News about the popular children’s toy, CloudPets, recently served as a reminder that “not all that glitters is gold.” So it is with the Internet of Things. Although the IoT is heavily promoted by citing its many benefits, as with so many other things, there are always downsides.

The hook that makes CloudPets so appealing to parents – and especially grandparents – is that the product of parent company, Spiral Toys, allows communication via a mobile app and the internal electronics of the plush toy line.

The problem with the toy is that it was not, at least as of the end of February 2017, adequately unprotected from intrusion. It was, in effect, a microphone as a virtual snooping device inside a toy for anyone who understands how to use the internet as a spying tool.

The net results (pardon the pun) of failing to provide even minimal security measures are that millions of private conversations, both in home and across the cloud, were exposed and held for ransom by cyber thieves.

One cyber security expert told the London Daily Mail that,

“It’s an alarming leak because not only does it expose very personal information from children, but the company has also elected not to notify impacted families.

“The primary risk is the invasion of privacy it poses to families. Whilst there is still the potential for hackers to abuse the usernames and passwords stolen, it’s strangers listening to your children which worries parents the most.

“There’s little functional value to voice recordings of children, but it’s content of a very personal nature which families would obviously like to keep private.”

Yet another expert said,

“Anyone can connect to the toy, as long as it is switched on and not currently connected to anything else. Bluetooth LE typically has a range of about 10 – 30 meters, so someone standing outside your house could easily connect to the toy, upload audio recordings, and receive audio from the microphone.”

The Lessons to Learn

1. Do not underestimate the need for security for all connected devices.
2. Any device connected to the internet is vulnerable to attack. This includes smart house and smart car devices.
3. Just because an object looks like a toy, if it contains internet-connected devices, only your child should think it is a toy.
4. Be concerned. Be careful. Be cautious.

Personal privacy, identity, and even conversations, are all in danger of being accessed via the internet and the cloud. No one is exempt. Everyone needs to be sure they are protected.

Do you remember when the Ebola virus caused world-wide panic a few years ago? The killer virus appeared to be out of control and there wasn’t enough supply of vaccine or enough time to distribute it.

Like the script from a sci-fi horror flick, “No one is immune! Ebola is coming to get you!”

Of course, there were those who believed that it could never happen here. There always are. They are the ones who won’t get a flu shot then wonder how they got the flu several months later.

Real World – Virtual World – Same Problem

The same irrational thinking prevails in the virtual world. Even though, as we have cited before, more than 60% of small businesses have been victims of cyberattacks, the other 40% still think they are immune.

But, according to a recent article in TechTalk, the size of the business is not the only reason some businesses have a false sense of security. The article noted that some corporate enterprises feel that their systems are safe because they operate using a different system. In particular, the misconception is alive and well amongst users of Linux, Ubuntu, and iOS.

The assumption is that “users believe Linux, Ubuntu and iOS are more secure because in most malware cases, Windows users are the victims. Although it is true, Windows PCs are highly targeted, this is only because of their large market share. . .  hackers can cast a wider net when targeting Windows PCs than if they were to target Linux, Ubuntu or iOS.”

That sounds like the small business owners’ reasoning that they won’t come after me because I’m too small. Not only wrong, but proven wrong.

It is also becoming abundantly clear that Linux, Ubuntu, and iOS system have been under attack. They just haven’t grabbed the headlines. Yet.

The first rule of thumb in any security business is never assume you are safe from attack. That goes for cybersecurity, too. The faster technology grows, the more we are exposed to security breaches. It doesn’t matter what size your business is – or what operating system – you use. Your technology needs to be guarded.

Guarding your technology is what we do. We work diligently to keep you aware of potential dangers and how to take a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Digital hygiene? What’s that?

Digital hygiene is a lot like dental hygiene. A dental hygiene regimen helps to protect our teeth and gums from bacteria, infection, and decay. A digital hygiene regimen is necessary to protect our technology and information against infection from viruses, malware, hacking, phishing and other cyber attacks.

Cyber attacks are just about as stealthy as dental attacks. Most often we don’t realize that we have developed a cavity until it is already too late. The same is true with cyber infections. The best hygiene in either the dental or the digital world is preventive. A 2015 report by Verizon revealed that most cyber attacks are not carried out by a full frontal hacking of a device, but rather by manipulating the humans that operate them.

Digital hygiene requires continual, proactive care.

Just as routine dental hygiene involves care at home and checkups by a professional, so, too, does digital hygiene. Here are 10 important steps we recommend to keep your technology safe.

1. Be extra careful when asked for personal information in response to emails, phone calls (cell phones are technology too), or web pages. It’s not that sharing is, itself a bad thing. Just be super cautious about what you share and with whom you share it.
2. Do not respond to online or on-phone demands to run a particular software on your computer.
3. Do not be afraid of specific online threats of “account closure, disciplinary action, or arrest.” Legitimate businesses do not usually threaten people.
4. Ensure that all of your software is up to date. You can set your devices to update automatically. (If you are not sure if you should or how you can exercise this option, give us a call at 843-282-2222. We will be happy to help.)
5. Avoid visiting “suspicious” websites or installing “suspicious” programs.
6. Think carefully about identifying your location on your mobile devices.
7. Create strong passwords on all devices – including your cell phone.
8. Think twice before clicking on attachments or links.
9. Strengthen your security with two-step verification for access. Click on this link to learn how to use Google account two-step verification. (Did you think twice before clicking on the link?)
10. Have a regular digital hygiene checkup.

