messages. In fact, it wasn’t until relatively recently that encryption became a staple of the major email providers.

Hackers are always trying to find creative and new ways to steal data and information from businesses. While spam (unwanted messages in your email inbox) has been around for a very long time, phishing emails have risen in popularity because they are more effective at achieving the desired endgame. How can you make sure that phishing scams don’t harm your business in the future?

Passwords are all over the place these days, whether they’re required to access an online account, or access the devices used to open these accounts. While both types of passwords can make for ideal security conditions, this is only the case if the passwords are strong. If your passwords can be guessed by just about anyone, can you really call it a security measure? New insights from SplashData show that passwords aren’t being considered as much as they need to be.

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

The Internet of Things is everywhere, which means that potential security risks are also everywhere. Your business needs to take the risks presented by the IoT into account and prepare accordingly.

When considering solutions to help ensure your business’ IT security, mobile devices often go overlooked. This makes sense--for most of the time the telephone has existed, it has been attached to a wall, only capable of transmitting sound. However, with phones now being palm-sized computers that we carry in our pockets, keeping them safe from cyberthreats has a new importance.

It’s no secret that a data breach can have serious consequences for any business, especially after some of the events that occurred throughout 2017. From the costs to repair any internal damage done to the efforts it takes to regain client trust, recovering from such an attack is no easy feat--and they’re only poised to get worse.

When so much of what we write is about the threats and attacks that exist (and are carried out) in cyberspace, it is particularly refreshing when we can discuss those responsible for these attacks in the context of their legal proceedings. For example, today we are able to discuss how actors in some of the biggest recent cybersecurity events have entered guilty pleas.

Put yourself in the shoes of a cybercriminal. If you were to launch a ransomware attack, who would be your target? Would you launch an indiscriminate attack to try to snare as many as you could, or would you narrow your focus to be more selective? As it happens, real-life cybercriminals have largely made the shift to targeted, relatively tiny, ransomware attacks.

Tech support is there to help you, except when it isn’t. Many fraudsters will pose as a support technician to gain a target’s trust, only to cause them serious issues. To keep your organization safe, make sure that you are able to spot the warning signs of tech support fraud.

January 28th marks Data Privacy Day, a day intended to raise awareness of the importance of data privacy and educate users and business owners of its benefits. Spearheaded by the National Cyber Security Alliance, there are plenty of lessons the NCSA has to share with businesses as this day puts their, and their clients’, privacy in the spotlight.

Connectivity is one of the major benefits of mobile technology, but some developments have taken this aspect to crazy (and borderline ridiculous) heights. The Internet of Things is forcing businesses to rethink the conventions of connectivity in ways which previously weren’t particularly necessary. Unsurprisingly, the Internet of Things is forcing business owners and normal users alike to remain skeptical of connected technology to a certain degree, and a survey from Cisco showcases this trend perfectly.

Building a social media strategy can be somewhat troublesome for the modern business. Not only do you not know how it can affect your organization, you also know that your competitors are likely using it. To this end, we’ll go over how your organization’s social media practices can influence success.

Security is an aspect of running a business that absolutely cannot be ignored, regardless of whether or not you see it as a considerable issue in the near future. The fact remains that your organization will always be at risk unless you take actions to keep it safe today. By taking advantage of some of the latest and greatest security tools on the market, you’ll be able to protect not only from the basic threats, but more advanced ones as well.

Mere months after the firmware in their computer chips was found to be seriously flawed, Intel’s flagship product has once again brought some unpleasant attention to the company. While the issue now has a fix, there was the possibility that a solution could depreciate the functionality of the CPU.

2FA, or two-factor authentication, is a simple and effective means of boosting your cybersecurity. Despite this, a study performed by Duo Labs suggests that 2FA has not been adopted as much as one might expect, or as much as it should be.

2018 could potentially be a big year for your business. However, your business needs to be around long enough to see any positives that may come its way, which means you need to be prepared for the negatives. Here are five resolutions for you to make this year to help preserve your organization’s cybersecurity.

Today’s business relies on mobile devices, like smartphones, to guide them to productivity and efficiency. In fact, the vast majority of people in today’s society own a smartphone. A report shows that 90 percent of people younger than 30 own a smartphone, which means that the forward-thinking business hiring talented millennials may want to start thinking about how to secure any mobile devices that they use to access company data.

This Christmas, technology is everywhere. Traditionally, the holidays were a time when things slowed down for businesses and people spent time with their families and put their work on the back burner. Those days are over. Today’s professional is lucky to get a day off for Christmas; and, because of the way business works today, may be asked to do more than ever around the holidays.

