Working Remotely During the Holidays

Cyber Security Tips for Working Remotely During the Holidays

Whether we’re new to working remotely or veterans, whether we’re addicted to our jobs or unwilling slaves to our work, most of us don’t know the risks involved with this practice when we’re traveling and connecting to work computers and accounts via unsecured networks and personal devices.

Because most companies deal with sensitive information, they limit the access to their own computer networks and platforms to minimize threats like phishing, malware (viruses, worms, spyware, ransomware, etc.), Man in the Middle and DDoS attacks, and even computer theft!

You might think your organization’s CIO or CTO is a bit paranoid for treating you and other employees like security threats, but you’d be surprised to know that this is not far-fetched. In fact, it is likely that if a data breach or cyberattack happen during the holidays, you or a low-tier coworker might be partly responsible even if you’re unaware as to how this could happen.

According to the CEO of Nerds Support, Scott Richman, all businesses should have a relationship with a professional, established IT firm. “What we’re finding is that most of them do have relationships with IT personnel but are not educating them about the risk that remote users pose”, confessed Scott.

Implementing just a few of these practices will make the IT team at your company respect you a little bit more. So, here are some tips on how to work remotely the right way, in complete compliance with cyber security preventative practices.

Secure All Your Devices

This might be a tedious and time-consuming task, but it’s something that is absolutely necessary to prevent hackers from gaining the upper-hand! Below, you’ll find advice on what you could do to limit access to personal data in your device.

  • Enable 2FA: To enable two-factor authentication, we might need to access both or personal and work accounts and follow the instructions that each platform provides. You could also use an authenticator app (like Authy, Duo Mobile, or Google Authenticator).
  • Enable Remote Wipe: To set up remote wipe on your Android, Apple or Windows mobile device, first you’ve got to go to Settings, turn on the Find My Phone feature, and then active the erase device command in your phone.
  • Encrypt your Hard Drive: In Mac, you just need to turn on the FileVault, and in PC, turn on BitLocker.

Scott says the biggest problem the NS team finds is that there is no process in place. Sometimes, when users remote-wipe their work device, it’s already too late because too much time has passed. That’s the benefit of working with an IT team: they have emergency security protocols in case these things happen and will act fast to minimize the threat.

Connect to the Internet Safely

Avoid public Wi-Fi/hotspots and use a VPN service if you absolutely need to connect from an unsecured network and get some work done ASAP. If you have the budget, you could also purchase your own mobile router and configure the network’s settings, or you could enable your personal mobile hotspot with your cellphone wireless provider (most big telecommunications companies can enable this feature on smartphones).

Communicate Securely

One thing that will help avoid data leaks is using secure videoconferencing and messaging apps, like Signal and WhatsApp. Here’s another practical tip: if you deal with company trade secrets or sensitive data, avoid talking about work in public spaces (remember: IRL there’s no such thing as a “cone of silence”, and people WILL be listening regardless they want to or not).

According to Scott, company communication should not be discussed in a public marketplace where anyone could misappropriate the intellectual property of your business. This happens to entrepreneurs often. They let their guard down while discussing their start-up ideas with their prospective clients over delicious coffee, and just like that, their new business concept has been stolen.

Use Productivity/Team Collaboration Apps Setting Up User Permissions

Your boss might ask you to use time tracking or task management apps, or to be “online” at all times so he/she can know if you’re actually working. However, you must know something: even though these tools maximize productivity, they could be detrimental for your company’s security.

Don’t assume these platforms are completely safe, as that would be a big mistake! It’s important that you keep high-security standards when using collaboration apps. That way, you will avoid revealing sensitive company and client data to malicious hackers.

Take a look at the security settings of the apps you’re using for team collaboration and project management and take the time to make your account harder to get into. Also, Scott recommends to validate any product that you use online. Check if they’re compliant with the latest security practices, and that they maintain their software and patch the bugs regularly.

Safely Access Your Work Email

Only send emails to co-workers who have company email addresses. For example, if your company is using G-Suite, don’t send personal or work emails from that G-Suite account to people outside the company network.

One of the biggest cyber security threats right now is phishing, as the techniques and methods have gotten more and more sophisticated with the years. Malicious emails are now more realistic than ever.

