Microsoft Security: How MS Is Beefing Up Its Cyber Security Technology Brand

According to Microsoft, there are more than 400 million active users of its Windows 10 operating system worldwide. Estimates have the number of MS Office 365 users at 180 million. In addition to the productivity features that have led to this success, Microsoft Security has put a strong focus on cyber security technology as threats have increased exponentially in recent years. Frequent software updates fix vulnerabilities and issues as they’re discovered. But the company is also looking forward and outward in an effort to prevent cyberattacks and minimize cyber security risk. This post focuses on some of the initiatives the company is involved in beyond actual product development and touches on some product security improvements.

Does the EU’s GDPR Affect US Data Privacy and Cyber Security Compliance Strategy?

Yes, Especially Regulated Industries. And US Regulations Are Coming. Prepare.

Penetration Testing Tools – Modlishka Tool a Cyber Threat

Can Overcome Multi-factor Authentication and Enable Phishing

As a basic element of cyber security programs, penetration testing is standard protocol for detecting possible IT network vulnerabilities. There are many penetration testing tools available that simulate hacker attacks to discover cracks in firewalls and other defenses. Developers are constantly building new tools to keep up with evolving threats and the measures put in place to avert them.

Standardized Multi-factor Authentication Just Became a Reality

Tech Group The FIDO Alliance Is Leading Us to a Password-free Internet, Greater Security

What Is It?

One of the greatest fears today is that hackers will steal the passwords we use to access social, banking and other sites where we must register to take advantage of their features and offerings and steal our data. The threat for businesses – especially regulated entities – is that employees will fall for password-centric schemes, like phishing, that can compromise a company’s entire IT network. Better days are here – and even better ones are ahead.

Cyber Security Services: Do You Need A Data Hostage Negotiator?

Get Our Complimentary Guide to Freeing Your Files in a Ransom Ware Attack – And Avoiding One

According to a recent report from Datto, a leading provider of cyber security services and solutions to managed service providers (MSPs) like us, ransomware attacks are continuing to grow like wildfire and are expected to continue increasing at a rapid clip. These costly cyber security attacks tie up your data until you pay a ransom to the hacker. It’s not just the ransom money, but also the downtime and loss of productivity that make this a threat to avoid or manage efficiently.

Spear Phishing: A Growing Cyber Threat in 2019

Learn About This Dangerous Type of Phishing and How to Prevent It

A survey of managed service providers and in-house IT professionals conducted by our cyber security partner KnowBe4 revealed that phishing/spear phishing is the number three cyber threat that “keeps them up at night.” Other studies show that spear phishing stands to be one of the fast-growing types of cyber-attack in 2019.

Contract Renewal Time: An Opportunity for Vendor Cyber Security Risk Assessment

How to Review Third Parties to Assure They Don’t Create Vulnerabilities for Your Regulated Firm

When OCIE comes knocking to learn whether your regulated firm has robust cyber security policies and plans in place, one critical area of inquiry will be third-party cyber security risk management. They want to know if you’re performing a cyber security risk assessment of the vendors who have access to your data or network – and taking action based on the results.

Building Cyber Security Training Programs for Employees

Critical for IT Network Security and Regulatory Compliance

This post will outline how to build effective cyber security training programs for employees. Here’s why it’s important for you to read on and then take action if you haven’t already done so:

Cyber Security Plan Step 1: IT Inventory Management

Identify and Manage All Hardware and Software on Your Network

As we’ve been discussing, protecting your IT network from online threats requires a cyber security plan. Arguably, the first step in that plan is to identify and inventory all of the hardware and software on the network. This is critical to IT inventory management -- an ongoing, multi-step effort to make sure every element of the network has up-to-date protection against vulnerabilities. It is considered a best practice for regulated entities. This post will outline key issues of inventory management beginning with why it’s so important.

A New Guide to Microsoft Office 365 Security and Compliance: Don’t Be Your Own Worst Enemy

End Unintended Consequences of Improper Set-up, Lacks in Monitoring and Cyber Security Training

We’re pleased to introduce our new – and complimentary – Guide to Microsoft Office 365 Security and Compliance.

As a Microsoft Office 365 partner, it was important to us to create this guide. Many of our clients are in regulated industries and have legal compliance concerns. We confidently provide many of them with Office 365. Not only is it a powerful productivity tool, but also Microsoft seriously addresses security in its products.

