How to Improve your Email Security

How to Improve your Email Security

by | Dec 19, 2020 | Managed IT

 

As we look to the new year, cybersecurity is an ever-present issue of vital importance. In this article, we will focus on securing your business e-mail, as no business is removed from the threat to this critical communication tool.

Email is still the first entrance for hackers, and while you may have taken steps to secure your account, advancements in malware demand consistent upgrades. Below we share everything you need to know to keep your email under lock and key in the year ahead.

  1. Shift to a More Secure Email Provider

Move to an email provider that uses real-time protection against advanced threats. Subscribers to Microsoft 365 and Outlook relish this feature. If you already use Microsoft 365 applications and Outlook, you may worry about other vulnerabilities. The reality is that most companies are not investing enough time and leveraging advanced security settings to better protect their business email(s). Employing features like password protection, maximum password age (30-90 days) and complexity for email access, while adding a list of trusted devices to your companies Microsoft account(s) are of the utmost importance to ensure your email has the most security measures in place.

  1. Protect your Computer System

Computer viruses like Spidey Bot, Ransomware and Astaroth Trojan are well known viruses today in the corporate world. There are ways to prevent these malicious viruses from infecting your hardware. Here are a few in-office and remote steps to protect your email from these attacks.

  • Install a premium antivirus and firewall
  • Perform hardware and software updates consistently
  • Choose a safe email provider and tool (i.e., Microsoft 365)
  • Establish Multi-Factor Authentication
  • Back up your data to the cloud
  1. Incorporate Multi-Factor Authentication

Multi-Factor Authentication protects company hardware once it falls into the wrong hands. When your organization’s devices are protected by Multi-Factor Authentication or Two-Factor Authentication, your company is exposed to less risk if a laptop is lost, stolen, or handled without permission. Required passwords, or other unique features like facial scans and fingerprint authorization ensures that your email and the information it contains cannot be accessed.

  1. Conclusion

The best thing you can do for your organization to protect your email system from advanced threats is to have an IT support firm assess your current security measures. Contact Toos Technical Solutions today to schedule an assessment and discuss how we can support your company in solving technical issues.

 

 

Stay in the Loop!

Computer Security Tips

Computer Security Tips

by | Dec 12, 2020 | Managed IT

Computer security in business settings is not only an element of cybersecurity, but also directly involved with hardware vulnerabilities and installed software. Cybercriminals often target employee desktops, mobile devices, and laptops injecting malicious to access an entire organizational network. Toos Technical Solutions is here to share how you can protect your employee hardware from threats to your IT systems. 

  1. Antivirus & Firewall

You have antivirus software installed on your personal or company computer, right? You should, but while the free antivirus version may save money it does not protect against the most current security patches. To protect your data, a better alternative is to invest in a premium antivirus subscription that offers protection against malware and spyware. Also, make sure that each of your personal and company computers have the system firewalls turned on. 

  1. Consistent Updates

Never think about postponing software and operating system updates ever again. Put together a policy that produces mandatory updates for all desktops, tablets, smartphones, and laptops, whether it be on-site or remotely.  Updates are not simply performance-based, as they will deliver security patches to freshly exposed vulnerabilities. Even waiting many hours to perform an update will open your company up to risks, therefore it is important to check the box on automatic updates for all operational systems and software. The IT team can then verify.  

  1. Set-Up A Multi-Factor Authentication System

Any company laptop, tablet, or smartphone that sits unattended in a workplace, home or vehicle is prone to cyber threats. With a Multi-Factor Authentication System, the hardware protection will block malicious access. Multi-Factor Authentication (MFA) needs more than one recognized factor for authentication, and it should be provided before a user is granted access to any device. This factor usually includes a password with another unique individual feature included such as a fingerprint or facial scan. A common example is Apple Face ID, a Multi-Factor Authentication system that many workers, staff members, and companies are familiar with. Through the Multi-Factor Authentication (MFA) set-up, all company computers that even if hardware is stolen or lost, no one outside the organization will be able to access company information.

  1. Use Better Productivity Software

Hackers commonly gain access to computers through software-as-a-service (SaaS) products, something a business can use to boost productivity. Therefore, it is important that businesses choose secure SaaS and ensure the IT team has verified that all security features are in use.  

