The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 3: Getting Down to Brass Tacks

“We have met the enemy and he is us.” – Pogo

Review

Our last two blog posts have focused on revealing the greatest threat to your company’s security. The first cited a 2018 report published by PricewaterhouseCoopers that indicated cyber threats to the security of company data are continuing to increase and that employees are the top sources of security incidents. The second shared the finding that “100% of government entities see their own employees as the biggest threat to security.”

This week we wrap up the series by getting ‘down to the brass tacks’ of the best practices you can implement to minimize the greatest threat to your company’s security.

Respond

Myrtle Beach Data Loss PreventionKnowledge is power only if we use it. Now that we are aware that the greatest weakness in our systems appears to be the users, how we respond to that knowledge is key to protecting your data. Here are a few recommendations for your business.

  • Establish policies that define usage rights and responsibilities.
  • Develop a training program. The program should be formal and documented. Each module of the program should be comprehensive and comprehendible.
  • Start at the beginning. Include employee security awareness and expectations when onboarding new employees. Include computer use policies and cybersecurity awareness and practices as an essential part of employment.
  • Train continuously. Avoid falling into the “one-and-done” trap so common in business training. People to not retain everything they learn. Remind, review, and update training continuously.
  • Put employees to the test. Some companies have gone on phishing excursions. The company creates and sends “fake phishing” emails to employees to see who, if any, responds to them. Use the results to coach those employees and, discreetly, use their cases as examples during employee training.
  • Evaluate employee security performance. Cybersecurity has become an important and essential part of your business. It should, therefore, become an important part of the regular employee evaluation process.
  • Raise awareness of new threats. Stay abreast of new cybersecurity concerns as they arise. Communicate those dangers to your employees. Add the new threats to your cybersecurity training.
  • Reward employee performance and compliance. When employees spot a potential security issue, recognize their contribution. Do the same when they “pass” phishing tests or demonstrate an exemplary approach to their use of your technology.
  • Don’t expect perfection. Yes, after all, we are human. That is what makes employees the biggest threat to your company’s cybersecurity. An occasional reminder that you, too, are human is always helpful. The mistake that is made could be yours.
  • Always err on the side of caution. Need we say more?

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell

The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 2

OOPS!

Oops! That’s the word you never want to hear from your barber, your surgeon, or your pilot.

Business owners are beginning to realize that it is not what they want to hear from any employee working at a company-owned computer – or a BYOD computer linked to the company system.

Last week, we shared some statistics that indicate that company employees may be the biggest threat to your digital data (click here for part 1). To underscore that foundation, we were stunned by one of the findings of a Netwrix 2017 IT Risks Report of government agencies:

“100% of government entities see their own employees as the biggest threat to security.”

Think about that for a minute. Not malware, not data breaches, not hackers, but employees.

The attacks may come from the outside, but the biggest threats are the employees on the inside. In fact, the report also revealed that 57% of actual security incidents among those agencies in 2016 we attributable to employee human error.

computer errorBefore taking comfort in “only 57%,” the remaining 43% had their root cause in “insider misuse.” In this case, insider means “employee.”

Obviously, we are trying to make a point here. It is not that you should consider your employees to be ill-intentioned culprits. It is that you should understand the reality that, although they are probably not the attackers, they are the actors via which attackers gain access.

ICU

Before we share some of the finer details and proven ways to protect your technology from damage by your own personnel, which we shall do next week, we want to emphasize and re-emphasize that the essentially cornerstone of security protection for your technology is having an ICU approach. Perhaps we should say an “I see you” approach.

We are talking about an approach in which activity is monitored for the ability to identify aberrations that typically point to security issues and better position your company to handle the potential threats to your systems.

SPY

Secure and Protect Your Technology

Other than the logistical and operational issues we will discuss in the next article, there are two important obstacles that business leaders must foresee prior to making a bona fide commitment to protecting your technology.