Software Patch Management Best Practices: A Key Part of Your Cyber Security Program

Security Updates Must Go Beyond Your Operating System to 3rd Party Software, Apps

Many of our clients are regulated entities in financial services and healthcare. In our ongoing concern for their cyber security in the face of increasing and evolving threats from individual and nation state bad actors, patching security vulnerabilities in software and applications is an integral part of every cyber security program we implement. Because many companies believe that their Microsoft and Apple security updates have them covered, this post shares some additional software patch management best practices.

Encrypted Email Services: Know What You're Getting

The ‘Encryption Myth’ May Open Regulated Businesses to Added Security and Compliance Risk

This post is motivated by the growing number of inquiries we’re receiving from clients about whether they should be using one of the cloud-based email encryption services available today from companies including Citrix, Sharefile, Smarsh, AppRiver and others. Many of our clients are in regulated industries -- financial services and healthcare.

Cyber Security Training: How to Phish-proof Your Employees

Drastically Reduce Vulnerabilities in Only 90 Days

Continuing our discussion of cyber security training for employees of regulated organizations, this post examines the growing threats from phishing schemes and suggests training that will reduce the possibility that your staff will inadvertently unleash a disastrous attack on your systems, data and client assets.

Cyber Security Training for Employees: Protecting New Personal Devices

Don't Let Their Holiday Technology Gifts Become 'Gifts' for Hackers

Our last post discussed the importance of cyber security training for employees. Along those lines, at holiday time we always make sure to alert our customers and their staffs to a particular concern: devices received as personal gifts that will also be used for business. If they’re not set up according to best practices by your network security team, they could represent a serious cyber security threat and compliance problem for your regulated business.

Is AI Snooping On Your Office Conversations? Cyber Security Training Can Keep Them Confidential

Take Action Before Letting Alexa, Siri and Bixby Into Your Private Meetings!

Are our artificial intelligence devices listening to us all the time and saving our conversations? The fact is, we just don’t know. Although most of the alarm has centered around home use of these devices, it’s time that we consider the potential negative implications on data security and privacy in the workplace – especially as regards regulated businesses. So what do we know?

Recent DOJ Hacker Charges a Reminder: Do Network Penetration Testing, Patching for Cyber Security

Earlier this month, the U.S. Department of Justice filed charges against a N. Korean hacker who they say was behind such infamous incidents as the WannaCry ransomware attack, the attack on SONY over its release of a film unfavorable to N. Korean leader Kim Jung Un, and the $81 million Bangladesh Bank heist.

The DOJ’s action is a reminder that businesses are vulnerable and must take proactive steps to assure cyber security – especially regulated companies. These steps include network penetration testing, ongoing identification and patching of software and network vulnerabilities and other measures.

Get Our Cyber Security Self-Assessment Checklist

Another Free Tool to Defend Against Hacker Threats

Here at Soundshore Technology Group we are increasingly focused on cyber security. We’ve just launched a second tool – a Cyber Security Self-Assessment Checklist -- that companies can download for free to help them look in the right places and ask the right questions to assure their networks and systems are defended. This follows a special offer for new and prospective customers that we launched a few weeks ago – a free external Cyber Security Vulnerability Assessment, a process that we perform.

Special Offer: Free Cyber Security Vulnerability Assessment Available to New STG Customers

External Scan Is First Step to Protecting Financial Firms’ Client Data/Assets, Enhancing Reputation

We’re introducing an important offer for new and prospective customers – a complimentary Cyber Security Network Vulnerability Assessment. This offer addresses the critical need for financial services companies to be able to demonstrate proactive efforts to assure the security of their technology networks. Read on to learn why we’ve decided to do this and to get more details about the offer.

What to expect from an SEC Audit of Your DR & BCP

SEC audits are never welcome, but with this blog entry you can at the very least know what to expect and what to prepare for with your Disaster Recovery and Business Continuity Plan

Soundshore Technology Group LLC Completes Acquisition of Westside Automation and Opens Los Angeles Office

Don't Sign That Office Lease Yet! 5 Tips for IT Relocation.

So you have finally decided on the big office move?  Lease terms are favorable now and you may want better, bigger/smaller, more convenient, less expensive office space?

Soundshore Technology Group Expands West Coast Presence with Addition of Three San Francisco Area Offices

Soundshore Technology Group Expands West Coast Presence with Addition of Three San Francisco Area Offices