Should I secure my website ? What is HTTPS ?

HTTPS (Hypertext Transfer Protocol Secure) is an Internet protocol that protects the confidentiality of data between the user’s computer and the website.

HTTPS was originally intended for passwords, payments and other sensitive data but now more websites are securing themselves by moving towards it.

You know you’re connected to a website with HTTPS if the website starts with “https://” and it shows a light green lock icon to the left of the web address.

In the United States, your Internet service provider (ISP) is allowed to snoop on your web browsing history and sell that information to advertisers. A website that moves to HTTPS will prevent the ISP from seeing as much data. They would only be able to see that you’re connecting to a specific website, as opposed to which individual pages you’re looking at.

When connecting to a website with standard HTTP, your browser looks into the IP address that corresponds to the website, makes a connection to that IP address and assumes it’s connected to the correct server. Data is sent over the connection in clear text and that provides an opportunity for your ISP or a government agency.

One of the big problems with HTTP is that there is no way of verifying if you’re connected to the right website. Many cyber attacks take advantage of this and redirect you to a website posing as your bank, for example, and putting you in a situation where you’re likelier to give away your information.

If you’re on an unfamiliar network make sure the web address is correct and that it has HTTPS and the lock icon, otherwise you may be connected to an imposter site.

Data sent using HTTPS is secured through a Transport Layer Security Protocol (TLSP), which provides three layers of protection to a site: encryption, data integrity, and authentication.

Encryption modifies data that’s transferred between the browser and your computer to protect it from eavesdroppers. This means no one can track your activity through the web or steal information.

Data integrity means the data exchanged cannot be modified or corrupted without being detected.

Authentication proves the users of your site are communicating with the correct website and not being redirected to a scam site.

Many browsers are making HTTPS with new, more advanced features that make web pages load faster. Other browsers like Google are actually penalizing websites for using standard HTTP. Google often flags websites that don’t use HTTPS as unsafe in Chrome. Google also prioritizes websites that use HTTPS in Google search results, SEO.

This can prove challenging if you’re looking to gain more traffic to your site or promote a business through your site.

Marketing and IT teams need to work together in implementing HTTPS in their website to remain competitive.

If you move your site from HTTP to HTTPS, Google treats this as a site move with URL changes. This might temporarily affect your traffic numbers but the rewards outweigh the costs.

In the end, the search algorithms will pick this up and your site should rank higher for selected keywords.

Hackers are getting smarter nowadays, and pose as real secure websites to take information from your clients and customers.

HTTPS itself won’t guarantee a site is the real deal. There are phishers who’ve picked up on this trend and know people look for HTTPS as indicators of legitimacy. They might go out of their way to disguise their websites to resemble a secure HTTPS site. Scammers and hackers can also get certificates for their scam sites because in theory they are only prevented from impersonating sites they don’t own.

Through our Managed IT and Business Continuity Plans, we can help guide you in securing your website so your web visitors can access your site safely.

We ensure every customer touch point is safe from hackers and other imposters. Reputation and first impressions are everything in today’s digital age.

Why not impress potential clients with a safe and secure website?

If your website is not secure, why should they trust your business?

Nerd Support can assist in answering all web related questions and ensure your website is secured and operational.

We offer award winning managed it services to financial, logistics, and manufacturing firms and they have seen growth and improved processes after partnering with Nerds Support.

Even if no hiccups were to happen, we can have a business continuity plan in place so you can rest easy if a hiccup happened.

Nerds Support IT Solutions helps prevent cyber hacks and breaches

The Cost of a Security Breach. Is it Always Business As Usual ?

If you own a business, getting your personal or even company information hacked can have dire consequences.

Running a successful business always implies a degree of risk, however, in today’s day and age of rapidly expanding growth of internet based technology, companies are finding themselves encountering a form of risk that often times goes unnoticed: cyber attacks.

The average cost due to damage or theft of IT assets and infrastructure increased from $879,582 in 2016 to $1,027,053 in 2017, states a Ponemon Institute Study. The average cost due to disruption to normal operations increased from $955,429 to $1,207,965.

Even worse than this, according to Inc. 60% of all small business fail within 6 months due to cyber attacks.

According to research by the Varonis Data Labs in 2018, 41 percent of companies have over 1,000 sensitive files open to everyone.

