Posts

Working Remotely During the Holidays

Cyber Security Tips for Working Remotely During the Holidays

Whether we’re new to working remotely or veterans, whether we’re addicted to our jobs or unwilling slaves to our work, most of us don’t know the risks involved with this practice when we’re traveling and connecting to work computers and accounts via unsecured networks and personal devices.

Because most companies deal with sensitive information, they limit the access to their own computer networks and platforms to minimize threats like phishing, malware (viruses, worms, spyware, ransomware, etc.), Man in the Middle and DDoS attacks, and even computer theft!

You might think your organization’s CIO or CTO is a bit paranoid for treating you and other employees like security threats, but you’d be surprised to know that this is not far-fetched. In fact, it is likely that if a data breach or cyberattack happen during the holidays, you or a low-tier coworker might be partly responsible even if you’re unaware as to how this could happen.

According to the CEO of Nerds Support, Scott Richman, all businesses should have a relationship with a professional, established IT firm. “What we’re finding is that most of them do have relationships with IT personnel but are not educating them about the risk that remote users pose”, confessed Scott.

Implementing just a few of these practices will make the IT team at your company respect you a little bit more. So, here are some tips on how to work remotely the right way, in complete compliance with cyber security preventative practices.

Secure All Your Devices

This might be a tedious and time-consuming task, but it’s something that is absolutely necessary to prevent hackers from gaining the upper-hand! Below, you’ll find advice on what you could do to limit access to personal data in your device.

  • Enable 2FA: To enable two-factor authentication, we might need to access both or personal and work accounts and follow the instructions that each platform provides. You could also use an authenticator app (like Authy, Duo Mobile, or Google Authenticator).
  • Enable Remote Wipe: To set up remote wipe on your Android, Apple or Windows mobile device, first you’ve got to go to Settings, turn on the Find My Phone feature, and then active the erase device command in your phone.
  • Encrypt your Hard Drive: In Mac, you just need to turn on the FileVault, and in PC, turn on BitLocker.

Scott says the biggest problem the NS team finds is that there is no process in place. Sometimes, when users remote-wipe their work device, it’s already too late because too much time has passed. That’s the benefit of working with an IT team: they have emergency security protocols in case these things happen and will act fast to minimize the threat.

Connect to the Internet Safely

Avoid public Wi-Fi/hotspots and use a VPN service if you absolutely need to connect from an unsecured network and get some work done ASAP. If you have the budget, you could also purchase your own mobile router and configure the network’s settings, or you could enable your personal mobile hotspot with your cellphone wireless provider (most big telecommunications companies can enable this feature on smartphones).

Communicate Securely

One thing that will help avoid data leaks is using secure videoconferencing and messaging apps, like Signal and WhatsApp. Here’s another practical tip: if you deal with company trade secrets or sensitive data, avoid talking about work in public spaces (remember: IRL there’s no such thing as a “cone of silence”, and people WILL be listening regardless they want to or not).

According to Scott, company communication should not be discussed in a public marketplace where anyone could misappropriate the intellectual property of your business. This happens to entrepreneurs often. They let their guard down while discussing their start-up ideas with their prospective clients over delicious coffee, and just like that, their new business concept has been stolen.

Use Productivity/Team Collaboration Apps Setting Up User Permissions

Your boss might ask you to use time tracking or task management apps, or to be “online” at all times so he/she can know if you’re actually working. However, you must know something: even though these tools maximize productivity, they could be detrimental for your company’s security.

Don’t assume these platforms are completely safe, as that would be a big mistake! It’s important that you keep high-security standards when using collaboration apps. That way, you will avoid revealing sensitive company and client data to malicious hackers.

Take a look at the security settings of the apps you’re using for team collaboration and project management and take the time to make your account harder to get into. Also, Scott recommends to validate any product that you use online. Check if they’re compliant with the latest security practices, and that they maintain their software and patch the bugs regularly.

Safely Access Your Work Email

Only send emails to co-workers who have company email addresses. For example, if your company is using G-Suite, don’t send personal or work emails from that G-Suite account to people outside the company network.

One of the biggest cyber security threats right now is phishing, as the techniques and methods have gotten more and more sophisticated with the years. Malicious emails are now more realistic than ever.

Scott especially warms about the dangers of phishing and spearfishing. “You’ve got to make sure that the person who’s emailing you is who they say they are. Any invoices you receive, claims of donations, or any prompts to reset the password to your bank account are all red flags, and you could be sending your personal and banking information to a hacker who could end up being able to access your governmental and financial records.”

Promote Remote Work Best Practices, Ensure Compliance!

Remember, promoting cyber security practices and cyber threat awareness is the best strategy to prevent embarrassing situations like data leaks. Train your employees, vendors and contractors on cyber security best practices, which include using strong passwords and password managers, turning off social logins (via Facebook and Twitter), set up or strengthen the spam filter on both your personal and work email, installing anti-malware software, and setting up a secure browser like Chrome with extensions like HTTPS Everywhere, Password Alert and uBlock Origin.

