619-819-5508

[email protected]

IT Connect 360 Logo for MSP Manager

Train your staff: Your first and best firewall

by | Feb 21, 2022

Train your staff: Your first and best firewall

Protecting your organization against cyber threats can seem like a challenge that involves extremely high-tech wizardry, sophisticated knowledge etc.. Much of this is true. Protecting your data and your company against cyber threats requires skilled professionals. But that isn’t only what is needed. The first line of defense in data security is everyday common sense and diligence on the part of everyone who works in your organization.

Some thoughts . . .

The first challenge in beefing up your data security is creating awareness among all of your employees that they really do have a serious role in data security. Many of the ways they can protect your data are simple, but until they are aware that they may represent a threat to data integrity they won’t take their role in protecting your company seriously. Provide training that both explains that their actions may unknowingly create problems, and then review what they can do to avoid trouble.

Training should not end. It should be an on-going focus in your organization.

Passwords Part 1 Remind everyone that simple passwords are unwise. Does your company mandate a certain level of complexity in password creation? Maybe you should.

Passwords Part 2 – No password sharing. We tend to trust most of our colleagues, so when logging in and out seems a nuisance, we are often willing to let a peer use a database we’ve already logged into so they can do some simple, quick task. Not a good idea.

Email and phishing scams – These are really easy to fall victim to. Emails that look like they are from a legit source, so we open them up and then click on a link inside. Explain that emails can be made to look like what they aren’t. Always be suspicious. Look at the email address to see if the domain matches the legit site.

Odd links – If someone you know sent you a link to a site, unless you absolutely know the email is legit and the link is safe, let it go. Email them back to verify.

Lonely hardware – Remind everyone: Never, ever put a thumb drive into their computer unless they know where it came from. No matter how much one knows better, if you find a thumb drive sitting on a desk, it can be extremely tempting to plug it in to see what’s on it.
Don’t. Just don’t.

Three best practices to protect your data

by | Feb 14, 2022

Three best practices to protect your data.

While malware and phishing attacks have evolved over time and are constantly becoming more and more sophisticated, there are ways to protect your data from them. Here are two best practices to observe no matter the size of IT infrastructure needed in your company or organization to follow that can help safeguard your business.

Install a strong firewall
A firewall can help prevent unauthorized access to your network by monitoring access attempts and allowing or rejecting them. Firewalls are flexible in the sense that you can choose how stringent or lenient you want it to be in terms of limiting access. There are different kinds of firewalls, each serving a particular purpose and offering different protection levels. An MSP with deep experience with these technologies, as well as your specific industry, can be an excellent resource. Firewalls basically work to block unauthorized traffic to your network based on various factors including IP address, location and any other custom parameters that you may choose. Without a firewall, your network is essentially open, exposed to any one on the web, which puts you at serious risk.

Invest in antivirus software

Antivirus software programs identify viruses and other malicious attachments that cybercriminals may use to gain entry into your system or network. Make sure you invest in a good antivirus software and update it regularly so it can protect you against newer versions of malware that crop up with time. Be wary of consumer grade programs.

Train your staff

Train your staff to identify and steer clear of phishing emails, links and messages. All the protection in the world is no defense if your staff opens a phishing email and clicks ona malicious link. It is game over right then. Employees tend to assume you are the one responsible for maintaining data security. They often don’t realize they also play a role. Educate them on password hygiene, safe web surfing, and basic IT best practices even when using their own devices. You can provide training in-person and conduct mock drills and IT workshops. Also, consider sending regular emails on these topics so your staff remains alert. Security training isn’t a one-off project. Also update your staff on any new vulnerabilities discovered and if there are any security updates or patches released for them in the market, then be sure to apply them immediately.

Ransomware vs other malware attacks

Ransomware vs other malware attacks

by | Feb 7, 2022

Ransomware vs. other malware attacks

There is no end to the volume and type of malware out there in cyberspace. For a very long time, organizations were aware that viruses could attack their data, render it corrupted and unusable. They were also aware that malware was used to steal data and use it for–primarily–monetary gain. Sell off banks of credit card numbers, steal identities, re-sell Social Security numbers, etc.

Phishing, as we talked about in an earlier blog, is a set of tricks to get access to personal information and probably even to your IT network by stealing access credentials, but that’s not the only way. Cybercriminals also deploy various malware such as viruses, worms and trojan horses to attack IT networks. These malware usually gain entry into the system disguised as genuine email attachments, links to file downloads, etc. and then corrupt the data. If it is a case of a virus whose sole intent is criminal mischief, your surest protection are consistent and frequent backups. In the case of malware whose goal is theft, you need to have the technical expertise to maintain the security firewalls, anti-virus software, and knowledge of the field of cyber crime to protect your organization. Ransomware is a newer threat that requires additional knowledge in order to ensure that backups are clean in case of an attack. Ransomware, as the name suggests, is a kind of malware attack that goes beyond data corruption where the cybercriminals hold the data hostage and demand a ransom from the business for restoring data access. Backups can also be infected with a ransomware virus, leaving you completely vulnerable to ransom charges if you want your data back.

The point here is that cybersecurity is a specialized field. It is a lot more than buying a consumer grade anti-virus application. In general, in small- and medium-sized organizations, in-house tech staff may not have the depth of experience and/or the time to keep up with the latest issues and threats in cybercrime, necessary to design and maintain a well-defended IT infrastructure. In the area of cyber security,

It makes sense in such a scenario to bring an experienced Managed Services Provider (MSP) on board who can help you with data security, training and general up-keep and maintenance of your IT infrastructure.