cybersecurity

How to Keep Your Business Safe from Ransomware

/ nancyrubin / 1 Comment

The recent global ransomware attack known as WannaCry, left thousands of users locked out of the data on their computers. Luckily, thanks to a tech blogger who reverse-engineered samples of the malware, the threat was soon eradicated.

Unfortunately, recovering the data once you are hit with a ransomware attack is not possible. However, there are certain measures you can take to minimize or even completely eliminate the possibility of such an attack

Understanding ransomware, how it works and how to prevent it is an important step towards keeping your business and your data safe.

Know What You’re Dealing With

While many cyber-attacks focus on stealing your data, ransomware works a bit differently. Cybercriminals that use ransomware, a type of malware, are after your money and attempt to blackmail a payment out of you by threatening your data. Hackers either don’t allow you to access your data or claim that your data is at risk and then offer to fix the issue if you pay.

Cryptovirus, cryptoworm or cryptotrojan, as ransomware is also called, can hit anyone from home users to businesses and public institutions. Each target presents different opportunities for cyber criminals.

Home users and public institution employees often don’t have advanced cyber security knowledge. Public institutions may also have valuable information that they cannot afford to lose.Hitting a business could mean big money, and businesses sometimes would rather just pay up than deal with the inconvenience of reporting the attack.

Types of Ransomware

Scareware, also called fraudware and rogue scanner software, is intended to scare you with a pop-up message about malware in the system. There’s no real threat, but the scareware gives the illusion that there is and says that you need to pay a certain amount to remove the malware. Knowing the difference between legitimate and illegitimate sites and programs is instrumental in recognizing scareware.

Locker ransomware is similar to scareware in that it attempts to scare you into paying, except in this case, the pop-up message claims that it has detected illegal activity on your computer. It often has the seal of either the FBI or the U.S. Department of Justice and says that you need to pay to avoid legal trouble. You can safely close and ignore such messages, as no government organization would operate like this.

The worst-case scenario is encrypting ransomware, where the malware actually encrypts your files and cybercriminals demand payment to give you your information back. The problem is that there’s no guarantee they’ll follow through on their end of the bargain if you pay them, and it opens the door for future attacks. For those reasons, cyber security professionals advise against paying.

How to Protect Your Device

  1. Invest in Cyber Security.

The first thing you should do to protect your data is to find a high-quality antivirus program. Ask a cyber-security professional for a recommendation and use the advice to help make your decision.

For complete protection, look for a comprehensive security suite that can handle all kinds of threats, or combine your antivirus program with separate antimalware and antiransomware programs. Antivirus programs typically have free trial periods available, so try out a few to see which one suits you best. Once you’ve found it, it’s a good idea to purchase the full version for superior protection, especially if you often have sensitive data on your device.

  1. Backup, Backup, Backup.

The prices for external hard drives and personal cloud storage seemingly get lower every day. If your business needs to store a lot of data consider cloud backups, there are plenty of excellent cloud storage services on the market. Regardless of which option you prefer, not backing up your data is a crucial mistake.

It can be tedious to backup data, especially if you work with a large amount of it every day. Just remember that taking the time to make a backup is far better than being left with nothing because of a cyber-attack.

If you go with a cloud service, check the encryption and authentication features to ensure that your data will be secure. Remember to physically remove external hard drivers after making the backup so they can’t get infected.

  1. Education Is Power.

The best way to be ready for potential threats is to know what’s out there, and this is much easier thanks to all the useful information available in a couple clicks. Stay up to date by reading tech blogs and by getting in touch with your IT team or cyber security professionals.

Ransomware has been around since the early 2000s, and it doesn’t choose its victims, so even Mac users are no longer safe. Read about what other users did when hit with ransomware in case you find yourself in the same situation, and share your knowledge with the people you know.

  1. Skepticism Pays Off

You can never be too careful about what you see online. Look closely at all your emails, and if you get one from a stranger with an attachment, just delete it. Watch out for shortened links, as you can’t be sure where they will lead. Use online services that can show you the full URL before you click on it.

There are a few suspicious signs to look for with emails you receive, even those that appear to be from a company. These include generic messages that don’t mention your name, a format that looks different from the company’s usual emails and any requests for personal information, which you should never provide over email.