1.   The rapid advance of digital technology is not going to stop or slow down to wait for you to catch up or keep pace.

2.   Some employees will perceive monitoring as a violation of their rights.

In Daniel Boone’s day, advancing pioneers secured a position then developed their operational resources within. Today, new resources are coming at us at a furious pace that security often follows rather than leads. If you are going to commit to advancing technology, you must commit to guarding it.

Employees (those people whom government agencies see as their biggest security threat) must be groomed to understand that it is not their activity that must be protected. It is your data. And it is your digital technology. Reasoning to the next level, savvy employers must change to employee paradigm in such a way that they become protectors of your security rather than perpetrators of OOPS moments that could bring your business to its knees.

You don’t have to be a techie or a geek or understand all the ins and outs of cyberspace. We are here to help you guard your technology. The first step is raising your awareness of the need before the need becomes an emergency. The next step is raising your employees’ awareness.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell

The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 1

Yep! That’s one of them.

Surprise!

It’s not hackers and scammers who are the biggest threat to your company’s data security. It’s your employees. And it’s not just because they haven’t learned to keep their coffee away from their keyboard. That’s so late last century.

Speaking of last century, the employee culture then and now are almost polar-opposites. In the 1990s most office staff were unfamiliar with PCs. They were on a learning curve of which the leading edge was the fear of doing something wrong. God forbid that they should do anything that would cause a mistake or to “mash a key” that would create a data error.

Nearing the end of the second decade of the 21st century, the workforce is replete with older employees who have long ago learned the ropes and the next generation that knows no fear. Employees whose first words were “momma, digital, and daddy,” have replaced the retirees who had learned just enough to get by before they got their gold watch (or their pink slip).

The bigger problems today are complacency, carelessness, curiosity, and the occasional class clown. Every research report we have read agrees that the overwhelming majority of data breached can be traced directly to employee negligence. For example,

  • An IBM report indicated that 60% of the cyber-issues reported were caused by insiders.
  • A government survey reported that 57% of cybersecurity incidents were caused by human error.
  • A 2018 PwC report indicated that cyber threats to the security of company date are continuing to increase and that employees are the top sources of security incidents.

Should You Be Worried?

That depends. If you think that your employees are so special that your company is exempt from the reported realities, the answer is yes.

On the other hand, if you take the potential loss or corruption of your business data seriously, and you are willing to take some reasonable steps that will help to ensure that you can reduce the insider threats to your digital technology, the answer is still yes. But you should be able to worry a lot less.

What Should You Do?

We could spend an entire article offering best practices and guidance for guarding your technology in house. That’s what we will do in our next post. Sure, we could do list them here, but we’re going to limit this article to the first and most significant step a business owner must take.

It all depends upon you.

That’s right. The only way to reduce insider threats – malicious, mischievous, or mistakes – is for ownership to make protection of data and technology a priority for your business.

Next week we’ll share some proven ways to protect your technology from damage by your own personnel.

You don’t have to be a techie or a geek or understand all the ins and outs of cyberspace. We are here to help you guard your technology. The first step is raising your awareness of the need before the need becomes an emergency.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell

Backing Up: Your Computer Needs a Rearview Mirror

You wouldn’t drive your car without a rearview mirror. You certainly wouldn’t back up without one.

Neither should you drive your computer without one. You might even say that backing up your computer is your rearview mirror. Perhaps if we thought of it that way we might be more consistent backing up our PCs than most of us probably are.

Okay. Enough punning around. The point is that we need to back up our computers. Backing up preserves the memory of where we have been.

Here are five good reasons to back up consistently.