Also, remind your fellow employees with access to sensitive/valuable data to enforce these security measures, so everyone in your team can be safe from cybernetic threats.

Additional Remote Working Tips for the Holidays

Santa is making a list and checking it twice, and so are hackers. Don’t forget that. Just remember these tips, and never, EVER use personal, unmonitored devices to connect to company websites or access company data!

Scott’s final recommendation, said in a joking manner, is that if you don’t feel like you have any security measures in place as a remote worker, then just quit the Internet altogether. “It’s truly the only way you’ll be 100% safe from online threats”, said Scott while laughing.

If you must or need to work remotely and want to do it the right way, talk to us. We’ll help you set up a secure remote work environment (a “Workplace”, if you will) so you can safely access your work apps, files and website accounts, no matter where you are!

Want to know how your cyber security knowledge as a remote worker stacks up? Take this quiz!
Remote Worker Cyber Security Test

Cyber Security

Is Your Miami Business Vulnerable to Cyber Security Risks?

Technological advancement has not only brought a drastic change in the regular operations of any Miami organization but it has also exposed it to cyber-attacks. Through attacks like spear phishing via Email and hacking of network, it has the capability from affecting the business of any company to exposing top secret data of any company.

Some of the cyber security vulnerabilities for your Miami business are:

No Cyber Security Policy: Cyber-attacks have increased exponentially in the recent years capable of affecting each and every company out there. Not having a proper well documented cyber security policy and not involving employees in it can expose your organization to massive financial repercussions in case of a security breach.

Sensitive Data Exposure: In most cases, this is what cyber mafias look out for. They try to hack your system network to steal, damage or modify sensitive data like company policies and user information that has the potential to shake up and halt your business proceedings.

Security Mis-configuration: Clumsy mistakes by users or employees can expose cyber security for hacking. When employees or users use default passwords, run outdated or unnecessary applications then these become an easy target for even low-level hackers.

Weak Authentication: Broken authentication is one of the most common cyber security vulnerability. When encrypted data are exchanged online say, by logging in, then that data is vulnerable to theft. In most cases, hackers target weak areas in authentication and session management which occur between any two systems for exchange of package. If data is encrypted poorly, hackers using techniques like Man-in-the-Middle can intercept and decipher any data sent by a user.

Aging infrastructure: Having outdated hardware can expose your system to cyber-attacks since it may be incapable to install latest security patches for the software in it. Using obsolete software which requires older versions of plug-ins can also make your system network vulnerable to cyber-attacks.

Though strengthening the defense system of your organization against cyber-attacks in a short span of time may not be viable but prioritizing the cyber issue and investing on it is a must. Its long-term benefits are immense.

Data Security

7 Signs You Need To Invest In Data Security in Miami

Hacking or data getting stolen has become a major problem for Miami businesses. Customers are losing trust on companies whose data are regularly getting stolen by hackers. In fact, customers trust only those companies or business who they know can store their personal data in a secure way. In fact, a study by Ponemon Institute on 674 IT professionals across USA and UK revealed that there is a serious lack of investment and awareness about how to respond in case of hacking from senior management. Let’s have a glance at a few signs that you must invest in Miami data security.

Help Desk team is only dealing with password resets: In an organization, only a fraction of the total employees makes the help desk team. If most of the time they are only dealing with password resets and not dealing with other security issues then they are at risk to fall into the trap of hacker’s social engineering plan. Having a password reset program which works automatically enhances security and bring down the burden on Help Desk employees.

Lack of 2 or more authentication step: Companies’ data are at higher risk if your data can be accessed by only putting a password. To prevent passwords from being stolen or guessed, it’s important to have two or more verification steps before one can access the stored data.

Employees are not trained to deal with security breaches: Phishing is the most popular way by which hackers get access to the companies’ data. This can be prevented by making your employees cyber-responsible by doing awareness campaign and training them.

Obsolete infrastructure: If your company’s electronic devices are old and not upgraded from time to time then your company is at great risk of security breaches. So it is imperative to update your infrastructure and you must be aware of the number of times the device you are buying can be updated.

Success of your business depends on the data stored in your system: In this sort of cases, it’s a must to store the critical data of your business safely. The systems that access those data can never be down. You must invest in the security system and backup facilities so that your business is not hampered due to data loss or system failure. Healthcare and credit card related data are stored by your company.

Healthcare and credit card related data are stored by your company: When your company is dealing with these sort of sensitive personal information of common people then it’s a must that your system meets all the compliance related security requirements to avoid fines and embarrassment.

