Are Your IT Policies Putting you at Risk of Security Breach?

Companies have solid reasons for embracing Bring Your Own Device (BYOD) and allowing for telecommuting so personnel can work from home or on the road, but doing so can increase the risk of data breaches for the company.  

Image result for security breachRemote Access policies are currently in favor with hundreds of
thousands of businesses across the United States, and the globe. While companies have solid reasons for embracing Bring Your Own Device (BYOD) and allowing for telecommuting so personnel can work from home or on the road, they increase the risk of data breaches for the company.

The Problem

The two problems are closely related. The first has to do with the concept of BYOD. The reason companies choose to allow this is that it allows their staff to have the most up-to-date technology without having to acquire advanced technology themselves. The second is telecommuting. Workers that telecommute only need an internet connection to log into their workplace computer systems.

By the Numbers

So, let’s look at some numbers concerning both problems. An article published in Great Britain tells about a survey of 500 companies in the UK and Germany. Among their findings:

  • 44% of organizations had a member of senior management lose a mobile device; and
  • 39% had a member of executives report a stolen device.
  • 54% of survey respondents noted that a non-senior management employee lost a device and 49% said a device that was stolen
  • 93% of these devices contained work-related data
  • 49% had work-related emails on them
  • 38% had confidential data or files
  • 24% contained customer data
  • 15% had company financial information

Results of similar surveys in North America, Europe, and the Pacific Rim all returned similar results.

What are the implications?

Many of these devices when lost or stolen have passwords stored without any protection. This means thieves have easy access to your company data. Often, lost or stolen devices have personal identifying information, personal financial information, or personal health information that can number in the tens of thousands. If this data, or other data such as customer lists or proprietary information, is breached, companies can see losses that go to the tens of millions of dollars.

More Numbers

  • 48% of companies reported they are unable to keep track of what data leaves the office and who is taking it off premise.
  • 54% agree that data can be safeguarded more securely
  • 67% of responding companies acknowledged they know that employees break the rules concerning removing data from the workplace, but, have not yet addressed the issue.

What Makes This Such a Big Problem?

Breaches are very expensive.

  • Your company reputation will suffer if your data is compromised. This isRelated image particularly the case if customer/client/patient information is breached. It is probable that your company will lose business directly because of the breach, and finding new business becomes harder too.
  • Most companies pay for identity theft monitoring and restoration for one year following a breach – this is an additional cost to the business and depending on the size of the breach can be very costly.
  • In many instances of data breaches, affected customers or business partners sue or join a class action suit against the company that was breached. Defense, settlements or jury awards is also a new expense.
  • Fines are often levied against companies that have preventable breaches and they can be in the millions – many small or medium-sized businesses can be driven to bankruptcy by these fines.

What You Can Do to Protect Your Data

  • Make sure your data is securely stored and require two-factor authorization for access to your system.
  • Install remote wiping applications on devices used by employees for remote or BYOD work
  • Perform routine penetration tests so your company can identify potential security flaws

For more network security information or for a free network assessment, contact Cenetric today at (913) 210-1950 or support@cenetric.com 

The Hidden Costs of Malware

Ransomware is malware that either freezes your computer or locks it so you cannot access data and programs that your company normally uses. The criminal that is holding your system hostage, demands a ransom that is usually paid in Bitcoin.

Imagine opening your business one morning, turning your computer on and reading a message that says something like: Attention – Your System is Locked. If you want your data and programs unlocked, you must pay a fee of $800. If you are a new business or a small one, $800 can be a lot of money. It is in effect a ransom payment and is the harbinger that your computer is a victim of ransomware.

What is Ransomware/Malware?

Ransomware is malware that either freezes your computer or locks it so you cannot access data and programs that your company typically uses. The criminal that is holding your system hostage, demands a ransom that is usually paid in Bitcoin. One thing about this kind of criminal is they believe in excellent customer service. Instructions are sent you about how to pay in Bitcoin. Also, the thief or gang of thieves usually do return your computer back over to you – otherwise, most people would not bother to pay the ransom.