Cyber attackers look for unsecured folders the moment they gain access to a network, as well as folders open to global access groups.  Global access groups include everyone, domain users and authenticated users. This gives them easy access to business plans, customer and employee data, credit card information and much more.

Overexposed data presents a huge risk to businesses of all sizes regardless of the industry or location, but for small and medium size businesses it could mean millions of dollars in losses, reimbursements, and legal fees that end up bankrupting the business.

Any business that strives for innovation is likely to use Internet based, disruptive technologies, which increase the risk of being hacked.

In the Ponemon Institute study, 48% of small and medium sized businesses (SMB’s) report social engineering/phishing were the most common kind of attack present.

54 percent of respondents in the study claimed data breaches occurred due to negligent employees or contractor.

Even assuming an SMB survives a cyber attack financially, the reputational damage would be just as catastrophic.

Security is everything in a business, both internally and to prospective clients. If a company is hacked or breached, and client information exposed, no one will want to take the risk of doing business with your company. The perception that your business is unreliable or even a liability can destroy your credibility and tank your business completely.

In the worst of scenarios, you may not even notice you’ve been breached for weeks or months, at which point recovery will be next to impossible.

One of the reasons so many businesses fail is because they have an inadequate strategy for managing cyber attacks.  SMB’s may have fire walls, anti-virus software, malware protection, and encryption but they don’t plan for the event of an actual breach.

While businesses focus on keeping attackers out, the actual data itself remains accessible and unmonitored.

Businesses are losing more records in a data breach. Companies represented in the Ponemon study lost an average of more than 9,350 individual records as a result of a data breach in 2017, an increase from an average of 5,079 in the 2016.

A business needs a fully redundant system to access their applications and data and regular offline backups stored in multiple onsite and offsite locations.

Nerd Support’s experienced team can guarantee your business is prepared and keep your data secured, so that a breach doesn’t mean failure.

With a business continuity plan that is tailored to your needs your needs, you can get peace of mind knowing your information is safe.

Contact us today for a FREE IT Test!

Find out if your company is next

Call us at 305-551-2009

Learn more about Securing your Business
Download your FREE E-Book
  • We respect your privacy. We'll NEVER sell, rent or share your email address.
Should you get cyber insurance ?

Should I get Cyber Insurance? Is Cyber Insurance worth it ?

Cyber attacks, ransomware and new disruptive technologies are making it difficult for small and medium size businesses to protect their information.

According to a Ponemon Institute study conducted in 2017,  only 21% of companies rated their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective.

Businesses have to adjust to the realities of an ever more expanding digital landscape.

If a company’s information is accessed through a cyber-security breach, it could costs millions of dollars.

The study reported the global average cost of a data breach is $3.86 million. A number that would bankrupt many small and medium sized businesses

If a business or company processes online payments, uses cloud systems or stores company information and customer data it’s best to invest in cyber insurance.

Cyber insurance is designed to help organizations and businesses lessen the risk of exposure to cyber security breaches. The policies cover a variety of liability and property losses that result from a business engaging in various electronic activities, such as selling on the Internet or collecting data within its internal electronic network.

If breached, companies may have to reimburse other companies for expenses relating to the data breach. This includes things like legal counsel, a digital forensics team and notification costs.  

It isn’t just large companies and corporations that are victims to hacking and phishing, small businesses are frequently targeted also.

The Ponemon Institute study also reported that 61 percent of small businesses experienced a cyber attack last year.

And data breaches are only getting bigger.

The average size of breaches, based on the companies surveyed in the study, increased 2.2% every year on average and according to U.S Capital, 60 percent of small businesses go out of business within six months of an attack.

Cyber insurance sometimes referred as cyber liability insurance has become essential in managing risk and mitigating damages caused by cyber attacks.

While looking into cyber insurance, it is important that any business understand how much coverage they need and that they’re taking actions to prevent breaches from happening all together.

Encrypting your information, training staff members on how to identify phishing attempts and installing anit-virus software can dramatically improve a company’s ability to prevent a breach. A cyber insurance provider will also be looking for these as indicators to determine whether a business qualifies for coverage.

USA today reported on a breach that had occurred in 2016 to five sheriff and police departments in Maine. They were all victims of ransomeware attacks. One of the Sheriffs in Lincoln County didn’t want to pay the ransom but gave in after two days because of the huge risk losing their data would pose.

Not every business needs millions of dollars of coverage, however, and for those who don’t usually access sensitive data, the cost can outweigh the risks.