Let us review Microsoft Office 365 as an example. This, subscription-based application offers higher protection than the Microsoft Office package your organization could be relying upon. Not only does Microsoft Office 365 provide an additional productivity solution, but it also carries high class security features that defend the company computers’ entire network. 

Conclusion 

Despite following the above solutions, there is a chance your computer could still be compromised. Thus, it is equally important to ensure that all your computer data is backed up. Toos Technical Solutions offers safe, secure, and innovative solutions to protect your computer and data while improving efficiency. At Toos, we work with you to meet current requirements and future needs.  

Check out our blog on Cloud Computing and feel free to contact us anytime to speak with one of our IT experts or to discuss your options.  

 

Stay in the Loop!

Cyber Hygiene at Home

Cyber Hygiene at Home

by | Dec 5, 2020 | Managed IT

Personal hygiene, we all have some sort of daily routine. Think of cyber hygiene similarly, read more about developing your own cyber hygiene routine for today’s digitally connected world.

What is it?

Cyber hygiene refers to best practices and activities that a computer user will underrate to boost their cybersecurity when partaking in common online activities, like browsing the internet, emailing, or texting.

With entire families currently sharing home networks for school, work and private use, there has never been a better time to share the important of cybersecurity practices with your household.

This quick guide made by Toos can assist you in discussing cyber safety with your families and co-workers.

Grade-schooler:

When it comes to online danger, children aged 5 to 11 years old can be easier to protect. Not only are their online experiences less freelance than older age groups, there also are a great deal of excellent parental guidance apps that can help protect them. However, no app is perfect. As many of us know, inappropriate content can appear unexpectedly even with the most effective parental controls. The best defense is providing your children with knowledge.

Cyber hygiene for ages 5-11:

  • Limiting their screen time and inspiring play that does not involve screens.
  • Giving them their 1st lesson on what is and is not true regarding news.
  • Asking them to inform you once they come upon a negative experience online, whether it is a picture or someone reaching out to them.
  • Explaining to them that there are some components of the internet that may be harmful to them and even us adults.
  • Telling them that not everybody they meet online is a friend.

Teen:

Many kids between the ages of 12 and 17 get their first smartphone. The independence and freedom that comes with having the device makes observing their online activity difficult, as a parent or older sibling. However, it additionally provides a superb chance to show them the way to be accountable within the digitally connected age.

Cyber hygiene for ages 12-17:

  • The importance of balancing screen time with physical activities.
  • Notifying an adult or family member if you are being contacted by a stranger online.
  • Cyber criminals search for sensitive information like your address or the name of your school
  • Location apps like Apple Find My Friend or Google Trusted Contact are important to have, they provide an invisible layer of protection and let your family know where their kids are at all times

Young Adult:

This age group is the most complicated for parents (18-21) within the digitally connected world, and the stakes are bigger than with younger kids. The older kids get, the more they need their freedom. Giving them independence, both physically and digitally, while trying to keep them safe becomes very difficult. Talking about the digital world with your kids now becomes a lot more difficult because the conversations are more serious than ever before.

Cyber hygiene for ages 18-21:

  • Whatever they post online may stay online forever
  • Cybercrimes needs to be a more serious conversation within the household now (bring up examples and scenarios to prepare them for any situation)
  • Cyberbreach and the vulnerability needs to also be a conversation as they are in adulthood

Conclusion:

With so many people at home working and studying remotely, many have questions on the safety of their home internet networks. If you have any concerns regarding your home network or any other cybersecurity related questions, be sure to reach out and speak with our IT experts.

For more information regarding cybersecurity, check out our blog on Cybersecurity: Phishing Scams.

Stay in the Loop!

Cybersecurity: Phishing Scams

Cybersecurity: Phishing Scams

by | Sep 30, 2020 | Managed IT

Our post last week discussed cyber-attacks and the dangers to SME’s. We specifically stressed the importance of adequate training since in its absence employees may inadvertently compromise their organization’s security systems. This week’s post builds on this idea through a discussion on phishing attacks.

Phishing attacks attempt to steal sensitive information and data through emails, websites, school text messages and other forms of electronic communication. Attackers socially engineer reliable applications to deceive the unsuspecting, appearing to look legitimate.

Cybercriminals usually attempt to steal usernames, passwords, credit card information, bank account details and other credentials. They use stolen information for malicious purposes, such as hacking, identity theft, and fraud.

