NEWS FROM THE EDGE

Five years ago, you might have had state-of-the-art security protecting your business and network. You had the latest malware protection, highly rated firewalls and a great data backup plan. Maybe you even had a handbook on how to address cyberthreats. You were set. But then you forgot to do one crucial thing: you didn’t stay up-to-date with your IT security policy.

This is a trap countless businesses fall into. They invest in great cyber security once. Five years ago, this was fantastic. The problem is that cyberthreats are constantly evolving. Methods used by hackers and cybercriminals have come a long way in the past five years. Criminals stay on top of what’s going on in the IT security industry. They are always looking for new ways to steal your data and make a quick buck at your expense.

What can you do to stay up-to-date in an ever-changing digital world? Here are three things every business must do to protect itself.
continue reading

If you’re like many businesses today, there’s a good chance you’ve made this one mistake with your IT security: You don’t budget for it. Or if you do budget for it, it’s not enough to really protect your business.

Time and time again, business owners decide NOT to invest in IT services. Instead, they go it alone or skip it completely. Or they might approach an IT services company and ask, “What do you charge for your services?” They don’t ask, “What will I get for my money?” or “How can you meet the needs of my company?” This is a backward approach to IT – and it’s a big mistake.
continue reading

A lot of businesses wait until something breaks before they fix it. And even then, they may take a “patchwork” approach to fixing the problem. They are reactive rather than proactive. Sometimes taking a reactive approach is fine, but other times, and depending on the circumstances, it can lead to even bigger problems.

When it comes to network security, for example, being reactive to problems can be downright dangerous. It’s not just hackers you have to worry about. There are power outages, data loss, equipment failure and more. In IT, a lot can go wrong. But if you’re proactive about cyber security, you can avoid many of those pitfalls.
continue reading

1. Implement a mobile device policy. This is particularly important if your employees are using their own personal devices to access company e-mail and data. If that employee leaves, are you allowed to erase company data from their phone? If their phone is lost or stolen, are you permitted to remotely wipe the device – which would delete all of that employee’s photos, videos, texts, etc. – to ensure YOUR clients’ information isn’t compromised? Further, if the data in your organization is highly sensitive, such as patient records, credit card information, financial information and the like, you may not be legally permitted to allow employees to access it on devices that are not secured, but that doesn’t mean an employee might not innocently “take work home.” If it’s a company-owned device, you need to detail what an employee can and cannot do with that device, including “rooting” or “jailbreaking” the device to circumvent security mechanisms you put in place.
continue reading

You, the CEO of a small business, are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia and the Ukraine are using sophisticated software systems to hack into thousands of small businesses like yours to steal credit cards and client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses.

Don’t think you’re in danger because you’re “small” and not a big target like a J.P. Morgan or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don’t hear about it because it’s kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.
continue reading

Here’s a growing trend creeping into organizations of all industries and sizes: Shadow IT. Shadow IT are unauthorized cloud applications employees are using and downloading to perform work-related activities with company data. This can be file-sharing services like Dropbox or surveys such as Zoomerang. The list goes on and on.

So what’s the problem? For starters, if you’re in a highly regulated industry like medical or financial services, you’re almost guaranteed to be flagrantly violating data privacy laws or at least flirting with them; and if you’re audited, you could end up facing BIG fines, not to mention legal fees and bad PR. Second, the barrier to entry is LOW. Anyone with a browser and a credit card can purchase or enroll themselves into applications that integrate with your organization’s critical applications and/or store company data such as client lists, e-mails, files, etc.

Of course, not all cloud apps are bad, but you as the owner and your IT person or company need to at least be AWARE of these applications to determine if they’re a threat to security or a violation of data privacy laws, and simply to keep your confidential information, well, confidential!

For starters, your IT company or person should be constantly monitoring your network for new and unknown software or devices. This can (and should!) be incorporated into routine vulnerability testing. If you’re not sure this is being done now, find out. As Intel founder Andy Grove once said, “Only the paranoid survive.” Once you know what applications are being used, you can set your company firewall to block applications you DON’T want employees to access with company data and devices, and allow those that are company-approved.

Also, make sure you catalogue these sites somewhere by user with the login information for that person. If an employee leaves your organization or is fired, they may remember what the username and password are to these cloud applications and could use them to harm your organization or steal data to sell or give to a competitor. Don’t put yourself at risk!