Cyber Liability insurance can be tailored to meet the specific needs of a company and offers a variety of benefits that include: Data Breach Coverage, Business Interruption Loss Reimbursement, Forensic Support, Legal support and more.

By having a trusted IT Partner, you can both develop a business continuity plan that can handle all disasters.

By having a disaster plan and a data protection plan you can rest easy knowing your information is safe.

When choosing a Managed IT Service provider be sure to ask if they have cyber insurance and a disaster plan in place that meets your specific needs.

With Nerds Support, you have peace of mind knowing that your information is safe from hackers.

We do the worrying for you so you can focus on growing your business and team.

Our clients have never been hacked.

Be a happy client knowing your information is safely stored.

Contact us today for your free IT Cyber Audit!

Find out if your company is next for hackers!

305-551-2009

A hacker is hacking a computer and Nerd Support IT Security is stopping the hack

7 Tips to Prevent a Cyber Hack for Small and Medium Sized Businesses

Every day there’s a hacker hacking a company. The news is flooded with new victims every day.  Most of us turn a blind eye until it happens to us.

Many leading companies from all over the world were affected by the Wipro data breach.

Even the most loved, trusted, and popular companies in the U.S. have been hacked. Renown and loved Arizona Beverage Company, to large Fortune 500 financial firms have become victims of cyber-attacks.  Every company big or small, no matter the industry is at risk. From e-commerce, retailers, healthcare manufacturing, financial, and Managed Service Providers.

What does that mean for small and medium sized businesses? If large, Fortune 100 companies are being hacked and data is being breached. How can my business survive?

Some businesses cannot survive the reputational risk of being hacked at any level. The productivity time lost, the employee moral plummets, possible litigation issues, lost revenue and the most valuable asset lost – clients’ trust.  

Luckily, there are steps that small and medium sized businesses can take when it comes to cybersecurity.

  1. Employee training – Most cyber hacks happen because of phishing. Basically a fancy word for an imposter. In Miami, unfortunately, these types of scams are the norm. A solution to this is quarterly or bi-annually mandatory IT Security presentations and assessments. Let’s be honest most employees find this boring and tedious but it needs to be done. Better late than sorry.
  2. Tip – Incentive employees and set a deadline to complete this assessment. Make clear that this is mandatory.
  3. Two Factor Authentication and routine password changes – We recommend password changes every 30 days with specific requirements. Social engineering is a real problem.
  4. Look out for common phishing signs such as :
    • Grammatical errors, ex. AIIG vs AIG
    • Being asked to disclose personal or confidential email
    • Unknown company or sender
    • Too good to be true, FREE Services / Products 
    • Check the URL 
    • Sometimes the sender is someone that you know! Check, Check the URL 
  5. Social Media – Yes, social media. Hackers use this to try and guess your password. Example – Most people use their birthday, anniversary, or important events in their password. This is how a lot of celebrities get hacked.
  6. Record your phone calls – Sometimes a hacker might call and disguise as an IT tech, colleague, or partner to gather information and target the company. By recording the call you can refer back to the original target.
  7. Partner with the right Managed IT firm – Ask questions, do your due diligence. A trusted Managed IT provider should provide references, recommendations and truly understand your needs. Try partnering with a partner that has experience in your industry and has good referrals. We encourage our prospective clients to visit current clients.

Some questions to ask include :

  • What verticals are you experts on ?
  • Are your engineers certified? What certifications do they have ?
  • How long have you been in business ? And do you use what you sell ?
  • What is the SLA ? How do you honor it ?
  • Can we speak to current clients ?

The old saying is true…. You get what you pay for. When it comes to IT Services, oftentimes, the cheaper route is not the answer. Investing in the right team is imperative. One hack and your company can be out of business and never recover. According to the Florida SBDC, the cost of a cyber attack is over 20k for a small business and about 63% have already been hacked. 

 

With Nerds Support, you get a team full of Microsoft certified engineers that have gone through a vigorous hiring process. We have the procedures in place so you never have to worry about a cyber-hack or data breach. We do the worrying for you.

We truly care about helping small and medium sized businesses with their IT needs.  As your Miami IT Services partner, we will secure your information and act as your very own IT team.

You deserve the best team there is. Leave it to Nerds Supports to help you increase productivity, secure your information and handle all IT hiccups.

Schedule your free IT assessment. Hurry, slots are limited.

Contact us today at 305-551-2009