You’re concerned about getting ransomware as everyone should be, but you don’t know what you can do to minimize your risks. Follow these five steps to reduce the chances of your data being hijacked and falling victim to ransomware.
Make regular backups. This is Ransomware Defense 101. The scammers want to restrict access to your data, but if you have a recent backup copy of it, you’re one step ahead of them. Organize your vital data so that it is stored in a secure location, and regularly back it all up. – You can back up your data to an external USB drive, or have it backed up to the cloud (we recommend doing both!) How often you back up your data should be based on how often your files are updated. Daily user? Backup daily!
Keep your computer updated. Whatever platform you’re using, desktop, tablet, or smartphone, stay up-to-date with your operating system updates and security patches. Did you disable Windows Update? Switch it back on, and make sure you’re running the latest version. *Note – Windows 7 stopped receiving critical updates in January 2020. It’s imperative that you upgrade your operating system to Windows 10 to ensure you’re receiving the latest updates and security releases.
Windows 10 Security Updates
Spot suspicious files, enable file extensions. One way of combating ransomware (and other malware) is to use your eyes. Many malicious tools have multiple file extensions (such as, for example; .PDF .EXE) which immediately identifies them as dangerous if you know what you’re looking for. By enabling file extensions in Windows, you can spot and delete them (or let your anti-virus software destroy them).
How to Enable File Extensions
Email Filtering and Hyper Vigilance. Most desktop email clients automatically scan incoming messages for malware and viruses that are attached, but hackers are constantly trying new methods to deliver their malicious files to your PC. As a general rule, you should never open an email or an email attachment from someone you don’t know or recognize. To avoid filters, hackers will send you a link that will lead you to a site that will automatically start the download of a malicious file. It’s best to avoid clicking on any links that are received through email, even if the link looks legitimate. Hackers will often change one letter within a domain address, which will lead you to a malicious site. Stay Hyper Vigilant!
Carefully Scrutinize Your Emails
Employ a Firewall and Internet Security Suite. As with all data security challenges, the best protection you’ll get from ransomware is with a competent internet security suite and an up-to-date firewall. There are many options available for your network and internet security. Give us a call if you’d like to learn more about our recommendations.
ESET Antivirus and Endpoint Protection
CREG Systems deploys a myriad of tools to help protect our partners and mitigate their risks or malware and ransomware. Call us today to learn more about how we can help secure your network and keep your data out of the hands of cyber-criminals.
Data Privacy Day is an international effort to empower individuals and encourage businesses to respect privacy, safeguard data, and enable trust.
Data Privacy Day is a global effort — taking place annually on January 28th — that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is observed annually on Jan. 28.
Data Privacy Day is the signature event in a greater privacy awareness and education effort. Year-round, NCSA educates consumers on how they can own their online presence and shows organizations how privacy is good for business.
In 2021, NCSA is encouraging individuals to “Own Your Privacy” by learning more about how to protect your valuable data online, and encouraging businesses to “Respect Privacy”, which advocates for holding organizations responsible for keeping individuals’ personal information safe from unauthorized access and ensuring fair, relevant and legitimate data collection and processing. These themes are encouraged through the below messaging and calls to action:
Calls to Action
Personal info is like money: Value it. Protect it. Personal information, such as your purchase history, IP address, or location, has tremendous value to businesses – just like money. Make informed decisions about whether or not to share your data with certain businesses by considering the amount of personal information they are asking for, and weighing it against the benefits you may receive in return.
Keep tabs on your apps. Many apps ask for access to personal information, such as your geographic location, contacts list, and photo album, before you can use their services. Be thoughtful about who gets that information, and wary of apps that require access to information that is not required or relevant for the services they are offering. Delete unused apps on your internet-connect devices and keep others secure by performing updates.
Manage your privacy settings. Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information. Get started with NCSA’s Manage Your Privacy Settings page:https://staysafeonline.org/stay-safe-online/managing-your-privacy/manage-privacy-settings/
Respect Privacy
ADVICE FOR BUSINESSES: RESPECT PRIVACY
According to a Pew Research Center study, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business.
Calls to Action:
If you collect it, protect it. Data breaches can not only lead to great financial loss, but a loss in reputation and customer trust. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access. Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.