Few security problems are more dangerous than a network breach. Considering how much you could lose from an unexpected bout with a hacker, it’s no surprise that businesses are concerned. Yet, even some of the most troublesome threats like phishing attacks are often ignored. A new study introduces the groundbreaking thought that phishing attacks should be at the forefront of a business owner’s mind regarding network security.

Android is a very common operating system on mobile devices around the world, and because of this, you won’t be surprised to hear that hackers are always trying to one-up security developers. If your business takes advantage of Android devices like smartphones or tablets, you’ll want to consider these 11 security tips that will help keep your organization safe.

The holidays are a time filled with good food, visits from dear friends and family, and exchanging gifts with those you care about. However, to keep the season bright and merry, you need to be a little cautious during your next gift exchange, as many gifts can present some unexpected risks to your recipient’s security. Be mindful if you see the following items on someone’s wish list.

Data security has to be a core consideration of the modern business, so every small effort you can take to protect your business is important. One such effort is the implementation of two-factor authentication. However, your employees may not initially feel entirely comfortable with some facets of two-factor authentication.

Network security is a crucial consideration for every single business, especially ones that utilize the Internet. There were a lot of negatives and some positives that came out of 2017 in regards to cybersecurity. Below we have listed some of the most troubling cybersecurity statistics collected in 2017, and we’ve followed it up with suggestions on how to keep your business safe in 2018.

While many might see having a credit card stolen as identity theft, this is an oversimplification that can prove dangerous. While credit card theft can be an element of identity theft, equating the two means that other forms of identity theft are overlooked. In today’s blog, we’ll go over why identity theft and credit card theft aren’t exactly the same thing, and what you can do to help keep your business safe from damage.

Insider threats contribute to a significant number of data breaches. These cases of data exposure are enabled by a member of your staff, whether they intended to harm your business or simply made an honest mistake. With so much focus directed toward the threats out in the world, sometimes we forget that the biggest dangers can be among our ranks. To make up for this, we’ll discuss a few ways to keep insider threats from doing your business too much harm.

If your business were to be struck by a Distributed Denial of Services (DDoS) attack, would it be able to recover in a timely manner? Do you have measures put into place to keep them from hampering your operations? While most organizations claim to have sufficient protection against these dangerous attacks, over half of them have simply proven to be ineffective against DDoS.

Without competition, there would not be businesses. However, this competition needs to be fair in order for small businesses to embrace new opportunities that arise. A U.S. bill that allows for both of these goals has passed in the House of Representatives and will be voted on in the Senate.

The ability to vote is considered one of the great rights in the world, putting one’s voice and opinion into action to shape history. However, it has been demonstrated that the electronic voting machines that some states in the U.S. use simply aren’t secure enough to ensure that the democratic process is preserved.

There are many organizations in the world that simply can’t have cybercriminals and hackers interfering with their data. One of these organizations, CERN (whose acronym translates to the European Laboratory for Particle Physics) has far too powerful of a computer grid to allow hackers to access it. To keep it safe, CERN has deployed what may be the future of cybersecurity: artificial intelligence.

You’re lucky to go a month without seeing news of some devastating data breach. With more businesses gearing up for the worst, what are you doing to protect your organization’s intellectual property and sensitive data? You can start by implementing a new type of authentication system that’s much more secure than your current security strategy--two-factor authentication.

We’ve all seen and heard about companies and government departments that have experienced major security and data loss events. Once the event is made public, there is a media frenzy of coverage disclosing answers to questions like: Were your records compromised? How can you protect nonpublic information in the future? What should you do if you are a victim? However, as the media focus moves to another topic, the breach becomes yesterday’s news - and there is very little coverage of what repercussions and penalties those entities that were breached faced - if any.

Physical security is more or less what it sounds like: security intended to protect the physical infrastructure that houses your business and your critical data. Many of the pieces of physical security will seem very familiar, even if you didn’t know the right terms for them.

Considering how often hackers target financial credentials like credit card numbers and expiration dates, it’s not surprising that ATMs can provide a wealth of information to them. Hackers are willing to go exceedingly far just to get their hands on these credentials--including physically altering the devices themselves to install skimmers and other technology on them. Unless you know what to look for, it can be difficult to tell if a machine has been tampered with.

You might be surprised by how many of your organization’s security issues originate from within. A major contributor is user error, which can lead to some pretty severe problems reaching from your data security, to your workflow, all the way to the continuation of your business itself.