However, the ransom is only the beginning of your expenses relating to a ransomware incident involving your business.

What Are the Other Costs of Ransomware?

In 2016, the average cost of paying a ransom demand involving accessing a business’ computer programs and data was $679. It is expected to rise in 2017 to nearly $800. But, that is not the only, nor necessarily, the greatest expense. The other costs attendant to ransomware include:

Regulatory Fines

It is the duty of every business to safeguard the Personal Financial Information (PFI)and Personal Identifying Information (PII) of clients and customers. Regulatory authorities such as the US Department of Health and Human Services (HIPAA compliance) or the Federal Trade Commission for letting PII fall victim to a ransomware attack. Fines can be high (millions of dollars) but are usually not levied if there had been no other prior issues regarding confidentiality. For those firms who had previous breaches, fines can quickly add up to millions of dollars.

A Lack of Productivity

When a computer system is unreachable, your employees are undergoing downtime. Without your business data and programs, they are unable to work and are simply nothing more than another expense due to ransomware. Depending on the size of your workforce is how much this costs. A research study by the firm Vanson Bourne for SentinelOne reveals that it takes 38 man hours to recover from a ransomware attack.

Loss of Customers/Lack of New Customers

When a company is victimized by a ransomware attack, most states require that anyone whose data may have been breached must be advised of the possible breach. Doing so may lead to customers leaving you for another company. Likewise, it is harder to find new clients or customers.

Loss of Employees/Inability to Hire Top Applicants

The situation is similar when it comes to employee retention and new hires – employees want to know their employer has an excellent reputation that is unsullied by a successful ransomware attack.

Ransomware is 100% recoverable without the fees! Don’t get caught off-guard today!

Cenetric can help you develop a strategy to protect against ransomware before it ever becomes an issue. Consultations are free: 913.210.1950 or info@cenetric.com.

6 Essential Email Tips

Emailing seems simple enough… but that’s not always the case. Use email in the wrong ways and it can lead to massive confusion, hurt feelings, and more work than necessary. At the same time, though, email the right way and you can end up with better, more productive days at the office.

But what exactly is the wrong way to email?

Here are a few things to watch out for:

Leaving out a subject line

Subject lines make a world of difference when it comes to efficiency inside your inbox. Forget to include one and you’ll regret it later. Four or five simple words can turn a 30-minute scroll through your inbox into a 5-second search for information.

Not signing off

When it comes to email, a sign-off is always necessary. Whether it’s just your name or a name and a Thank You, you should always include something in every email. Leave it out and you’ll look unprofessional.

Using sarcasm

Sarcasm can be difficult to detect when you’re standing right in front of someone. Using it in email without context is a recipe for disaster!

Resolving conflict

Email was not designed to help people resolve conflict. That is a feat that should be attempted in-person or, at the very least, over the phone. If ever you feel the email conversation has somehow morphed into conflict resolution, request that the conversation be continued face-to-face.

Not spellchecking

Everyone’s probably done it at some point. You send a message to someone and misspell something so badly that you’re embarrassed to look at yourself in the mirror. And typically… this situation could have been avoided if you had just looked over the email.

Leaving the email blank

When someone asks you to send over an attachment, you might not write anything inside the actual email. You might just attach the document and leave it at that. Heck, you may not even include a subject line – which you now know is a bad idea. But you’d be surprised by how confused people get when they receive an empty email, and they might be so confused that they miss the attachment altogether – which will only lead to more emails and further attachments.

Cenetric works with our clients to help them understand how to leverage technology to grow their business and run it more efficiently.

Call us for more information today: (913) 210-1950 or email info@cenetric.com

 

5 Best Time Management Apps For Small Business Owners

Time management apps are the solutions that small business owners need to maximize efficiency throughout their day.

Time Management

Small business owners are notorious for being pulled in one thousand directions at once. We wear many hats every day: billing, customer relations, vendor interactions, marketing, and the day to day operations of running a business are just a few of the directions that seek to continually dominate a small business owner’s attention. While this might be enough to overwhelm even the most dedicated of small business owner’s on a particularly busy day, there is a silver lining. Time management apps can help small business owners better prioritize and complete daily tasks.

