619-819-5508

[email protected]

IT Connect 360 Logo for MSP Manager
Protecting against Identity Theft amidst Industry-wide Breaches

Protecting against Identity Theft amidst Industry-wide Breaches

by | May 12, 2021

According to the Federal Trade Commission (FTC), identity theft ranks highly amongst the most common consumer fraud incidents filed with both the FTC and law enforcement.  Moreover, during last year’s 2020 pandemic, identity theft skyrocketed to 1.4 million cases – that’s upwards of double the incidents from 2019 AND more than triple the cases from 2018!

Because malicious parties often exploit strategies for obtaining personal data, it is best practice to develop good habits that will stem the tide of identity theft.  Here are the key recommendations to help halt the rise of identity theft:

Stay alert at all times.  Monitor all your accounts and keep close tabs on what is important to you, especially sensitive information.  Remember, cyber threats are always evolving.

Alter your passwords every 60 days or sooner.  Once hackers discover your passwords, they can access your personal accounts – your email, social media channels, bank accounts, even more.  To prevent the compromise of your password, change it often to be on the safe side.  Also make your new password unique, hard to guess, and thus not too closely similar to any other passwords you have, past or present.

Always update your anti-virus software.  New viruses crop up all the time, and malware are always getting more sophisticated.  Hence, constantly updating your anti-virus software minimizes any risks that your devices  will be targeted by, say, hackers.

On social media, always protect your privacy.  Safeguard your personal data on social media.  Put simply, do not share every detail of your life – because your personal information (your birthday, Social Security number, address, mother’s maiden name, your pets’ names) can be exploited.  Additionally, set the bar on your privacy settings at the highest levels, if possible. 

Only use secure Wi-Fi.  Free Wi-Fi might seem advantageous, but, in truth, it is not.  In fact, never use free Wi-Fi locations when accessing your bank account nor when viewing your online banking statements.  Public Wi-Fi might be free, but it is hardly ever secure, given that it is an open network that can be easily accessed, especially by malicious parties.  Instead, wait until you have returned home and are within the safety of your home network to visit your bank’s website and view your bank account.

Secure your mobile phone and devices.  First, lock your devices.  Likewise consider two-factor authentication by leveraging passcodes, fingerprint scans, and other biometrics.  Have a Bluetooth?  Remember to turn it off when it is not in use.  Of course, enable a remote wipe in case your device should get lost or purloined.

Beware of phishing attacks.  Phishing scams are widespread.  Consequently, do NOT open all your emails – particularly strange or suspicious ones.  Do NOT even click any suspicious links, and do NOT download any questionable attachments – for each of these are phishing scams designed to fraudulently collect your personal data.  Red flags should go up whenever you see any unusual emails, links, or attachments seeking your personal or financial information.

Protect your children’s information and your parents’ information, too.  Identity thieves are now targeting both children and senior citizens.  Educate both your children and parents on these dangers by warning them not to share any personal information.  Inform them that they must be vigilant about phishing scams, too.  Have your children and your senior citizen parents habituated to information security best practices.  

Keep updated on any news regarding data hacks and breaches.  For instance, just a few weeks ago, in April 2021, it was disclosed that the personal data of more than 500 million Facebook users were published by hackers.  Adobe, Canva, eBay, Equifax, LinkedIn, Marriott International, Target store, Yahoo, and many more have all been hacked in recent years, too.  Whenever you learn of a data breach, especially of a website you use, make sure you quickly change your password.  Also, read up on what steps the company recommends for you to take.  Sometimes a breached company or breached entity will offer help, like free credit monitoring and identity theft protection services.  Similarly, find out from news websites on whether a lawsuit will help compensate you for the inconvenience.  More importantly, stay apprised of any data breaches in order to proactively protect yourself and your family.

Remember red flags signal whether your personal information has been acquired maliciously.  These warning signs include:  1) there’s a sudden, unexpected appearance of unauthorized charges to your accounts; 2) your credit report reveals unusual accounts that you have not opened; and 3) you are unexpectedly receiving bills for purchases you have not made.  Always vigilantly watch your accounts to make sure they have not been compromised.  

Have you been compromised?  These are your next proactive steps:  First, change your passwords, then notify all your banks and credit card companies of any suspicious charges – both via phone as well as in writing.  You might even have to de-authorize particular apps associated with the breach.  Next, update all your anti-virus software to secure your devices and network.  If needed, open new bank accounts and transfer your money into these new accounts, if necessary.  Then contact all three credit bureaus – Equifax, Experian, and Transunion – to place fraud alerts on all your credit reports.  Finally, alert the authorities by informing the FTC and reporting to IdentityTheft.gov, where an Identity Theft Report will be created as well as a recovery plan to help your situation.