  1. Don’t Pay the Ransom.

How much do cybercriminals try to get with ransomware? It could be anywhere from hundreds to tens of thousands of dollars.

A ransom demand is a crime, and if you give in, all you’re doing is encouraging it. Cybercriminals will use ransomware as long as people pay them. And once they get their money, they have no incentive to help you decrypt your files.

A Kaspersky survey supports the strategy of not paying ransom. It found that of the ransomware victims who paid the ransom, one in five didn’t recover their files.

Final Thoughts

A ransomware attack that results in your sensitive data being encrypted could be devastating for your business. However, being proactive instead of reactive is crucial. Following the information outlined in this article can help you secure your data. Just remember to back up everything so even if you’re hit with an attack, you can get your data back yourself.

About the Author

Lisa Michaels is a freelance writer, editor and a striving content marketing consultant from Portland. Being self-employed, she does her best to stay on top of the current trends in the business world. Feel free to connect with her on Twitter @LisaBMichaels.

 

Is Your Social Media Profile Secure?

/ nancyrubin

With people spending more and more of their lives online – it can be difficult to know where to draw the line. Sharing almost every aspect of your life might have been commonplace – but you could also be putting yourself at risk.

While social media has become a great place to share and communicate with friends and family – it has also become a place where criminals target the unsuspecting. This is becoming a growing problem. People who came to the internet late in their lives might already have a sense of reluctance to share absolutely everything – but those who have grown up with it might not be aware that they could be sharing too much. We’re going to look at a few simple security tips that should make your social media profile more secure.

1. Don’t share too much

Sharing parts of your life can be great fun – but some people take things too far. Do you really want people knowing where you are all the time? Leave a bit of mystery in your life – it could actually protect you. Simply advertising when you’re not at home or even making it really obvious where you live or work are not the greatest ideas. Use some common sense. By all means, share photos and enjoy yourself – but try and keep some things private in your life.

Remember when you need to reset a password because you lost it? Oftentimes they’ll ask you when your birthday is or what your pet’s name is. This is the sort of information people freely share on social media. That means you’re giving this secure information away for free. Don’t do it.

2. Make sure you know all your “friends”

Having as long a friend list as possible has almost become a competition between some people. It makes you seem popular – but that’s not really the reality. Try and rise above this sort of behaviour. Only accept someone as a “friend” if you really know who they are. This means what you share should only be seen by people you know.

Of course, you can’t control how your friends use their accounts, so make sure you really only have people you can rely on in real life. A good question to ask yourself is – would you stop and talk to that person if you saw them in real life? If not – why are they on your friend list? You’ve got to get away from the desire to have thousands of friends and realise that some things (like your security) are more important.

3. Don’t share access of your account

Some people share their password and let their friends log in for them. This is a huge mistake and could be asking for trouble. Make sure it’s only you that has access to your account. You should also log out when you’ve finished – especially on public computers like those in libraries or at college.

4. Vary your passwords

Some people use the same password for everything. While this can make things easier to remember – it also means losing access to one account could spell disaster. Make sure you vary your passwords and change them regularly. Don’t write them down, either.

About the author

Keith has a strong background in advising people on security issues. He’s been writing about tech and social media for a number of years. In his spare time, he also writes for a private tuition service based in Singapore.

5 Social Media Security Risks for Your Business

/ nancyrubin

People love social media. Social networks provide limitless opportunities to have fun and communicate with other people. Unfortunately, social media has also become the focus of an increasing number of cyber attacks. Knowing that so many employees use social media while at work, hackers have had success attacking companies by compromising their data and harming their reputation.

Although cybercriminals routinely infiltrate popular social networks with fake accounts and malicious software, social media users often represent their most valuable asset. Regardless, you must accept responsibility to secure your company from all online threats. Learn about the following five social media security concerns so you can improve your business’ security.

1. Information Leakage

Employees can choose to use the same social media platforms at work that they use at home. Using familiar tools and a familiar interface in order to work together and share files makes sense to many employees. Platforms such as Twitter and Facebook, however, can convey a false sense of intimacy that can result in the sharing of sensitive information that businesses owners and managers would prefer to keep secure.

Sharing and chatting on social media for business can cause substantial damage to organizations, especially when personal accounts are used. Social media sites do not have the same security features, such as access control, that project management software has. As a result, information shared on social media can often fall into the hands of distant “friends of friends” or public users who can attempt to profit from it.