What Time Management Apps Do Small Business Owners Need To Succeed?
No matter whether you are a seasoned small business owner, or are just starting out on your entrepreneurial journey, the following five time management apps will help you to successfully stay on task throughout the day.

  1. Achieve Flexibility With Asana Asana features a flexible interface that leverages a dashboard to help you prioritize projects, daily tasks, and other business responsibilities. This time management app is particularly useful for growing small businesses who need to coordinate with in-office employees and outsourced teams. One of the app’s best features is its ability to integrate with an extensive list of other apps and services, such as: Evernote, Google Drive, MailChimp, and Slack. With one simple dashboard you can streamline your projects, create cohesive conversations, and better manage an unlimited number of tasks.
  2. Stay On Time With Timely The proof is in the name. Timely combines scheduling, budgets, billing, a calendar, and many other administrative aspects into one convenient app. Through tags you can not only understand how your time is spent throughout the day, but you can optimize your tracking activities to improve your on-time completion of project deliverables. Timely can also connect your calendars from multiple sources, including: Google Calendar, Outlook, and Office365.
  3. Track Your Life Completely With OmniFocus One of the challenges that small business owners often face is a blurring of lines between their personal and professional lives. Fortunately, OmniFocus is the app that you need to succinctly keep track of everything that you do in life. From your weekly grocery shopping list to a detailed digital itinerary of tasks completed, OmniFocus helps you gain insights into what goals you need to set, and most importantly how you can allocate time to achieve them. Avoid blurring lines and missing deadlines with OmniFocus.
  4. Prioritize Effectively With 1-3-5 ListPrioritizing your day has never been easier thanks to 1-3-5 List. Simply put, the app allows you to choose one large task, three medium tasks, and five small tasks to complete on a daily basis. The list can then be customized to best suit your needs for each job. Thanks to this simple app, you can avoid becoming overwhelmed and achieve a sharper focus on what items are must complete tasks.
  5. Avoid Inefficiencies With Rescue Time Rescue Time is the app that literally allows you to rescue your day from inefficiencies. Whether you are spending too much time on individual goals or taking one too many “social media breaks,” Rescue Time will send you weekly reports so that you can have a clear picture of how you are using your time throughout the day.

The moral of the story is clear, with the right time management apps you can once again take control of your time as you discover effective ways to achieve the on-time delivery of each project. For additional insights into the apps and technology solutions that can help you achieve business success, contact Cenetric – Kansas City’s Leading Provider of IT Managed Network Services – at 913.210.1950 or by emailing us at: info@cenetric.com

20 Years of Viruses, Bugs and Computer Scams

Image result for computer virus

There are viruses that can be implanted on a computer in 2017, and lie in wait until a network becomes vulnerable before attacking. Unfortunately, viruses have come a long way from 20 years ago. The term virus was coined early on in computer history, but it’s every bit as relevant today as it was then. Just like biological viruses adapt to Purell and antibiotics, so too have viruses learned to adapt to new security measures.

Brain in 1986

Brain was the first reported computer virus on DOS, and was announced in January of 1986. It spread via floppy disk, and spawned generations of hackers with its ability to move from computer to computer. Brain appeared to be little more than a prank (courtesy of two developers in Pakistan), a joke in which the hackers actually revealed their real location in the text of the virus. Because the virus did little to harm people’s data or machines, it often went entirely unnoticed by users.

The Evolution

Today we refer to viruses as a specific kind of malware, one that can self-replicate and continue its destructive path indefinitely. While Brain may be one of the famous early viruses because it came about when computers were experiencing more ubiquity, self-replicating programs date back to the 1940s. Programs in the early days might slow down processing time, taunt users with cryptic messages, or severely impact performance. Once Brain was no longer a news items, new forms started to pop up. The ones that followed famously infected files from Yale University, destroyed files in Jerusalem, and exploited computers that were known to have buffering vulnerabilities. Viruses could be the product of hackers, or sometimes of legitimate company’s software.