Need assistance in securing your network and/or systems after a compromise?  Consider contacting IT Connect 360 — we will help get you back along the right path to be more secure.

7 IT Security Incidents your Employees Need to Be Aware of

7 IT Security Incidents your Employees Need to Be Aware of

by | May 11, 2021

To safeguard against malicious parties exploiting a company’s cybersecurity vulnerabilities, a business must educate its employees on the malicious threats that exist out there.  Employees, after all, need to be trained to be cyber-savvy.  Otherwise, a misinformed or careless employee can be the reason for why a cybersecurity incident occurs. 

Accordingly, employees must be trained on the various threat vectors that could potentially harm a firm.  These threat vectors that employees must be educated on include malware-ridden links, phishing email attachments, and ransomware.  Hence, the most favorable protocol is to implement best practices on incident-response, whereby employees report certain questionable cybersecurity incidents – whether present in emails, network traffic, application traffic, even user behavior.

Here are the kinds of IT security incidents that businesses must apprise their employees of:

Disgruntled Employees.  If an employee (past or present) is exhibiting erratic or suspicious behavior, report the incident immediately. 

Malicious Media.  Any discs or USBs (thumb drives, flash drives) that aren’t accounted for or that find their way randomly within reach, without knowing their origin, should be reported — for they might be infected with malicious software.

Phishing, Spam, Ransomware, and Other Malware.  Any unusual email, texts, or instant messaging with links should never be clicked — not even those that arrive by mobile text or through social media.  Instead, report them.

Piggybacking and Tailgating.  If someone snuck into a secured area or checkpoint by following someone else – that should be reported.  Similarly, if someone with legitimate access allowed another person into a secure area or checkpoint, that should be reported as well.  Only those with proper credentials have permission to be in access-controlled areas.

Privileged Access.  Login credentials should not be shared, for doing so imperils a company’s data, information (intellectual property like copyrights, patents, even trade secrets), and resources, not to mention its reputation.  If unnecessary access to company information has been given, this should be reported.

Social Engineering.  When an unknown person (automated or real) or an unknown party is calling or making attempts to convince an employee to dole out sensitive information, report this.  If this is occurring in person, the social engineer might be disguised as the FedEx deliverer, utilities repair person (water, phone, electricity, cabling, internet, etc.), or even a (potential) customer.

Personnel who are Lackadaisical about Cybersecurity Best Practices.  These types of employees are the weakest link in the corporate infrastructure.  Cybercriminals often target these careless individuals because they make for an easy way of gaining entry into a company’s information infrastructure.

Why is it crucial to report IT security incidents?  Ultimately, reporting brings about awareness, which helps in lowering the risks of data breaches.

Do you want to train your personnel on how to be cyber aware?  Then consider contacting us here at IT Connect 360, where we offer training courses to fit your enterprise needs.

3 Tips to Properly Secure Your Business from Cyber Breach

3 Tips to Properly Secure Your Business from Cyber Breach

by | May 11, 2021

Information technology (IT) security threats have become commonplace in occurrence – AND more complex in nature.  News reports abound on how businesses, even sectors, have fallen prey to hackers and their malicious activities.  A cyber threat that escalates into a cyber attack can adversely affect a company, its reputation, and its revenue streams.  The solution?  

Take the necessary measures to reduce any risk of cybersecurity breach.  Here are three key tips on cybersecurity management:

Reduce the risks and blind spots.  Threats can emerge from a variety of arenas, given that the malicious landscape is ever evolving.  To eliminate any existing vulnerabilities, while preventing new ones, consider updating your security environment and IT tools arsenal.  Otherwise, malicious parties might compromise your enterprise cyber infrastructure.

Secure your business data through constant monitoring and maintenance.  What is the most feasible course of action to achieve this?  Create appropriate protocols and establish a culture of cybersecurity best practices via identifying, verifying, then mitigating potential threats.

Address cybersecurity staff shortages and your limited budget for proper deployment.  Nationwide there is a shortage of highly skilled and ethical cybersecurity professionals.  This exacerbates situations when employers are challenged into finding the right personnel to staff their enterprise cyber infrastructure, leading to a thinly crewed IT department, if even one exists at all within a company.  Additionally, a limited budget might constrain things further.  The viable alternative would be to outsource your IT needs to a credible managed services provider (MSP), like IT Connect 360.

How may IT Connect 360 help you?  As an MSP, IT Connect 360 can manage your enterprise IT needs with incident analysis, threat detection, and remediation — which will be of cost-benefit to your firm, particularly if you prefer the outsource route.  Of course, if you would rather develop and enhance your in-house team, then IT Connect 360 can likewise train your personnel to become better skilled in security management.

So whether you want to outsource your cybersecurity needs to IT Connect 360 or want us to train your personnel with up-to-date industry standards, then contact us today to get started on our collaboration.