Posts

A data breach could cost your business everything if you don't have the correct remote cyber security measures in place.

The Cost of a Security Breach: Is it Always Business As Usual?

What is the Cost of a Cyber Breach?

A hacker stealing your information is a bad situation. However, a hacker stealing your business’s information might be worse.

Running a successful business always implies a degree of risk. However, in today’s day and age, companies are finding themselves encountering a form of risk that often goes unnoticed: cyber attacks.

If a cyber criminal launches a cyber attack on your business the damage could be irreparable.

Think about it. A cyber attack leads to a huge loss of profit and productivity but thousands of dollars in fees. Not to mention the loss of business that follows.

The average cost from damage or theft of IT assets and infrastructure increased from $879,582 in 2016 to $1,027,053 in 2017.  The average cost due to disruption to normal operations increased from $955,429 to $1,207,965.

Even worse than this, according to Inc. 60% of all small business fail within 6 months due to cyber attacks.

41 percent of companies have over 1,000 sensitive files open to everyone, according to research by the Varonis Data Labs.

How Do Cyber Attacks Work?

Cyber attackers look for unsecured folders the moment they gain access to a network. Why? Because folders open to global access groups.  Global access groups include everyone, domain users and authenticated users. This gives them easy access to business plans, customer and employee data, credit card information and much more.

Overexposed data presents a huge risk to businesses of all sizes regardless of the industry or location. For small and medium size businesses, however, it could mean millions of dollars in losses, reimbursements, and legal fees that end up bankrupting the business.

Small businesses are often targets of cyber crime, yet invest less than $500 in cyber security.

What Are The Most Common Types of Attacks?

 

In the Ponemon study, 48 percent of small and medium sized businesses (SMB’s) report social engineering/phishing were the most common kind of attack.

54 percent of respondents in the study claimed data breaches occurred due to negligent employees or contractor.

Cyber Attacks in Remote Work

Phishing attacks:

Phishing is considered the top cause of data breaches. Hackers send apparently legitimate emails with dangerous links or attached documents. When a target clicks on the link or opens the attachment, a hacker gains access to their device. The link will contain malware or ransomware that corrupts and freezes important data.

Employees might work on personal devices which might not have the same protections as a company owned computer. As a result, the personal device might be more vulnerable to malware and other viruses. Make sure you use a company issued device whenever possible. Not just for the sake of the company, but for the sake of the remote employee as well. No one benefits when a device is breached.

Insecure Passwords:

53 percent of people rely on memory to keep track of their passwords. Therefore, they choose passwords that are easy to remember.  That makes it easy for a hacker to decipher an employees password by simply going through social media. It allows hackers to even access various accounts if the employee is using the same password.

Wi-Fi Security in a Remote environment: 

In an office environment, IT departments can protect employees and control network security. In a remote environment, however, employees probably don’t have the same protections. Hackers exploit networks with WEP security protections rather than WPA2, for example.  WEP settings are the standard Wi-Fi protection for average users.Even inexperienced hackers can download tools that allow them to break through this type of network.

Remote workers don’t realize how insecure they are until something happens. All remote employees need to consider what type of network they have at home before accessing company data. Using a VPN (virtual private network) also helps in protecting against certain types of attacks on remote workers.

During the lock-down period in 2020, there were record spikes in cyber attacks on remote workers. Hackers leverage remote workers’ devices to gain access to systems that would otherwise be more secure.

The Damage You Don’t See

Even assuming an SMB survives a cyber attack financially, the reputational damage would be just as catastrophic.

Security is everything in a business, both internally and to prospective clients. If a cybercriminal hacks your business, exposing your data, no one will want to take the risk of doing business with your company. The perception that your business is unreliable or even a liability can destroy your credibility and tank your business completely.

In the worst of scenarios, you may not even notice you’ve been breached for weeks or months, at which point recovery will be next to impossible.

One of the reasons so many businesses fail is because they have an inadequate strategy for managing cyber attacks.  SMB’s may have fire walls, anti-virus software, malware protection, and encryption but they don’t plan for the event of an actual breach.

While businesses focus on keeping attackers out, the actual data itself remains accessible and vulnerable to attack.