Viruses Today

Viruses have gotten faster and more efficient to make them a force to be feared. They can delete photos, files and entire storage libraries. They’re developed to target Word, Outlook, Windows OS, Mac OS — nothing is safe. They can be designed to affect Facebook or Twitter users, or programmed to steal credit card information straight for the source. Hackers may be out for pure destruction or chaos, or potentially for ransom. The more the average person understands them, the faster hackers create new tricks to get in. Viruses can come in the form of a pop up, an email from a coworker, or a completely undetectable program that waits until the time is right.

Protection for Everyone

The physical world will never provide total safety, and the same holds true for the virtual world. But there are preventative measures you can take to safeguard your company from viruses that go beyond anti-malware and perimeter protections. Security needs to have layers to fend off the intelligent viruses of 2017.

LOGO HD 1920

Cenetric is the trusted choice when it comes to staying ahead of the latest virus developments and can provide you with tips, tricks and news. Contact us at (913) 210-1950 or send us an email at support@cenetric.com for more information.

Women in Technology – Inventors and Innovators

When the topic of technology leaders and pioneers comes up, the first names that come to mind are likely Bill Gates and Steve Jobs. While their contributions are undeniable, they are far from the only names worthy of being celebrated.

International Women's Day

In honor of International Women’s Day, here are ten amazing women who have helped to shape technology as we know it:

  • Susan Kare – Kare’s work with user interfaces helped to bring the first Apple computer to life. Her skills in typography and graphic design are responsible for many aspects of the Mac interface still being used today, including the command icon. She was also behind the Happy Mac icon that greeted users during boot up, and the trash can icon. Her work played an important part in Job’s efforts to make the personal computer more personable.After Job’s was forced out of Apple in the mid-1980s, Kare moved on to Microsoft, where she worked on the Windows 3.0 operating system. She has since done work for Facebook, helping to create some of their “digital gifts”, including the rubber ducky, and was the co-founder and executive director of Glam Media. Today, she owns kare.com, a digital design firm in San Francisco, and sells prints of her designs on kareprints.com.
  • Hedy Lamarr – While best known for her work in film in the 1920s, Hedy Lamarr was so much more than just a pretty face. She helped to invent spread-spectrum technology by coming up with the concept of frequency hopping – sending radio signals from different frequency channels. Along with her co-inventor George Antheil, Lamarr originally intended for the Navy to use this technology to control torpedoes. The randomized channel switching would make it difficult for outsiders to understand their communications, essentially making frequency hopping the first encryption technology.The Navy eventually passed on the technology, which was patented on August 11, 1942. The technology was picked up by engineers at Sylvania Electronic Systems Division in the 1950s, leading to the use of Lamarr’s technology in military communications. Her work helped create modern wireless technologies such as Bluetooth, Wi-Fi, and Code Division Multiple Access (CDMA). Lamarr received long overdue recognition for her work in 1997, when she was honored with the Pioneer Award by the Electronic Frontier Foundation, just a few years before her death in 2000.
  • Grace Hopper – Navy Rear Admiral Grace Hopper is known to many as the Queen of Software, or as Grandma COBOL. Hopper invented some of the earliest English-language programming languages and is most closely associated with Common Business-Oriented Language (COBOL), which was based off of the FLOW-MATIC language she invented in 1958. Hopper thought that if programming was created in a language that was easier for people to understand, there would be more computer programmers. Today, COBOL is still widely used to build new business applications.
  • Ada Lovelace – Lovelace is responsible for authoring the world’s first computer algorithm, despite the fact that computers didn’t yet exist. In 1843, Lovelace worked with Charles Babbage on the Analytical Engine, a never-to-be-realized computer. Lovelace completed a French-to-English translation of the work of Italian mathematician Luigi Menabrea, adding extensive notes of her own, which included her algorithm.Lovelace saw more potential in the Analytical Engine than Babbage did, believing it could be capable of much more complex equations. Lovelace died of uterine cancer in 1852 at the age of 36. Her work went underreported for many years, but today she is celebrated on Ada Lovelace Day each year, and is memorialized by the object-oriented programming language called, of course, Ada.
  • Mary Lou Jepsen – Jepsen co-founded and served as the chief technology officer of MicroDisplay in 1995, working on creating smaller display screens. From there, she went on to run the display division at Intel before leaving to co-found One Laptop Per Child. The goal of this nonprofit organization was to provide children worldwide with affordable, green notebook computers. There, Jepsen produced the XO, one of the lowest-power, lowest-cost notebooks ever made.Jepsen left OLPC in 2008 to start Pixel Qi, leveraging the technological advancements she made with the XO to create more economical end user devices. Current units use 10 times less power consumption for their displays than the XO notebooks, and Jepsen hopes to bring that number down even further. Her end goal is to make use of solar cell technology to eliminate the need for batteries and power adapters in laptops, cell phones, and medical devices.
  • Roberta Williams – Adventure gaming doesn’t enjoy the popularity it once did, but there was a time when PC games like King’s Quest were all any geek could talk about. King’s Quest creator Roberta Williams was a pioneer of the PC gaming industry, founding Sierra On-Line (later to be renamed Sierra Entertainment) with her husband Ken Williams. The pair helped shape the history of video games with their complex puzzles and detailed storylines.Williams retired from game development in 1999, having spent 20 years developing games for the original IBM PCjr, the Tandy 1000, the Amiga, the Apple II and the Sega Master System, to name a few.
  • Radia Pearlman – Pearlman’s work as a network engineer led her to develop the Spanning Tree Protocol (STP), which made it possible to build massive networks using Ethernet by creating a mesh network of layer-2 bridges and then disabling the links that aren’t part of the “tree”. This innovation had a massive impact on network switches, earning Pearlman the nickname of Mother of the Internet.Currently working as an Intel fellow, Pearlman is helping the company to improve their network and security technologies. She recently developed the new TRansparent Interconnection of Lots of Links (TRILL), which sets a new standard for data center connectivity, and could replace STP.
  • Dr. Erna Hoover – We have Hoover to thank for a major reduction in dropped calls and busy signals. Patented in 1971, Hoover developed a telephony switching computer program while working at Bell Laboratories. The program allowed phones to keep functioning under high call volumes, preventing it from hanging up on itself.Now 86 years old, Hoover is retired. She was inducted into the National Inventers Hall of Fame in Akron, Ohio in 2008.
  • Marissa Mayer – Having been one of the very first employees to join Google back in 1999 when the search engine giant was still just a startup, Mayer currently serves as VP of location and location services. She leads project management and engineering for a range of search products, including Google Maps, Local Search, Google Earth, Street View, and Latitude.Mayer’s skills in user interface design and product vision have helped to keep Google at the head of the pack. At 36 years old, Mayer is the youngest member of Google’s executive operating committee, and a vocal advocate for women in technology.
  • Barbara Liskov – Liskov was one of the first women to earn a computer science Ph.D, and is the inventor of CLU, a programming language that helped lay the groundwork for object-oriented programming. She is also responsible for Argus, an extension of CLU that supports distributed programs, and Thor, an object-oriented database system. Her work has had a major influence on modern OOP-based languages and operating systems, such as Mac OS X, Objective-C, Visual Basic.NET and Java.Today, the now 72 year old Professor Liskov continues her research at the Massachusetts Institute of Technology. She received the A.M. Turing Award, the “Nobel Prize of computing” in 2008 from the Association for Computing Machinery. She was inducted into the National Inventors Hall of Fame for her contributions to programming languages and system design in 2012.

Cenetric is proud to be a woman-owned business for over ten years. Our CEO, Brittany Fugate, holds two patents, numerous awards and is a phenomenal Mother, Engineer, Innovator and Entrepreneur. We are honored to work with her and continue to appreciate her strength in leadership!

Ransomware now gives you the power to infect others.

At this point, you should know what Ransomware is. And why is that exactly? Because it’s loud; it’s proud, and it wants to shake the living data out of you and your business.