Scott especially warms about the dangers of phishing and spearfishing. “You’ve got to make sure that the person who’s emailing you is who they say they are. Any invoices you receive, claims of donations, or any prompts to reset the password to your bank account are all red flags, and you could be sending your personal and banking information to a hacker who could end up being able to access your governmental and financial records.”

Promote Remote Work Best Practices, Ensure Compliance!

Remember, promoting cyber security practices and cyber threat awareness is the best strategy to prevent embarrassing situations like data leaks. Train your employees, vendors and contractors on cyber security best practices, which include using strong passwords and password managers, turning off social logins (via Facebook and Twitter), set up or strengthen the spam filter on both your personal and work email, installing anti-malware software, and setting up a secure browser like Chrome with extensions like HTTPS Everywhere, Password Alert and uBlock Origin.

Also, remind your fellow employees with access to sensitive/valuable data to enforce these security measures, so everyone in your team can be safe from cybernetic threats.

Additional Remote Working Tips for the Holidays

Santa is making a list and checking it twice, and so are hackers. Don’t forget that. Just remember these tips, and never, EVER use personal, unmonitored devices to connect to company websites or access company data!

Scott’s final recommendation, said in a joking manner, is that if you don’t feel like you have any security measures in place as a remote worker, then just quit the Internet altogether. “It’s truly the only way you’ll be 100% safe from online threats”, said Scott while laughing.

If you must or need to work remotely and want to do it the right way, talk to us. We’ll help you set up a secure remote work environment (a “Workplace”, if you will) so you can safely access your work apps, files and website accounts, no matter where you are!

Want to know how your cyber security knowledge as a remote worker stacks up? Take this quiz!
Remote Worker Cyber Security Test

workspace updates 2018

New Workplace Update: What You Should Know

We all deserve a gift this time of the year, whether we’ve been naughty or nice. So, here are some good news from us to you: a Workplace update is about to launch! Read more about what’s new with your favorite digital business hub before you go on your Holiday vacation.

With new features, design improvements and workflow enhancements, Workplace will now facilitate remote team collaboration as well as individual employee productivity in your company even further. A new, cleaner user-friendly interface will allow you and your co-workers to find, access and share files, websites and apps easier than ever before!

What’s more, Workplace’s key upgrades will assure its users better security and regulatory compliance, as well as make the platform a truly amazing tool for remote workers and organizations who care about keeping their data safe.

So, what are the main changes that will transform your Workplace_? Keep reading to find out!

Makeover of the Workplace Web App in Windows and Mac

In Windows, you will be able to resize the app as big as you wish and even enter full-screen mode in your computer. You could also minimize it as small as you want so it doesn’t take the entire screen if you’re working with multiple applications or browser windows.

In Mac, Workplace will work perfectly with the new OS version, Mojave. The upgrades also fix an issue that previously affected users: the inability to see some virtual graphics products. Developers working on improving this app went above and beyond not only fixing what users weren’t able to see or the app wasn’t able to display, but also enabling Workplace to function on multiple monitors.

Pin Any File or Folder to Your Launch Page

Say goodbye to good ole boring shortcuts! Workplace’s new feature allows users to “star” websites, applications, folders and files that you can now open your favorites directly from the Launch page with just a simple click.

Introducing Workplace’s New Feature: Websites

You will now be able to see all the websites you visit and work with on a daily basis in a section dedicated specially for that! You can “star” (or pin) a website to your Launch page and see the Websites section there, or you can visit the sidebar menu on the left to see all of your featured and frequently visited sites.

Also, you can save websites with or without including login credentials and set up your username and password without depending on a company manager to do so. And let’s not forget about the new neat feature that allows you to share bookmarks and websites with your colleagues, increasing collaboration and team productivity levels.

Find All Your Hosted Apps in One Place Now

Talking about simplifying workflows and increasing productivity, Workplace now has given Citrix (“hosted”) applications their very own section. Click on “Hosted Apps” on the app sidebar and you will find all your hosted applications, or “star” the apps you use the most so they can appear in your Launch page for quick and easy access.