Businesses are losing more records in a data breach. Companies represented in the Ponemon study lost an average of more than 9,350 individual records as a result of a data breach in 2017, an increase from an average of 5,079 in the 2016.

A business needs a fully redundant system to access their applications and data and regular offline backups stored in multiple onsite and offsite locations.

Nerd Support’s experienced team can guarantee a secure business and keep your data safe. A breach doesn’t have to mean failure.

With a business continuity plan that is tailored to your needs your needs, you can get peace of mind knowing your information is safe.

Contact us today for a FREE IT Test! Or call us at 305-551-2009.

Nerds Support Contact Us Leaderboard

A team working on a an IT solution project

Three Easy Ways to Improve your Security

Cloud-based storage and computing lets you stop worrying about IT and focus on doing running your business. It’s also, as we’re about to see, far more secure than traditional servers and storage.

Even now, more companies are depending on the benefits of cloud tech for remote work. Managed IT services are becoming the solution for Small and Medium sized business but why?

Furthermore, there are many big name companies that have found success by migrating to the cloud.

If you’re a smart business owner, you’ll see the writing on the wall. Cloud technology is essential for businesses’ success.

So without further ado, here are three ways to take advantage of cloud security:

1. Move your files to the cloud

Cloud file sharing and storage saves you from disaster. Say bye to lost attachments, file size limits and unsecure collaboration. More importantly, it puts the security of your files in the heavily-protected server room of an IT partner or technology provider – so you have a far safer back-up of all your files as well. It’s the easiest of all the cloud security steps and it dramatically improves your security overnight.

Security

Business owners use the cloud because the data stored on it is safe. Why is it safe? Because data stored on the cloud is distributed through redundant servers and never stored in just one place. Meaning, hardware failure of any kind becomes a non-issue.

If there is damage to your hardware due to a flood, storm or any other reason, your information remains secure.If a company like Cisco is vulnerable to a power outage chances are you are too.

Cloud servers also have automatic backups and multi-factored authentication to prevent data loss or theft.

This is especially helpful if your company has valuable or sensitive data. Security features on the cloud help protect against social engineering techniques like email scams. However,  there are also safe practices when emailing that can help mitigate threats.

Cost Savings

Annual operation costs drop significantly when using the cloud. Rather than pay for Internal IT software, everything is stored online or in a private server. Separate storage becomes unnecessary and so does much of your hardware and software costs.

Easy Sharing

If you’ve ever used Google Docs or Dropbox, you’re probably familiar with file sharing. File sharing is function of the cloud. A cloud environment facilitates remote work, communication and increased productivity as a result.

CIA uses the cloud for their most sensitive data and workloads

2. Move your applications to the cloud

Save over $30,000 a year by switching to the cloud per application

You probably already use cloud apps too. Facebook, Gmail, Slack or Office365 are all examples of cloud tech. However, you can also put your most important on-site apps, the ones stored on your computer, on the cloud. Application virtualization transforms any non-cloud app into a cloud-based app, easy, so your users  can access it from any device. 

Examples include :

1 . Quickbooks

2. Descartes

3. Thomas Reuter

For example, Nerds Support is a Quickbooks hosting provider. Which means businesses looking to adopt Quickbooks application services through us. Cloud based applications like Quickbooks are the best options for businesses that need to work remotely. Quickbooks hosting for remote work is a popular option among medium and small business for its accessibility.

Those times that you leave your laptop at home and have to rush back to pick it up before your 10 am meeting are gone. You can access that Excel and Powerpoint presentation in an instant.

Automation & Backups 

Creating data backups is among the biggest issues businesses face. Between dealing with complex client data, customer service, and business operations, it’s hard to remember to back up files and valuable information. This makes you vulnerable to data loss. With cloud storage, data backups are automated and routinely performed to prevent data loss or correct data mistakes that may arise. 

Data backups are good for medium and small businesses for many reasons. They also prevent ransomware attacks like the ones that plagued New Orleans in 2019.

3. Move your desktops to the cloud

Managing many PCs is a lot of work and can lead to many unsecure devices. Simply because businesses don’t have good data management practices. Your users can work on any device, any browser, anytime. And if they leave their laptop in an Uber, the airport, or at home, no problem.

Contact us today to start migrating your apps to the cloud. 