Guarding your technology is best done with regular digital hygiene. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Back in the last decade of the 20^th century, an entrepreneur in Orlando proudly, publicly stated that his business was too small to be a target. Granted, he wasn’t talking about cyber threats, but he was talking about other threats to the security of his business.

He was wrong. Within a matter of months after he boldly blurted out what he believed to be true, his company was the target of litigious attack from a German-based company with over 300,000 employees and annual revenue in excess of $80 billion.

Lesson learned: The size of your business does not exempt it from attack.

This applies, in particular, today when it comes to small businesses and cyber threats. As a recent article in CIO magazine put it, “Believing that their security program is good enough means there’s a good chance they’ll be breached.” The article was addressing small business owners.

Think You Are Immune from Cyber Threats?

Think again. The CIO article described the lack of small business ownership with cyber security issues was akin to them being in a time warp compared to Fortune 100 enterprises. In fact, small business owners should consider these documented facts.

• “95 percent of IT professionals at small businesses believe their cyber security posture is above average. However, 100 percent of the same respondents also said they could improve their ”
• Small businesses are the victims of a whopping 4,000 cyber attacks per day.
  • That’s more than 120,000 per month.
  • That’s nearly 1.5 million attacks per year.
• 75 percent of all U.S. companies have experienced some form of cybersecurity breach in the 12 months from April 2016 to March 2017.
• SMBs are the target of 62 percent of all cyber-attacks.
• “60 percent of small businesses are unable to sustain their businesses” for more than six months following an attack.

If you think that last statistic is because those businesses aren’t as well operated as yours, this statistic should put it in a more worrisome perspective. The average cost of a single data breach is $225 per record lost or stolen. For small businesses, the average price of recovery from a cyber-attack is $690,000. (Fast Math: ≈ 3,000 records x $225/record)

Our objective is not to scare you. It is to warn you. When it comes to being the target of a cyber threat, size doesn’t seem to matter.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Carrying a laptop, notebook, or other mobile device wherever one goes is so commonplace now that even kids in the backseat have Wi-Fi access to the internet over the river and through the woods to Grandmother’s house. Before you point a finger at the kids, just remember, you started it – and you are carrying your device wherever you go, too.

Because you do, because you need to guard your technology, and because we care, here are a few tips for ensuring your internet security when you are on the go, before your personal information is going, going, gone.

Avoid Public Charging Stations

But, they are so-o-o convenient! Exactly – and therein lies the rub. They are so convenient that they are an attractive, ubiquitous, and convenient tool for hackers. As soon as you plug into the USB port your device and all the data on it is conveniently accessible. For hackers, the practice of Juice Jacking is like taking candy from a baby. Carrying your own portable charger if you expect to need to juice up on the go.

Create and Use a Virtual Private Network

The operative word here is “private.” Your VPN virtually guards your technology while using publicly shared networks. Think of your network as a wire insulated to keep it protected from all of the other wires in the same conduit.

Disable Shared Settings

Don’t leave home without doing this: turn off all sharing enabled on each device accompanying you on the trip. You probably locked the doors to your house when you departed, unless you like to keep them open just in case anyone wants to use it while you are gone. Lock the doors; turn off sharing.

Ethernet as a Business Essential

Your business data and technology is too valuable to expose it to public Wi-Fi access. Avoid Wi-Fi by having a business ethernet, ethernet-enabled mobile devices, and traveling with an ethernet port.

Beware of Bluetooth

You don’t need to worry about Blackbeard pirating your information via Bluetooth, but there are plenty of others who are ready and willing to grab the bounty on your business devices when you least expect it. It’s Bluetooth. It must be secure. Not.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Twenty years ago, no one would have imagined employees bringing their computers to work. In fact, twenty years ago, having a company-owned PC on an employee’s desk was considered a status symbol in some companies.

Today, the average person’s cell phone has more technology inside that NASA used to land our astronauts on the moon. What is more, 98% of mobile device users keep their devices within reach 100% of the time – from the bathroom to the boardroom. That’s a lot of technology in the hands of people who are not rocket scientists.

BYOD Makes a Strong Case for Whitelisting

While, on the one hand, employees and companies alike embrace the concept of Bring Your Own Device, it is not without its inherent dangers.

When people bring their own device, any amount a company saves in CapEx for computer hardware, as a result, may potentially be lost by a failure to manage those devices in the workplace.

Advice from INFOSEC

As far back as 2012, the INFOSEC Institute warned businesses about the rising tide of changes that a BYOD culture would generate related to guarding the businesses’ technology. Among their recommendations was:

• Know who can access your company network and data remotely.
• Know how your employees’ devices are configured.
• Clearly communicate your BYOD policies.
• Audit BYOD activities on a regular basis.
• Ensure that employee devices are compliant with your IT security policies and government regulations.
• Control the apps.

Control the Apps

Managing the apps is where whitelisting comes into play. Several of our recent blog posts have addressed the wisdom of whitelisting, including the most recent, “From Whitelisting to Dynamic Whitelisting,” so we do not need to cover that ground again. However, we want to raise your awareness of the efficacy of implementing whitelisting if your business allows a BYOD practice.

We recommend whitelisting to protect both your system, if accessible by employee devices, and to protect their devices as well. You know what they say, “One bad app can spoil the whole bunch.”

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).