Would you be surprised if we told you that cybercrime is one of the biggest threats to the success of your organization? Unfortunately, there’s no escaping the fact that your business will be under fire from all sides by security threats. One of the most notorious methods includes phishing--email scams that are designed to harvest credentials and other information from unsuspecting users.

Considering that since January 1st of this year, there has been upwards of 10 million personal information records lost or stolen each day, odds are that you, or someone you know, has had their records compromised by a data breach. With such a high incident rate, individuals and businesses that have never received any kind of notification that their records were included in a breach, generally consider themselves lucky and assume that they are not at risk of identity theft or unauthorized account usage. Unfortunately for them, that is not always the case.

A surprising number of security issues come from inside your organization. User error on the part of the employee can present major problems for your workflow, data security, and the integrity of your business. User error could be something as simple as an employee clicking on the wrong links when they receive a suspicious email in their inbox, or if they are accessing data that they simply have no business accessing in the first place. Sometimes businesses will even completely forget to remove employee credentials when they leave a project or the company creating a breachable hole in your network. Regardless of the reason, user error can be a detrimental occurrence, and one which must be prepared for.

If you run a small business, you might consider yourself a small target of hacking attacks. It might make sense to think of it in this way, but this actually is not advisable to think of it in this way. According to a recent survey by CNBC and SurveyMonkey, only two percent of small businesses see cyber attacks as anything worth worrying about. This leads us to the next question… are you one of them?

Most small businesses don’t have the luxury of an in-house IT department. Even if they do have one, it’s likely a small department run by a handful of folks who have their hands full with either implementation projects or simply staying afloat. With opportunities to invest in the improvement of your infrastructure few and far between, a network audit can help you identify where your network suffers most, and what you can do about it.

If you’ve watched the news lately, chances are you’ve seen the Equifax breach and the ridiculous fallout it has caused. Over 133 million personal records have been stolen. While it’s difficult not to feel individually victimized by such a breach, it’s important to remember that it’s often not your specific credentials targeted by hackers. Since businesses often hold onto valuable information, they have big crosshairs painted onto them. It doesn’t even stop there--any vendors or partners you deal with are also in danger of hacking attacks.

Data security, always an important topic, has been made even more urgent by the Equifax data breach and the fact that 143 million users had their personal information stolen after entrusting it (or not) to Equifax. You need to consider what would happen if your business were on the receiving end of a data breach, and prepare to handle this truly unpleasant circumstance.

Cybercrime is the fastest growing criminal activity in the world. From the largest enterprise to the individual, it can affect anyone, anywhere. To help ensure the cybersecurity of American citizens and their businesses, the Department of Homeland Security (DHS), United States Computer Emergency Readiness Team (CERT), and the Federal Bureau of Investigation (FBI) and other agencies work together every October to raise awareness about the threats people face online through a series of educational events and activities.

The 2016 United States presidential election was an ugly one for multiple reasons--chief among them the accusation that hacked voting machines could have altered the outcome of the election significantly. Thankfully, there are steps being taken to alleviate the worries that third parties might alter the outcome of such important events.

The protection of your business includes many facets. Physical security, training, and network security get most of the attention (and rightfully so), but does your business have a plan in place if those strategies fail? For the growing business, understanding that your data is an asset doesn’t have to come after you lose some. If your management team prides itself on taking proactive measures to keep business running smoothly, one element that has to be on the table is the practice of data backup and recovery.

The variety of malware known as ransomware exploded in popularity in 2016, encrypting victims’ files and demanding cryptocurrency payments to restore the data to the estimated tune of $1 billion. This may seem to suggest that large corporations and companies are the primary targets of these cyber criminals--and for some, they are.

When you delete a file off your PC, or your hard drive becomes corrupted, you just take for granted that the data is gone in perpetuity. That isn’t the case at all, and it can present problems for businesses and individuals alike. The thing is that it’s deleted, it’s gone, it ceases to exist, because you deleted it with your own hands.

Dealing with disasters are a part of doing business. You know how difficult it is to recover from a devastating flood or storm. While businesses tend to suffer from these situations, countless individuals suffer every time a natural disaster hits. Just take a look at the United States in recent weeks. Even though you may want to donate to people suffering from hurricanes, there are illegitimate charities out there that want to make a quick buck off of your generosity.

In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal identity theft and prevention, it’s important to keep in mind that not all the stolen data records target individuals. Business entities are also at risk. Vendors and partners that you do business with regularly will probably have record of your company’s non-public information, payment information, or tax ID number.