Consider adopting a privacy framework. Build privacy into your business by researching and adopting a privacy framework to help you manage risk and create a culture of privacy in your organization. Get started by checking out the following frameworks:
Conduct an assessment of your data collection practices. Understand which privacy laws and regulations apply to your business. Educate your employees of their and your organization’s obligations to protecting personal information.
Transparency builds trust. Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used and design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy.
Maintain oversight of partners and vendors. If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.
We offer cybersecurity services to businesses that assist in the education of employees and mitigate cybersecurity risks
Defendify by CREG Systems Cybersecurity Platform
Cybersecurity Risk & Assessment Tool
Alerts
Cybersecurity Policy Builder
Incident Response Builder
Dark Web Scanning for Stolen Passwords
Phishing Simulation Tool
Employee Cybersecurity Awareness Training Videos & Webinars
Many businesses do not believe that they are a potential target of cybercrime. Personal information is not limited to your basic social security number or credit card information. For instance, it can include recipes as a restaurant owner all the way to market strategies. To find out why you could be at risk of a cyberattack, watch our webinar on cybersecurity!
Our staff are trained and certified as Certified Information Security System Professional (CISSP), Certified Ethical Hacker, and Certified Wireless Network Administrator and holds CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server 2016, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best cybersecurity in the North Country.
The rise in unemployment is primarily due to many industries having to cease operations altogether. However, some were a bit luckier. Able businesses shifted to an entirely remote workforce. This transition happened very quickly and disrupted many standard business procedures. The intentional shift to a remote workforce was temporary and not expected to last long. However, we may see a remote workforce become the new normal.
Working remote was an option long before the emergence of COVID19. As a result of improved technology, the mobility of the workforce has increased. With the majority of businesses now having to follow suit due to COVID19, the question arises- Is a remote workforce a security threat to business? The short answer is, it does not have to be.
Easy Targets
Remote workers are a natural access point for potential attackers. Many remote workers work on multiple devices. The numerous devices used could be a combination of company-provided devices and also personal ones. Shared devices usually consist of weak networks and insecure passwords. Many do not even employ a basic VPN, in turn leaving their whole system vulnerable. Therefore, their devices are not as secure as devices found in corporate offices.
Increased Risks Due to COVID19
In today’s world, the threat landscape is becoming more deceptive. In 2019 alone, there were over 9.9 billion malware attacks. Here are some other risks to be concerned about:
Phishing
Social Engineering
Ransomware
Zero-Day Attack
During a major crisis, the amount of cyber-attacks generally surges. Consequently, that is what is happening during COVID19. The attacks taken advantage of in times like these are usually social engineering and phishing. For instance, attackers will send emails with COVID19 headlines or offering “free” services that one may need in a time like this. People often fall for these deceptive headlines and become victims of a cyber attack. It is essential to educate the workforce on how to recognize these attack attempts.
Take Advantage of Cybersecurity
Giving workers the necessary access to security and operational tools will ensure that all proprietary information is secured. Using a secure gateway is an efficient way to protect all correspondence between workers, whether it is voice or web-based.
Download our PDF for more information on secure gateways and what they can do for your workforce.
Remote employees make up the most significant percentage of the workforce today. As a result, the way the world conducts its business is about to see a paradigm shift. Companies cannot expect the remote workforce to bear the entire weight of ensuring the security of their networks. In conclusion, it is a business’s responsibility to protect its more susceptible employees. In doing so, the company itself becomes more secure.
SonicWall, a leader in the security platform category has published its 2020 Cyber Threat Report delivering critical threat intelligence to help organizations better understand how cybercriminals think.
Highlights include:
Malware, ransomware attack volume down 6% and 9%, due to more targeted attacks
Connected-device dependence leads to 5% increase in IoT attacks, over 34 million exposed
Over 40 million web app attacks detected, 52% year-over-year increase
Encrypted threats up 27%, almost 4 million identified
#CREGSystems is proud to partner with SonicWall to bring you the latest in #CyberSecurity and #Firewall Options. Contact us today to learn more about how we can help you mitigate your risks of malware and ransomware attacks!