If your company wants to prevent information leakage, it must implement and enforce acceptable use policies that prohibit the use of social media for internal business processes. Such a simple precaution can prevent the loss of trade secrets and reputation damage. Similarly, businesses should also enact guidelines and provide tools that encourage communications and file sharing using secure tools.

2. Social Scams and Phishing Attacks

Phishing attacks use messages that appear to originate from a familiar person. Users believe they can trust the sender and open the messages, allowing hackers, scammers and other malicious users to obtain login credentials for various websites, including social networks. The scammers use those credentials to gain access to victims’ accounts and then attack more people by sending them spurious messages with enticing subject lines.

Image2

Social platforms saw the number of phishing attacks on their users more than double in 2015. Hackers use the compromised accounts to post scams that install malware or perform other nefarious tasks. These cyber criminals can then direct their efforts at your company by attacking your customers or by impersonating your customer service agents. Some scams can offer long-term reputation damage and also compromise confidential information.

3. Malicious Apps

So-called “bring your own device” policies in the workplace have opened the door to business data networks via malicious software. This type of attack works because companies often have insufficient control over employee-owned devices. Although cyber criminals have had limited success with virus distribution via social media, they can easily hack the smartphone social media apps, converting them to act as gateways to your network and the data it hosts.

4. Malware Attacks and Hacks

Malware can enter business networks via social media sites and thereby give hackers access to customer and trade data. Malware can also modify user information and corrupt databases to deny employees access to vital applications and data.

Sometimes cybercriminals post security disinformation online and thereby mislead social media users into compromising their accounts. As a result, well-meaning employees can unwittingly release confidential information and harm the reputation of your firm.

5. Uneducated Employees 

Employees continue to rank near the top of business security threats. Dissatisfied workers who have access to vital business secrets can post sensitive information to social media and thereby cause irreparable damage to your company. When employees get bored or want to get revenge on a co-worker, they also can, for either fun or spite, release inappropriate information via social media sites without understanding the repercussions of their behavior.

Image1

Employees who have never been educated and trained in proper security practices can easily click on phishing links or reveal information to a fake social media account without realizing that they have compromised security.

Get the best protection for your business by training your entire labor force to understand the importance of data security. As part of the process, make sure either you or your IT manager teaches your employees how to recognize malware, malicious applications, phishing attacks and other social-media-based threats. You should also prohibit your employees from using unauthorized software to do their job.

Recognizing the above five social media security threats will boost your awareness of threats that can harm your business. The online landscape continually changes, so you should monitor technology news to stay forward of new cybersecurity developments. You should also ensure that you have the latest internet security software installed on your workstations as well as on employee-owned devices.

Educating yourself and your staff will continue to play a vital role in securing your business. Begin the process by publishing guidelines for the use of social media in your company and holding periodic training sessions that help employees recognize threats. Taking control over social media in your biz will do much to safeguard your company’s data and your brand.

Author byline:

Josh McAllister is a freelance technology journalist with years of experience in the IT sector. He is passionate about helping small business owners understand how technology can save them time and money. Find him on Twitter @josh8mcallister

Casting the Net Wider: Reach More People Today

/ nancyrubin / 3 Comments

If your business has a core group of customers but struggles to reach people further afield, you have a clear problem. It’s impossible to grow and expand a business when it’s stuck in a very tight niche. You need to find ways of casting the net wider and reaching more people if you want to make your business bigger and better. When you do this, you mustn’t forget your core customers who provide the business with its base.

Broaden the Scope of Your Brand

The very first thing to do is broaden the overall scope of your brand. If people see your business as only being for a certain kind of consumer, they will be unlikely to even listen to what you have to say. That’s why you need to actively demonstrate how the business is changing and why this matters to your customers. Set up a marketing campaign that is directly aimed at people who have never used your business before. Confound their expectations and brand your business differently. On top of that, you will have to start selling things that have a broader appeal.