Outsourcing your tech responsibilities creates opportunities to scale and grow your business. But also consider what kind of cloud provider you’re trusting with your operation? You also need to establish a cloud migration plan. 

Nerds Support has over 17 years of experience, working with small and medium sized businesses in IT Cloud Solutions.

Nerds Support Contact Us Leaderboard

How to Protect Your Small or Medium Sized Business from Cyber Attacks

7 Tips to Prevent a Cyber Hack for Small and Medium Sized Businesses

Cyber Attacks Happen Every Day 

Every day there’s a cybercriminal hacking a company. The news is flooded with new victims. Most people turn a blind eye until it happens to them.

Unfortunately, hackers target all types of businesses whether they be big or small. Why? Data is always useful. A mildly knowledgeable hacker can sell any information they obtain to organizations or individuals on the dark web for a good price.

Many leading companies from all over the world were affected by the Wipro data breach, for example.

Even the most loved, trusted, and popular companies in the U.S. have been hacked. From renowned Arizona Beverage Company, to large Fortune 500 financial firms have become victims of cyber-attacks.

Furthermore, every company, no matter the industry, is at risk. From e-commerce, retailers, healthcare manufacturing, financial services, and managed service providers.

Then again, what does that mean for small and medium sized businesses?  How can my business survive?

Some businesses cannot survive the risk of being hacked at any level. The productivity time lost, the employee morale plummets, possible litigation issues, lost revenue and the most valuable asset loss – clients’ trust. Luckily, there are steps that small and medium sized businesses can take when it comes to cyber-security.


1. Employee training 

Most cyber hacks happen because of phishing. Basically a fancy word for an impostor. In Miami, unfortunately, these types of scams are the norm.

One solution is quarterly or biannual IT Security presentations and assessments. Let’s be honest, most employees find this boring but it needs to be done. Better late than never.

2. Evaluate your current cyber security

Taking stock of the current state of your cyber security is imperative. Knowing where your company stands is the best way of knowing what’s lacking.


3. Set Deadlines and Objectives 

Incentivize employees and set a deadline to complete this assessment. Make clear that this is mandatory.


4. Two Factor Authentication and routine password changes 

We recommend password changes every 30 days with specific requirements. If not you could be exposed to various forms of  Social engineering .


5. Look out for common phishing signs such as :


• Grammatical errors, ex. AIIG vs AIG
• Being asked to disclose personal or confidential email
• Unknown company or sender
• Too good to be true, FREE Services / Products
• Check the URL
• Sometimes the sender is someone that you know! Check, Check the URL


6. Updating Software

The software used by your company should be the most recent version. The older the applications, the more susceptible they are to attacks like zero-day vulnerability. A zero-day vulnerability is essentially a flaw in the software or hardware that creates problems before anyone realizes it.

These attacks on zero-day vulnerabilities can lead to stolen information, breached networks and cause serious damage. However, managed IT services companies like Nerds Support automatically install new updates on all hosted apps. This is done to avoid vulnerabilities that arise from neglecting updates. Network security hacks can take a toll on a business and, in the worst of cases, ruin it completely.

7. Be Careful on Social Media 

Yes, social media. Hackers use this to try and guess your password. Example – Most people use their birthday, anniversary, or important events in their password. This is how a lot of celebrities get hacked.

8. Monitoring Systems at all times

A cyber attacker can come from anywhere. A cyber-attack can happen anytime. There is security software available that alerts you to any suspicious activity. Managed service providers assist in delivering additional support in the form of security analysis. This helps track data that indicates an attack is underway. They can also monitor and track around the clock.

9. Record your phone calls 

Sometimes a hacker might call and disguise as an IT tech, colleague, or partner to gather information and target the company. By recording the call you can refer back to the original target. Using a managed IT Services provider, we will secure your information and act as your very own IT team.


10. Partner with the right Managed IT firm 

Ask questions, do your due diligence. A trusted managed IT services provider  should provide references, recommendations and truly understand your needs. Try partnering with a partner that has experience in your industry and has good referrals. We encourage our prospective clients to visit current clients.
Some questions to ask include:


What verticals are you experts on?


• Are your engineers certified? What certifications do they have?


• How long have you been in business ? And do you use what you sell ?


• What is the SLA ? How do you honor it ?