See If You Have Compliance Issues

All apps in the Workplace desktop platform have a new feature that perfectly aligns with the company’s mission of keeping our customers’ data safe and improving security compliance. “Compliance Status”, the last but not least important upgrade in Workplace, is being implemented on both Windows and Mac machines and will check your devices to see how your compliance level compares to the industry’s best practices.

What’s more, if you have compliance issues, recommendations will be made to fix the problem and get you to 100% compliance.

What You Can Do to Upgrade Your Workplace_

The new and improved version of your workplace, Workplace 3.0, will launch on December 12th, 2018. Ask us about the upgrades you need so you and your team can enjoy the latest features, or join an online demo to get a sneak peek of the platform before the launch (and the Holidays)!

Cybersecurity Business

How to Stop a Rogue Employee?

If you have a business, it is very important to take care of your data the best way that you can. This means you have to learn what social engineering is and you have to make sure that you avoid any issues that can appear from it.

Social engineering is a system that allows hackers to gain access to your information by manipulating your employees to offer them access. Social engineering can be detected through a variety of things, such as emotional manipulation, spam emails and so on.

What is a Rogue Employee?

A rogue employee is a typical employees whose seek confidential company information then sell it to hackers and other companies for a profit. While they technically work for you, they promised someone else that they would give them access to your data. However, rouge employees do not generally start out bad. They begin their tenue as happy employees, but overtime, employees go rouge because they find that the company information they carry is very valuable to other companies.

There are many rogue employees out there. Sure, it may not seem like it, but when your data starts leaking and you did not have any outside interference, it is clear that there is a rogue employee in your business.

Why do employees go rogue?

Most rogue employees tend to be like that because they want more money fast. Maybe they do not like their current salary or they are just looking for a quick payday. Things like this are very important to identify early on. If you do not do that, you can end up handling a major issue that will only grow bigger if it is not managed in a meaningful and professional way. Some rogue employees also believe that they can start their own business with the information that they get from you. There are multiple factors to consider, and each one comes with its own relevant stuff.

How can you combat a rogue employee?

First, you need to be very strict when it comes to sharing sensitive data to employees. Give access only to people that are supposed to have that information and make sure they do not share it with anyone else. The social hackers are always attacking you, so you might as well limit access. In addition, using encrypted solutions and security cameras will also help pinpoint any type of intrusions like that. This is why using business technology solutions can be a very good idea. It does wonders if you use such a system wisely, and you might as well want to do that right away.

However, the best way to fight a rouge employee is by having a reliable IT support team constantly monitoring your company activity. Nerds Support’s data protection services keep companies across South Florida secure. Our highly monitored data centers make it possible for our data team to see the activity going on in your servers and to notify you of suspicious activity immediately.

There will always be rogue employees, which is why you need to pay a lot of attention to the employee behavior and other similar factors. As long as you know how and when to tackle and manage all these things, nothing can stand in your way. Of course, it will be a very challenging thing to do. However, it will surely be worth it so you might as well want to do that if possible!

Cyber Security

Five Common Social Engineering Tactics

There is no denying that the internet has become an amazing extension of our world. However, with such new advances that have taken place recently, people can now do more good, or bad, than ever before. Unfortunately, there are people who have chosen to do harm and they are quickly learning how to take over companies through using the internet. These Social Hackers are different from your average hacker. While average hackers tend to take over company information through malware, these hackers are intent on using their charm and investigation skills in order to get company information from employees. These techniques are all part of a bigger company attack that is known as social engineering.

Social engineering is the practice of using company information on the internet and using it to manipulate employees to provide more company information that can be used to fraudulent purposes. In this blog, our Business Technology Solutions team will talk about the five most common practices that social engineers use.

Phishing

The idea here is to obtain information by trying to seem legitimate and creating fake sites that are clones of legitimate sites to retrieve passwords and other personal information. The social hackers use these methods for emails and social media as well. Some social engineers have multiple Facebook and LinkedIn accounts, all of which claim different identities. With these multiple identities, social engineers look through company and employee profiles in order to learn more information about you. They take the information that they know about you and use it to manipulate you into trusting them.