Company security system has been hacked in the past: If the data stored by your company has already been stolen once then it clearly indicates that something was missing in your security arrangement. If you want to avoid further embarrassment, it’s significant to invest in data security.

Cybercrime is the second most reported economic crime faced by the world and all most one out of three businesses fell victim to cyber crime in 2016. So, it’s important to make your business digitally secure by investing in tools and processes that prevent the data breach. Businesses having their data secured are the ones who are blossoming in today’s world.

Cyber Security

What’s in Store for Miami Cyber Security in 2017

As 2017 is here, many experts have made cyber security predictions for this year. It’s no secret that cybercrime has become the part a growing list of concerns for Miami business owners. We have noticed that cyber security repeatedly hit the headlines with many high-profile attacks last year. In 2017, viruses, ransomware and foreign cyber-attacks were three primary concerns for businesses. Let’s discuss the threats and trends that are expected to look up this year.

Malware

Experts believe that malware sophistication will continue to evolve and more customized attack tools will emerge. Mobile malware is expected to increase in sophistication and volume.

Ransomware in Miami

Ransomware attacks are increasing at a great place. Experts have predicted that it will continue to remain a vital threat to business owners in Miami and in the rest of the world in 2017. Prevention is the best solution for ransomware attack. Over 80% of risk can be eliminated by considering the security measures. Nerds Support’s Business IT Support is ready to combat ransomware at any time.

Ghostware

Also, Experts predict that ghostware will continue to haunt Miami business owners in 2017. Investigators get valuable information about detection and digital forensics on post-attack data. In which case, it’s always nice to have a good IT Support Miami team to look after you.

Internet of Things (IoT)

Actually, IoT is developing at a high pace and so are the threats. With the ease of access to greater networks of connected devices, attackers are more likely to gather huge botnets. As more and more devices become connected, it’s becoming challenging to avoid the security risks associated with IoT, so this area dominates cyber security predictions for this year.

However, 2017 is a good year for fighting cyber threats. Unfortunately, things are getting worst with time. Dedicated cyber security professionals can help secure infrastructures and prevent cybercrimes. Contact Nerds Support today for excellent cyber security solutions!

Trojans

The Rise of Android Trojan & Why it Matters in Miami

Android is surely leading the way and continue to soar with the highest adoption rate for android rate based mobile devices in the world. As per a research firm, Strategy Analysis found that more than 200 million of smartphone shipped in 2013-14 were Android based. This humongous customer base is ever rising since the discovery of android operating system. However, this massive user buyer has surely caught up the attention of infamous cyber criminals, who have kept eye on illegally obtaining personal information of phone owners.

If one go by online statistics, in 2016, malicious installation packages infected more than 8 million smartphone users. Unfortunately, the statistics have not dropped instead have increased because of the operating system. Geographically speaking, the nations with the highest number of Trojans and malware attacks were Bangladesh, Nepal, Indonesia, China, and Iran.

The biggest malware threat to Miami business owners of 2016 was Trojans. Trojans is a type of virus that allows the cybercriminals to; secretly install the unwanted applications, advertisements and other events on the infected device. The biggest problem with Trojans is that it attacks vulnerable android smartphones patched in the newer versions. As most of the user’s don’t feel the need to update their system or applications, making them susceptible to Trojans and other malware threats.

As the malware installs the module directly in the system directory, it makes difficult to provide a remedy for the situation. There are some Trojans, like, Backdoor.AndroidOS.Triada, which even allows the hackers to alter text messages sent by other applications and steal the money from the android smartphone owner. Normally, hackers demand more than $200 to unlock or amend a device, infected by Trojan-Ransom.AndroidOS.Fusob and Trojan-Ransom.AndroidOS.Congur.

Many feel that having a malware or Trojan is not the crisis; however, if you do not pay attention to the problem at right time, you may even end up shedding money twice as your thought to be. There are more than 50 applications infected by Trojan.AndroidOS.Ztorg.am, a new modification of Trojan.AndroidOS.Ztorg.ad. One needs to be technically aware of the type of Trojans and ways to avoid malware activities on the smartphone.

The best way to avoid Trojans and malware on your Miami business phone is when downloading any application stick to the legitimate app store like, google play, amazon app store or Samsung app store. Nevertheless, while downloading be aware of suspicious applications with bad reviews or odd permissions. Always download applications from authorized developers. One can go to security in phone settings and enable ‘verify apps’ option to let the phone use malware detecting software automatically. This feature is available on all smartphones and considered as the best way to avoid Trojans by developers.

Furthermore, always check for any software update available on your phone to keep your applications and smartphone up-to-date and check for any bug fixes or software improvements. Not surprisingly, however, clever Trojans-makers can be, there is always a way out, which is being aware and alert of any suspicious activity on your android smartphone. Therefore, apply caution and entertainment in equal measure. Visit here to learn more about our cyber security solutions!