• Can we speak to current clients ?

Make IT a Priority 

Identifying basic security threats is the first initiative when dealing with cyber-attacks. Taking care of your systems is much the same as taking care of your body, it’s mostly about preventing than treating. All businesses regardless of size have sensitive data they acquire from clients, vendors, employees etc. The unfortunate reality is not many businesses take cyber threats seriously.

Wanting to focus on core business goals is natural but doing so at the expense of your business’s security can be negligent. There is a cyber-attack every 39 seconds, according to a Clarke school study at the University of Virginia.

Cybercrime Will Increase Within Five Years 

In the next five years the world will see a rise in cyber-crime. It may become the greatest threat not only to businesses, but to individuals also. Technology will continue to advance, grow, spread and become commonplace. As it takes on a greater role in the way we interact with one another on both a micro and macro scale, there will also be those trying to exploit its weaknesses for profit or benefit

Instead of lamenting the death of the old days, embrace this new reality. Invest in technologies, technology, training and education to get ahead of the curb.

Every generation has its innovators and its criminals. If you cannot stop progress you must learn to thrive in it.

Cyber Attack Statistics

The Cheapest Option for IT is not always the Best

The old saying is true…. You get what you pay for. When it comes to IT Services, oftentimes, the cheaper route is not the answer. Investing in the right team is imperative. One hack and your company can be out of business and never recover. As reported by CNBC , the cost of a cyber-attack is over 20k for a small business and about 63 percent have already been hacked.

With Nerds Support, you get a team full of Microsoft certified engineers that have gone through a vigorous hiring process. We have the procedures in place so you never have to worry about a cyber-hack or data breach, which means Nerd Support does the worrying for you.

Helping small and medium sized businesses with their IT needs is our purpose. As your Miami IT Services partner, we will secure your information and act as your very own IT team.

You deserve the best team there is. Leave it to Nerds Supports to help you increase productivity, secure your information and handle all IT hiccups.

Nerds Support Contact Us Leaderboard

Hacker trying to hack a website

How to Stop a Rogue Employee?

If you have a business, it is very important to take care of your data the best way that you can. This means you have to learn what social engineering is and you have to make sure that you avoid any issues that can appear from it.

Social engineering is a system that allows hackers to gain access to your information by manipulating your employees to offer them access. Social engineering can be detected through a variety of things, such as emotional manipulation, spam emails and so on.

What is a Rogue Employee?

A rogue employee is a typical employees whose seek confidential company information then sell it to hackers and other companies for a profit. While they technically work for you, they promised someone else that they would give them access to your data. However, rouge employees do not generally start out bad. They begin their tenue as happy employees, but overtime, employees go rouge because they find that the company information they carry is very valuable to other companies.

There are many rogue employees out there. Sure, it may not seem like it, but when your data starts leaking and you did not have any outside interference, it is clear that there is a rogue employee in your business.

Why do employees go rogue?

Most rogue employees tend to be like that because they want more money fast. Maybe they do not like their current salary or they are just looking for a quick payday. Things like this are very important to identify early on. If you do not do that, you can end up handling a major issue that will only grow bigger if it is not managed in a meaningful and professional way. Some rogue employees also believe that they can start their own business with the information that they get from you. There are multiple factors to consider, and each one comes with its own relevant stuff.

How can you combat a rogue employee?

First, you need to be very strict when it comes to sharing sensitive data to employees. Give access only to people that are supposed to have that information and make sure they do not share it with anyone else. The social hackers are always attacking you, so you might as well limit access. In addition, using encrypted solutions and security cameras will also help pinpoint any type of intrusions like that. This is why using business technology solutions can be a very good idea. It does wonders if you use such a system wisely, and you might as well want to do that right away.

However, the best way to fight a rouge employee is by having a reliable IT support team constantly monitoring your company activity. Nerds Support’s data protection services keep companies across South Florida secure. Our highly monitored data centers make it possible for our data team to see the activity going on in your servers and to notify you of suspicious activity immediately.

There will always be rogue employees, which is why you need to pay a lot of attention to the employee behavior and other similar factors. As long as you know how and when to tackle and manage all these things, nothing can stand in your way. Of course, it will be a very challenging thing to do. However, it will surely be worth it so you might as well want to do that if possible!