System and Technological Security

By Mike Tullis

System security is at the forefront of importance for both businesses and individuals in today’s technological world. Unfortunately, company data in the U.S. is being breached more often, as well as cybercriminals retrieving personal information. This article will give you practical advice to keep your personal information and your company’s information safer.

Although these tips may be helpful to you, please remember this information only scratches the surface and further research could be needed to familiarize yourself with advancing your cybersecurity.

Personal Cybersecurity

Do you know the status of your computer’s health?

• Just like a car, there are many items you need to keep up with to make sure it’s performing at premium level.

Is your computer up to date with the latest Windows operating system and Windows updates?

• Most updates fix security issues, address bugs, and uphold the stability of the operating system.

Are you running the latest app versions?

• This may be an annoyance, but updating apps is important because the newer version usually fixes flaws in the previous version. The updates often close holes where cybercriminals can capture personal information.

Have you updated your anti-virus software?

• Anti-virus software scans, locates and removes unwanted applications and viruses from the computer. These threats can steal sensitive information or destroy valuable data. An antivirus protects the potential loss of valuable information and could prevent identity theft.

Remember to never leave your computer unattended in public areas and keep your passwords in a safe and secure place.

Email Safety: Phish-y Things to Look for

Email is a vulnerable form of communication. Every work environment relies on email for internal and external communication and cybercriminals have figured out this is a good place to start their hunt. Cybercriminals commonly attack through phishing emails, which are fake emails disguised as an entity you trust. Don’t get caught in this net; familiarize yourself with the signs!

• Email comes from an illegitimate sender name and domain
• Email includes compressed attachments
• Email includes impersonalized messages and grammatical errors
• Scare tactics such as, virus or compromised account

There is another type of dangerous email called Spear Phishing, which are usually highly personalized emails and often reference coworkers or friends within the email. These emails seem legitimate, but they include malicious files and dangerous links. If you are unsure if the sender is legitimate, use another form of communication to verify with the co-worker or friend mentioned in the email. Be wary of clicking on unfamiliar links or opening unknown files within the email.

Password Tips

• Do not use the same or similar passwords for multiple accounts
• Include multiple symbols and various letter cases to decrease its hackability
• Change passwords throughout the year
• Invest in password manager: can help with creating and not using the same password as well as maintain in a secure location

Being hacked is sometimes out of your control, but by reviewing and being aware of the measures you can take, you can ensure that you are not as vulnerable for a breach.

You should consider purchasing cybersecurity insurance and check on these before the event of a breach or compromise:

• If so, what is your coverage? Is it in line with the average breach?
• Are you adhering by the policies in the insurance? Finding out after the fact that you haven’t
  been following policies could lead to a dispute over what is covered.

Backups

If your system is breached (virus) the files on your computer or network files can become encrypted which the hacker can then request money (bitcoin) to give you the key to unlock those files. Another option if this occurs is to restore from a good known backup.
Things to know before you come across a ransomware event:

• Do you have a current working backup?
• Do you test a backup job regularly that it performs as expected?
• Do you have an offsite backup?
• How often are your backup jobs running, do they need to be adjusted?

If you have any questions or would like to have a further discussion please contact us at helpdesk@mhcscpa.com or call 515-288-3279.

Mike Tullis | System Administrator
MTullis@MHCScpa.com