Can Overcome Multi-factor Authentication and Enable Phishing
As a basic element of cyber security programs, penetration testing is standard protocol for detecting possible IT network vulnerabilities. There are many penetration testing tools available that simulate hacker attacks to discover cracks in firewalls and other defenses. Developers are constantly building new tools to keep up with evolving threats and the measures put in place to avert them.
Tech Group The FIDO Alliance Is Leading Us to a Password-free Internet, Greater Security
What Is It?
One of the greatest fears today is that hackers will steal the passwords we use to access social, banking and other sites where we must register to take advantage of their features and offerings and steal our data. The threat for businesses – especially regulated entities – is that employees will fall for password-centric schemes, like phishing, that can compromise a company’s entire IT network. Better days are here – and even better ones are ahead.
Get Our Complimentary Guide to Freeing Your Files in a Ransom Ware Attack – And Avoiding One
According to a recent report from Datto, a leading provider of cyber security services and solutions to managed service providers (MSPs) like us, ransomware attacks are continuing to grow like wildfire and are expected to continue increasing at a rapid clip. These costly cyber security attacks tie up your data until you pay a ransom to the hacker. It’s not just the ransom money, but also the downtime and loss of productivity that make this a threat to avoid or manage efficiently.
Learn About This Dangerous Type of Phishing and How to Prevent It
A survey of managed service providers and in-house IT professionals conducted by our cyber security partner KnowBe4 revealed that phishing/spear phishing is the number three cyber threat that “keeps them up at night.” Other studies show that spear phishing stands to be one of the fast-growing types of cyber-attack in 2019.
How to Review Third Parties to Assure They Don’t Create Vulnerabilities for Your Regulated Firm
When OCIE comes knocking to learn whether your regulated firm has robust cyber security policies and plans in place, one critical area of inquiry will be third-party cyber security risk management. They want to know if you’re performing a cyber security risk assessment of the vendors who have access to your data or network – and taking action based on the results.
Critical for IT Network Security and Regulatory Compliance
This post will outline how to build effective cyber security training programs for employees. Here’s why it’s important for you to read on and then take action if you haven’t already done so:
Identify and Manage All Hardware and Software on Your Network
As we’ve been discussing, protecting your IT network from online threats requires a cyber security plan. Arguably, the first step in that plan is to identify and inventory all of the hardware and software on the network. This is critical to IT inventory management -- an ongoing, multi-step effort to make sure every element of the network has up-to-date protection against vulnerabilities. It is considered a best practice for regulated entities. This post will outline key issues of inventory management beginning with why it’s so important.
End Unintended Consequences of Improper Set-up, Lacks in Monitoring and Cyber Security Training
We’re pleased to introduce our new – and complimentary – Guide to Microsoft Office 365 Security and Compliance.
As a Microsoft Office 365 partner, it was important to us to create this guide. Many of our clients are in regulated industries and have legal compliance concerns. We confidently provide many of them with Office 365. Not only is it a powerful productivity tool, but also Microsoft seriously addresses security in its products.
Security Updates Must Go Beyond Your Operating System to 3rd Party Software, Apps
Many of our clients are regulated entities in financial services and healthcare. In our ongoing concern for their cyber security in the face of increasing and evolving threats from individual and nation state bad actors, patching security vulnerabilities in software and applications is an integral part of every cyber security program we implement. Because many companies believe that their Microsoft and Apple security updates have them covered, this post shares some additional software patch management best practices.