Be More Open and Communicative

Being open and communicative about your business is really important at times when you are trying to branch out and reach new people. If your business is closed off and not open to new people, it’s unlikely to do very well at all. So, to ensure your business doesn’t fall behind and lost traction, you should make sure your business has a presence in social media. And when you interact with people on these platforms, make sure you’re open and willing to be humorous. When you do that, more people will see the human side of your business.

net1

Image Source

Improve Your Website and Make Sure Content is Optimized

You’ll need to build a new website for your company if you want to make sure that it has the online presence required of modern businesses. If you run a construction company, this is just as true as if you run a tech startup. People often forget that all kinds of businesses need this strong online presence. There are companies that offer general contractor website design services if you do run that kind of business. But no matter what type of business you run, make sure the website is modern, easy to find and easy to use. You should also post content on there that is fully optimized to improve your SEO ranking.

Build Trust Over Time

Trust is important when it comes to the relationships between customers and businesses. If people don’t trust your brand, they won’t trust what it says or what it offers. So, it’s really important that you aim to build trust over time and don’t take customers for granted. It will be a slow process, so don’t expect to see instant results overnight. It simply won’t happen like that. Be prepared to prove your business is changing and appealing to more people. Eventually, the change will happen and people will begin to recognize it as well.

net2

Photo Source

Small Business & Theft: Where Does It All Go Wrong?

/ nancyrubin

When you run a small business, it’s hard to imagine that your company could be a target for thieves. After all, why would they be interested in a tiny, small business – what could you possibly have that they want? Well, the truth is that as a small business, you are at a significant amount of risk from theft. And, it can come from almost any direction. In today’s guide, I thought we would take a look at the areas of your business that need protection from thieves. Let’s crack on and start reducing the risks of theft to your company.

steal1

Mundo Resnik

The opportunist

Burglars are opportunistic in the vast majority of cases. They might spot an open window from a distance, and be in and out of your premises in a matter of minutes. You won’t even notice until you realize half your equipment is missing. While alarm systems and cameras can help, they won’t reduce your risk from theft entirely. You also need to make staff aware of their responsibilities. Windows should be kept closed whenever anyone leaves a room. And it’s the same principle for doors – lock them up if they aren’t in use. Finally, make sure employees know to report any sightings of strangers or suspicious activity.

The copycat

Whether you are a musician or a content creator, what you produce should be yours by law. Sadly, piracy, copyright issues, and intellectual property theft are rife these days. Your best bet to protect yourself is to be proactive rather than reactive. Use a professional service that can help you identify issues as soon as they occur. According to DMCA Takedown, you need fast, comprehensive and efficient counter-strikes against copyright infringement.

The insider

An astonishing amount of thefts from businesses are inside jobs. So, while you might trust your employees implicitly, it’s still important to perform checks every once in awhile. Don’t leave temptation lying around, either. The sight of money, for example, can be incredibly enticing for any employee who is going through financial hardship. Debt problems can also lead to people making desperate decisions – and they may even fall victim of blackmailers.

The Cyberthief

Of course, these days your business will have a lot of valuable information about your customers, either onsite or in an external server. Don’t underestimate how enticing this data is to hackers and thieves. Personal details, financial information and anything else you store as data can be used in a multitude of wicked ways. And the truth is that even with the highest security, and an experienced hacker can break into your system. The trick is to make it as hard as possible, and hope they will give up and find a weaker target. Make sure all your systems are locked down enough to deter all but the most determined cybercriminal.

The shady customer

Finally, it’s also important to know who you are dealing with. Fraud, embezzlement, forgery, counterfeiting – all are big problems in business. Make sure you are aware of all these issues and learn how to spot them as best you can.

 

 

 

 

 

Make Your #Website More User-Friendly Today

/ nancyrubin

The website is one of the most important ingredients of any business’ success. These days, a website is utterly vital if you want your business to succeed in the long run. Not only is it one of the most effective forms of marketing. It also acts as a useful communication tool between you and your customers and potential clients. The fact is, the state of your website says a lot about your business as a whole. There are many qualities that a website needs to have, and it can take time developing them all. Arguably the most important, however, is that it is user-friendly. This simply means that your customers will have an easy time using the website. As long as that is the case, you can be sure that the website is doing its job. But how can you be sure? Let’s take a look at how to make your website more user-friendly today.

website1

Image

Keep Content Concise

No matter what content you have on your website, you should aim to keep it as concise as possible. This works for a number of reasons. Above all, it is because people tend to digest long content poorly. What you want is to draw your customers in quickly and keep them there. Shorter, snappier content is much more effective for this than longer, drawn-out pieces. Your customers will also find it a lot easier to deal with when they are visiting your site.