But just in case you require a recap, Ransomware is an especially ruthless form of malware. It will seep into your device and encrypt all your data. If you want your data back, you’ll have to pay for it. The amount of this payment will differ – dependent upon who you are, what they’ve encrypted, and whether or not they’ve attacked you as an individual or your company as a whole. But the price of your data can run anywhere from $100 to $1 million.

Now, however, malware authors have taken this in another direction. If you don’t feel like paying to have your data decrypted, then you can simply infect someone else.

Detected by the MalwareHunterTeam, this form of Popcorn Time Ransomware gives you two options. You can pay for your data, as per the norm. Or you can infect two other users with the malware. If both users pay for the decryption code, your data will be decrypted for free. This way is otherwise known as “the nasty way.”

While it’s slightly depressing to think about Ransomware ripping its way through friendships, that’s not the only possibility. You don’t exactly have to be friends or even acquaintances with someone to send this malware to them. You might be enemies. You could also be competitors.

Imagine what would happen if one CEO was infected with this form of Ransomware and then sent it off to two other CEOs of rival companies. Things could get real ugly, real fast.

So to avoid all of that not-so-fun stuff, here are a few quick tips to remember:

  1. Keep your system up-to-date – Never allow your browser or software to fall out-of-date. An out-of-date device is more vulnerable because there are larger holes for hackers and malware to slip through.
  2. Don’t download unknown attachments from emails – Phishing has become one of the most widely used point of entries for attackers and malware. When you download a malicious attachment from a phishing email, you may accidentally download Ransomware at the same time.
  3. Back up your data – Always keep your data fully backed up. If your data is backed up, then you don’t need to pay anyone to decrypt your data. Why? Because it’s safely stored offsite.
  4. Don’t click on toogood-to-be-true advertisements – Ransomware can also infect your computer via malicious advertisements on websites. Click on the wrong ad, and you could end up deciding between paying a large sum of money or infecting two poor souls with Ransomware.

No Business Too Small to Be Hacked

Paul Eichen at Rokenbok Education in Solana Beach, Calif. Last year, online attackers encrypted its database, making the data unusable. CreditTara Pixley for The New York Times

Just as the holiday shopping season neared, a toy company, Rokenbok Education, was navigating a nightmare situation: Its database files had been infected by malware.

Online criminals had encrypted company files, making them unusable, and were demanding a hefty ransom to unlock the data. Rokenbok, a California-based company that uses building blocks and even robotics to teach children how to think like engineers, lost thousands of dollars in sales in two days.

Rokenbok’s founder and executive director, Paul Eichen, was already struggling to adapt his seven-employee company to a fast-changing toy world. Even worse, the malware attack was not Rokenbok’s first. The company had been hit earlier with a denial of service attack that shut down the company’s website.

“I sweated that one,” Mr. Eichen said. “Customers’ first impressions are critical.”

Focusing on revenue over protection is far from unusual for small companies like Rokenbok. But it is an increasingly dangerous path, experts say. Limited security budgets, outdated security and lax employees can leave holes that are easily exploited by ever-more-sophisticated digital criminals.

Continue reading the main story

The threat to small businesses is growing, some experts say. Sixty percent of all online attacks in 2014 targeted small and midsize businesses, according to Timothy C. Francis, enterprise leader of cyberinsurance at Travelers.

“Smaller companies are easier to hack,” said Clay Calvert, director of security at MetroStar Systems, a Virginia-based firm. “They don’t have the resources to set up protective barriers.” Big companies, which have the financial resources to upgrade their security, have become less vulnerable.

These days, businesses like Rokenbok are especially susceptible to a type of malware called ransomware, which holds data hostage in return for money. Data is slowly encrypted by criminals until the entire system is locked up. The process can take up to 42 days, Mr. Calvert said.

Rokenbok’s ransomware attack made its database files unusable. But rather than pay the ransom, the company reconstructed its key systems, a process that took four days.

Although figures are hard to come by, experts say these kinds of attacks can be so damaging to revenue and customer expectations that many small businesses are forced to close after an episode like the one Rokenbok experienced.