Pretexting

This system works by creating a sense of trust between the victim and the attacker in order to gain access to valuable company information. Social engineering attacks usually start over the phone, after the social engineer usually has found your social media and learned more about you. The social engineer begins to interact with the people on the front lines (such as the receptionist or the sales team). The social engineer uses the information they found online to their advantage. As they talk to the employee, they gain the employee’s trust so they can later use it to get to company information.

Baiting

Baiting is a technique that tricks people into giving company information. The most common way that a social engineer can do this is by creating an email that mirrors a typical company email and asking for something valuable, such as credit card information or a wire transfer. They can also pose as someone from a different company and use regular email phishing techniques to give your computer a virus. With this method, they can access your company information faster.

Quid Pro Quo

This social engineering technique is all about creating a sense that both you and the person contracting you will benefit from your interaction. This social engineering attack allows the hacker to hide under the guise of a company that they could have very easily made up. The social hacker could use their disguise either to ask you for company information directly, or to go inside the building.

Tailgating

Tailgating is the practice of following someone into a protected facility. The social hackers do this so that they may enter a protected facility without needing to show any form of identification. Someone can have more chances of tailgating if they start a conversation with a company employee while they are entering the building. The best way to avoid tailgating altogether is to make sure that company security verifies the identity of everyone who walks into the company facility, with no exceptions.

Protect Your Company With Business IT Support in Miami

The best way to protect your company from social engineers is to educate your employees about keeping company information safe. However, the best way to keep your company safe is to hire a knowledgeable & experienced IT Support team, like Nerds Support. Our IT Support Miami team has made strides in helping companies across South Florida stay secure. If you need any help making your company  safer, feel free to fill out the form here or call us at 305-551-2009.

IT Support Miami

Data Protection 101: Keystroke Loggers

Keystroke Logging is a software that tracks the keys that you type on your keyboard, as you type them. In example, if you were to start typing a document, a keystroke logger would be able to use their own special software to be able to monitor each key you have typed and figure out what you typed.

While this may seem a little shocking to hear, Nerds Support’s experienced business IT support team has been aware of programs like these for quite some time. In fact, hackers that carry keystroke logging programs are called Keyloggers. In the hacking community, Keyloggers have developed Keystroke Logging software that can access any type of computer. Nerds Support’s IT support Miami team would like to advise that this also includes highly monitored business computers.

Who uses Keystroke Logging?

Believe it or not, keystroke logging is an open secret. Even regular business owners, with a good sense of computer knowledge, access keystroke logging software for everyday use. Generally speaking, companies are more commonly use keystroke logging software to monitor their employee’s computer productivity. That means, that as a business owner, you can use this type of software to see what your employees are doing on company computers.

However, there is a community of hackers who would use this keystroke logging software to do some serious harm to your company. Keyloggers disable antivirus software on unsuspecting computers in order to install keystroke logging programs. Often, they use social engineering tactics, such as email phishing, to trick employees into downloading the malware onto company computers. They use their own special software to access company computers and disable the antivirus.

From there, keyloggers can find now configure everything that you type in your keyboard. They can access valuable information that can be used against you. Such data includes:

  • Important email login information
  • Very Important company files on clientele and analytics
  • Super Important company financial information

This information is only a fraction of what a keylogger can access if they were to ever hack your business computer to find company information.

How to Combat Keystroke Logging?

It can be frustrating to fight against keystroke logging software. It might even be hard to prove that such a software is installed in your work computers. But one suggestion to combat keyloggers is that your company have Nerds Support’s Miami IT support data protection team to take care of keyloggers and ensure the safety of your company.

Having a reliable IT Support Miami team has become essential to a company’s survival. That’s why Nerds Support’s data centers are so secure. Your company would have heavily monitored data centers that conduct daily scans on their servers. When a heavily monitored data center conducts their scans, they make sure that their servers are clean and free of any trace of hackers or malware. Such a team would even alert your company of what is happening and remove the threat immediately.

A good business IT support plan should come with the latest firewalls and antiviruses. That would mean that so that business’ protection against malware can be guaranteed. That means you, the business owner, can focus more on your business and maximizing profit. So if you are in need of a great business protection plan, contact Nerds Support & find out how we can help you achieve your business goals!