Allow Easy Navigation

To tell the truth, the fewer separate pages you have on your website, the better. Increasingly, websites are adopting fewer and fewer pages in order to streamline their message. This partly explains the increasing popularity of blogs over traditional websites. When it comes to designing your business’ website, it is a great idea to keep the pages down and the navigation simple. Allowing for easy navigation makes it much more likely that people will stay for longer. They will also get less frustrated, and that is no bad thing.

website2

Image

Prioritise Security

If your website offers a payment system, then you need to be a little careful about it. You should always be sure to prioritize your customers’ safety and security in these matters. It is unfortunately common for details to be stolen. This can then lead to fraud and theft, and nobody wants to experience that. Use a high risk credit card processing system to ensure your customers’ security.

Be Kind With Their Time

As a final note, remember the importance to your customers of their personal time. Whatever you do, don’t take time away from them with a clunky website with no real content. If your business is to have a website, make sure that it is actually worthwhile. Keep it updated with interesting and relevant content. Make it attractive, and the kind of site people want to return to. This is more important than you might think. As long as your website is interesting, people are likely to return at much higher rates. That means great things for your business.

website3

Image

Make #Identity Theft Protection a Priority in Your Life

/ nancyrubin

Whether you run a business or are just an everyday consumer, you likely have a lot going on in your life. So, do you have time to stop and fight off an identity theft thief or two? In most cases, the answer will be a resounding no.

Unfortunately, that is not always a choice you get to have. As many American companies and consumers for that matter have discovered (especially in recent times), identity theft is a real and persistent problem.

With that being the case, what can you do to stem the tide, keeping identity theft thieves at arm’s length?

identitytheft

Have a Comprehensive Plan in Place

In order to put up a shield against identity theft, you first need a protection plan in place.

For starters, take the time and effort to review the best ID protection on the market. While there are various products and services out there, don’t automatically settle for something if you feel like you could do better, but you don’t feel as if you have the time or money to explore more in-depth.

There are services out there that will review the different I.D. theft protection companies and their various products, allowing you to make a more informed selection when all is said and done.

Once you have your protection plan ready to go and ultimately installed, the next great task is making sure you are still being as cognizant as possible about the threat that is out there.

Whether you run your own business all by yourself, have employees on your team, or you’re just a simple consumer looking peace of mind when it comes to identity theft, you have a responsibility of your own (actually more than one) when it comes to fending off I.D. theft thieves.

These responsibilities include:

  • Monitoring your lifestyle – Yes, while a protection plan provider will watch your credit card/bank/online activities, look for any suspicious behavior etc. you still have a responsibility on your own (see more below). Remember, such a service can only do so much 24/7/365, so that’s where you come in. Be sure to be careful when using credit cards out in public, hopping on the Internet for business or pleasure, traveling and using computer servers you can’t with 100 percent certainty say are safe etc. And if you think your health records are off limits and/or of little or no interest to I.D. theft thieves, think again. Getting their hands on such information can be to them like striking gold, allowing them to gather up large swaths of personal data to then turn around and sell;
  • Being an educated consumer or business owner – As mentioned a moment ago, you have to take on some degree of responsibility in protecting your identity, especially as it relates to your financial well-being. For example, if you go out to eat, don’t leave a credit card sitting on the table by itself for even a moment. The same holds true when it comes to receipts. If you are traveling and relying on a computer already set up in your hotel in say a business office or lobby area, do not do any work on it involving your bank account, Social Security account, work files that include customer data etc. You likely can’t say with 100 percent certainty that the server there is protected, so why take a chance on exposing personal data?
  • Investing in your financial future – Finally, stop for a moment and think about how just one successful I.D. theft strike against you or your business (if you have one) could financially devastate you for years to come. While you may not be able to say that you have 100 percent protection in place, you can come pretty darn close to feeling that you do. When you have a company providing you with protection, along with making sure you are doing all the right things, you are investing in your financial future. Also make sure if you have a family that they too utilize smart financial practices in the home and when outside of it. This is especially important in not only protecting you, but also your children.

If you have not taken identity theft all that seriously up to this point, change that mindset as you move forward.

About the Author: Dave Thomas covers business topics on the web.