  1. Your computer isn’t going to do it by itself. Think of all the work that your computer is doing for you. Do you really expect it to do EVERYTHING for you? Backing up is something you do for your computer so that it can be all that it needs to be for you.
  2. Your computer can get sick. If your computer gets a virus, you can lose valuable information. Backing up what you know to be accurate can make restoring your data to complete health and functionality easily.
  3. Your computer can die. If you haven’t had a hard drive crash, you have got to be in the minority. They die. In fact, their mortality rate is much higher than we think – or would like to think. Statistics show that 22% of hard drives fail during the first four years of use. Some have defects. Some just die from overwork. If your hard drive crashes and you don’t have a backup, you will need a memorial service for your dearly departed data.
  4. Your computer user makes mistakes. We know this probably doesn’t apply to you, but we need to mention it for all our other readers. When you know that something has gone terribly wrong – like accidentally deleting a file – a recent backup may be your only remedy for human error.
  5. Your computer uses is a klutz. Again, this probably doesn’t apply to you, so be considerate of our other readers who have dropped their laptops in the past. Maybe some thought they were lucky (?) that it fell into a pile of snow, only to find that something got wet that shouldn’t get wet. It may not have been broken into smithereens, but the effect is the same.

We could go on, but the important thing is that you get the point and start backing up your digital devices on a regular basis, at least daily.

We understand that it is a pain to do and to remember to do. But it is still true that an ounce of prevention is worth a pound of cure. Guarding your technology begins with protecting your data. It is really that important and your protection all begins with you.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell

Signs You’ve Been Infected by Malware

Chances are, you have found yourself in this predicament before:

You turn your computer on, wait for what seems like an eternity for it to boot up. When it finally does, your programs are slow to start, your internet is sluggish and your cursor is delayed several seconds behind the mouse. If this has happened to you, your first thought might be to reboot because you have too many things running at once. The more likely scenario is that you’re infected with a malware virus. While they can sometimes be fairly obvious to spot, malware can also hide really well. You’ll have to do a little searching to see how sick your computer is and how best to treat it so it can be totally cured.

How Do You Know If you’re infected by malware?

Well, the first sign of being infected is for your computer to wig out. It may act really strangely and sometimes it’s obvious, but other times it’s not. It helps to understand the symptoms that can happen so you’ll know what to look for. Here are some other symptoms and problems:

Ransomware

People who author ransomware actually want it to be crystal clear that they have infected your computer. They make a lot of money doing it and if you’ve been infected, you’ll most likely see pop-up windows with messages about your files now being encrypted. They will also usually demand a ransom by a certain deadline in order to restore your files.

Your Browser Constantly Redirects Someplace Else

Perhaps you do a search in Google for something. You choose a link to click on, only to be redirected to a different page. You’ll most likely hit the back button and choose another link to click on, only to have the same thing happen. This is a classic infection of malware.

Different Home Page

You set a custom home page but it won’t come up. Instead of the page you’ve set, a totally different page appears when you open your browser. Also, you may notice a row of toolbars under your browser that you don’t recognize. It may be impossible to get rid of these icons. This can be another classic malware infection.

Constant Pop-Ups

By constant, we mean constant! If you close one only to have one more come up, or you’re getting pop-up ads when you’re not even online, you’ve likely been infected.

Signs of Malware That Are Less Obvious

Computer is running too slow. This could be everything from too many programs active, to being low on space or memory. It could also be malware.

Icons you don’t recognize. It’s possible to get these icons from several sources, such as someone downloading a program or game without your knowledge, or even when you download software and a PUP (potentially unwanted program) comes along with it.

Crashing Constantly. Again, there can be many causes for crashing, but if it happens all the time or only with certain programs being opened, it’s likely you’re infected with malware. A professional can diagnose this.

Your browser freezes. If your browser becomes unresponsive, it could be nothing more than a slow or bogged down internet. Your internet provider can help you check your download speeds. If everything looks good, malware is a definite possibility.

A few other signs can include:

* Multiple bounced emails
* Battery dying too fast
* Bills that are larger than normal

Finally, it’s possible to get malware infections with absolutely no sign at all! The best way to avoid malware altogether is to have Tech Sentries keep you protected. We test constantly for computer viruses and can stop them before they create major issues. Tech Sentries can keep you safe in the background automatically so you can go about your business with confidence. If you have been infected, we will help you rectify and restore your computer to its original state.

Remember, the hackers are always inventing new ways to infect your computer. Tech Sentries stays on top of it so you don’t have to!

Call us today at 843-282-2222.