Imagine a scenario where an office secretary unknowingly gave some of her law firm’s most private data to a gentleman dressed as a Comcast technician. He had bought a Comcast Cable polo shirt off eBay, dressed in khakis with a tool belt, and told the secretary he was there to audit their cable modem specifications and take pictures of the install for quality assurance. Well, that actually happened. It’s not far-fetched.
WELCOME TO OUR BLOG
Routers and firewalls can be confusing. Anybody who wants to have a network with Internet connectivity will typically have at least one in place.
A router like the one you’d purchase at a big-box store is designed to serve the needs of home, not the needs of business. It’s designed to provide basic connectivity and share it with others. They tend to have limited configurations, and for most home users you really don’t need a sophisticated device.
If only it were as simple as going to a website, logging in if necessary, doing whatever business you have on the site, and then clicking the little close button.
Most websites these days have tracking cookies, microdots and other advertising and data-collection bots that sit on them. These little spies are now following you across your browser session and often taking information from you. Sometimes this is for tailor-made advertisements, but it can be also be used to mine other information from you.
Consider the following scenario: A company laptop is left on an airplane, and that laptop has sensitive data for which you are liable. If someone got their hands on that laptop, they could probably gain access to that sensitive information in a variety of ways. Or what if that’s the only copy of the data, and you need it? If it’s not centralized, you might as well consider it lost.
You’ve heard the advice countless times before: you must have antivirus software and a strong firewall.
However, in 2018, there is more to the security “basics” than just having strong technology.
As someone who has worked in the Managed Network Services space for over a decade, there are certain behaviors I notice when it comes to security planning. Every so often, a major security incident occurs that makes headlines, and the media cycle begins. Decision makers at organizations, who are typically business experts and not technology experts, often react with questions about what they are doing to fight this specific threat. Are they doing the right thing? What else could they be doing? How exposed are they?
So you have a big file you need to get over to your printer YESTERDAY and you can’t get it to “send” via e-mail because the file is too big. What should you do?
The right thing to do is contact your IT department (us!) so we can assist by installing a secure file-sharing application that your entire organization can use if you don’t already have one.
Access to data and systems is more versatile than ever. The “Internet of Things” has expanded how we can use technology and share information. How can anyone hope to keep their network safe from hackers, viruses and other breaches when the technology footprint continues to expand? The answer is not one thing but a series of controls and procedures you have to implement and be vigilant about, such as installing and constantly updating your firewall, antivirus, spam-filtering software and backups. This is why clients hire us – it’s a full-time job for someone with specific expertise (which we have!).
PEOPLE! Like it or not, your staff can be your own worst enemies, inviting hackers, viruses, data breaches, data loss, etc., through the actions they thought were innocuous. In most cases, this is done without malicious intent – but if you as a manager haven’t set expectations regarding what websites your employees are visiting, what files they’re sending and receiving (and how they do it), and even what they’re posting in company e-mail, you could be opening yourself up to serious incidents.
If you’re using any kind of cloud application or storage outside of your office, you are right to be concerned about data privacy and security. As a rule, if you have data worth protecting, you should be concerned about it, regardless of where it is stored. However, many data breaches, including data stored in the cloud, are due to USER ERROR. Therefore, it’s important that you, the user, maintain a strong awareness and culture of security.