And increasingly, as in Rokenbok’s case, criminals are going after cash through attacks using ransomware rather than through attacks on credit card data.

“Credit card numbers are harder to monetize,” said Christopher Young, general manager of the Intel Security Group at Intel Corporation. “You have to get the numbers and sell them to someone else before you make money.” Ransomware, he said, is high volume and requires no middleman. Hackers gain entry when employees click on malicious links in emails or download infected material.

Phishing attacks, which use malicious emails to steal data, are also on the rise, security experts added.

Given the increase in such attacks, being unprepared is like playing security roulette, said Robert Siciliano, chief executive of IdTheftSecurity.com.

“If you’re not deploying some level of security, you’ll go under,” he added. “You have to make time for quality control. The worst thing you can do is nothing.”

Mr. Siciliano recommends a security audit as a first step. The audit should take note of potential areas of risk, like customer data or employee access. “How secure — or not — is your system?” he said.

Strengthening security can be inexpensive and simple — something small businesses can do on their own, experts say. It can include updating antivirus software, adding firewalls and strengthening passwords. Or it can mean putting data in the cloud rather than on company servers, which may be more vulnerable. But often, given lean staffing, it makes more sense and can cost less in the long run to hire a firm that specializes in digital security.

Steven Annese, owner of the lighting and home décor company EliteFixtures, knew he needed tighter security as his business soared. So he outsourced security to a web performance and security firm, CloudFlare.

Mr. Annese uses a checklist to make sure security updates are installed. And he logs onto CloudFlare every day to see what threats have been blocked and to review site analytics.

“So far, we’ve never been hacked,” Mr. Annese said. “Security issues don’t keep me up at night.”

Among the simpler precautions small businesses and consumers alike can take is to create strong passwords. That has long been the advice of security experts but many say it is stunning how many people and small businesses fail to heed the advice.

Hackers use big-data analytics to help crack passwords, said Mr. Calvert at MetroStar Systems. “They have databases of passwords,” he said, “and they analyze how we come up with them.”

He recommends using passwords that are 20 characters or longer and that contain a mix of characters. The longer the password, the harder it is to crack. Password managers, which use software to encrypt passwords, are another option, he added.

The 5050 Skatepark, an 8,000-square-foot indoor park on Staten Island for skateboards, BMX bikes and scooters, rejiggered its passwords after being hit with a denial of service attack last fall that made its website unavailable. The skatepark, which generated $100,000 in revenue in 2014, attracts skateboarders from all over the world, said one of its founders, Edward Pollio. Having the website closed down was a blow to revenue, he said.

“The attack caused havoc,” said Mr. Pollio, who still has a day job as a carpenter. “People were asking if we were still in business. Not having a website is like being closed.”

Now, 5050 Skatepark is more strict about its passwords; it follows longstanding recommendations to use different ones for different accounts, like on Instagram and Twitter. And Mr. Pollio, who helped start the business with $50,000 of his own savings, monitors the site every day.

Employee training is also inexpensive, but important. Since most hacking episodes occur when employees click on malicious links or websites, education is the best defense, many security experts said.

Daniel Peebles, information technology manager at Andretti Autosport, the auto racing group based in Indianapolis, tackles education head on. Besides explaining malware and phishing through PowerPoint presentations, he sends emails to employees about the latest threats.

“You must definitely have a will to learn,” said Mr. Peebles, who served in the Army. “Attackers are always finding new methods. So you’ve got to keep up with the pace.”

Tom Gorup, security operations leader at Rook Security in Indianapolis, advised preaching security to employees from the beginning. He advocates offering monetary rewards for identifying security problems. “Become a guerrilla work force,” added Mr. Gorup, who also served in the Army.

Online security tutorials are helpful and free. They can be found on government sites like that of the Small Business Administration, which also has webinars, and the site of the Defense Security Service, part of the Defense Department.

Once security is in place, experts advise hiring ethical hackers, who test a system by hacking into it to spot vulnerabilities. “And they’re less expensive than being hacked,” Mr. Siciliano said.

Fighting the good fight against online criminals should now be part of any company growth strategy, he said.

Mr. Francis at Travelers said, “Once data is compromised, the ball is rolling in terms of cost.” Banks generally are not obligated to repay money taken from an account. And legal bills aimed at recouping that money can quickly pile up.

Worse, the criminals are hard to track down. They typically operate from office complexes in Eastern Europe or Russia. “It’s their business to hack businesses,” Mr. Calvert said.

Rokenbok reported its malware attack to the local police, who said the F.B.I. was more suited to do the investigation. So far, no one has been arrested in connection with the attack.

Original Story: http://www.nytimes.com/2016/01/14/business/smallbusiness/no-business-too-small-to-be-hacked.html?_r=0#story-continues-1

Back to the Basics: Malware 101

banking-malware-network-sniffer

School is officially back in session, which means it’s time for a little education.  And, with cyber security as hot of a topic as it is, let’s rewind just a little and go back to Malware 101: Basic Categories and Proper Defense Tactics.  Even if you consider yourself something of a cyber-security expert, it’s never a bad idea to keep things fresh in your mind.

Trojans

We’ve all heard the story of the infamous Trojan Horse that the Greeks built and used to sneak into the city of Troy.  Under the guise of an offering, the Trojan Horse was a backdoor into Troy and, ultimately, led to a Greek victory.

This is exactly how a computer Trojan works.

They trick you into believing you’re downloading a legitimate application or file but, in reality, you’re actually downloading malware.  Once it’s in, you’ve given hackers, viruses and other malicious malware easy access to your computer.  So, while they can’t replicate like viruses or worms, they’re just as dangerous and obtrusive.

From here, Trojans can view your web history, intercept your passwords, steal login information, remotely control your computer and use you for click fraud.

Worms7487317

Worms are great at finding your vulnerabilities and using them to their advantage.  They spread through various means such as email attachments, social networking sites and software loopholes.

From shutting down your system to drying up your resources, worms self-replicate without the need for a hacker or computer program.  They spread across entire networks quickly and with very little effort and can seriously damage any infected device or PC.

Viruses

This cyber-threat is probably the most well-known of them all.  In fact, most people tend to generalize cyber-threats as viruses; they don’t fully understand the differences between a Virus, Worm or Trojan… or any other malicious malware for that matter.

A virus spreads and self-replicates without the assistance of a hacker (much like a worm) but it needs to attach to a file or program to do so.  Usually, they spread through email attachments or instant messages.  This is where the whole, “Know what you’re opening and who it’s from” comes into play.

A virus can slow down your computer, mess with your operating system or “damage your hardware, software and files.”  The severity, degree and spread of a virus can vary significantly.

Proper Defense Tactics

So, how do you protect yourself and your devices from cyber-threats?  Well, it’s all about not staying cautious and remaining cynical.  Never open up something, click a link or visit a website unless you’re absolutely positive it’s legitimate.  If it seems even a little bit fishy, stay away… stay far away.

Another major element of cyber-security is making sure that your security and software is consistently up-to-date.  Going back to worms, they exploit your vulnerabilities to wiggle their way into your computer.  Vulnerabilities like these arise from forgotten patches, outdated software and poor security implementations.

Protect your network with Cenetric’s remote management solutions. Never worry about patching your PC’s again! Leave it to the experts. Call us today: (913) 210-1950 or email us at info@cenetric.com.

 

 

Cenetric Testimonials

testimonials_banner03

“Our Network has never run as smoothly as when Cenetric took  over our account!” -Rick

“Cenetric’s network monitoring has been a source of great comfort for me. My servers and desktops are monitored and patched every day. I don’t have to worry about security issues or problems that stop my staff from working anymore. As a business owner, this peace of mind has given me back my freedom to manage my business instead.” – Janelle

“Speedy Service is what I like best about Cenetric. Dave is here any time we need something!” – John

“We couldn’t afford to upgrade our server, but it was very old and running poorly. Cenetric’s team brainstormed with us and found a very cost effective alternative. Cenetric has been an essential part of our business for eight years!” – Cindy