If you feel you have been a victim of a phishing attack:

  1. Contact your IT admin if you are on a work computer.
  2. Change all password’s associated with the accounts.
  3. Report any fraudulent activity to your bank and credit card companies.

How phishing works

Phishing attacks are scams that attempt to use social engineering to bait or lure individuals to divulge sensitive information.

A simple but sophisticated tactic is the use of pdf’s through deceitful email scams. This socially engineered scam sends an email with a pdf attachment, password protected for your safety, from real companies and the only way to enter and see the contents of the document are to re-enter your email credentials. This gives the attacker your email credentials thereby risking access to other personal information.

Phishing trends and techniques

 

Payment/Delivery Scam

This describes when a person is asked to provide their credit card details or other pertinent personal data for the purposes of updating their information with commonly known vendors or suppliers. This is especially troubling since these scams target well-known companies with a higher likelihood of familiarity. A person’s prior knowledge of the company lures them into a false sense of security. Generally speaking, a person will likely have done business with the specific company in the past. However, most are not aware of any recent purchases. Information updates are normally requested so that a person can steal your personal information. It is critical to be aware of these scams and to stay vigilante.

Tax-themed phishing scams

A common CRA phishing scam is receiving an urgent electronic mail letter indicating that you owe money to the CRA. These emails often threaten legal action if you do not access the site in a timely manner and pay the identified balance owed on your taxes. Upon accessing the site, attackers steal personal credit card and banking information in addition to receiving the requested sum. These emails use legitimate governing bodies and regulatory institutions to evoke fear, this unfortunately works all too often as persons are compelled to rectify any apparent concerns with CRA regardless of their legitimacy.

Downloads

This describes when an attacker sends a fraudulent email urging a person to open or download a document that requires their email credentials for access. 

How to protect against phishing attacks

These kinds of attacks are designed to take advantage of a user’s possible lapse in decision-making. Whether it is personal information through email or unknown websites, or over the phone.

Software solutions for organizations

  • Microsoft Edge and Windows Defender Application Guard offer protection from the increasing threat of targeted attacks. If a browsed website is deemed untrusted, it will isolate that device from the rest of your network’s electronic net, preventing access to your company’s data.
  • Microsoft Exchange Online Protection (EOP) offers business-class reliability and protection security against spam and malware, while maintaining access to email during and after emergencies. It can control different m filtering, such as bulk mail controls and international spam, that will further enhance your protection services.
  • Office 365 Advanced Threat Protection (ATP) helps protect your email, files, and online storage against malware. It offers full protection in Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive for Business. It protects against unsafe attachments and provides additional protection against malicious links.

Other Types of Email Attacks

This post is focused on phishing attacks and the personal and professional difficulties that may arise from these incidents. It is important to note, that phishing attacks represent a single category of cyber-attacks. Future post will further explore other types of cyber-attacks like email spam and viruses.

Stay in the Loop!

Why is Cybersecurity so important?

Why is Cybersecurity so important?

by | Sep 23, 2020 | Managed IT

 

Information security is a key priority for all business types and sizes as a form of risk management for IT-based services and corporate data. In todays connected world businesses are more vulnerable to cyber attacks then ever before. The use of technology has provided many benefits and advantages to everyday business operations, but without the appropriate protection and security implemented, that same technology can be used by cyber criminals.

What is cybersecurity?

Cybersecurity is the practice of securing devices, networks, systems and any other digital infrastructure from unwanted attacks. The best strategy is a layered approach, similar to any good defense.

Prepare your team

The most common cause of data breaches are employees. Your team can become your greatest security risk without proper training. Employee’s often display risky internet behavior that result in cyberattacks because of the lack of awareness around cybersecurity efforts.

Small business owners should educate employees on all risk management practices including IT. Luckily, businesses can bring in specialists to detect the issue and teach employees about potential cyber threats before it impacts the business.

Perform an analysis on your security infrastructure early and often

A risk analysis would help your business identify, manage, and secure information that could be vulnerable to a cyber-attack. Additionally, a risk analysis can help construct a plan for security controls, which can help further protect your company. Identifying and working to prevent security threats early on will save your business money and reputational damage overall. Risk assessments should be a focus of your organization to understand where you may be vulnerable to security threats.

More importantly businesses must have a framework for how they deal with both attempted and successful cyber attacks.

Security by Design

A layered cybersecurity process is the best way to thwart any cyber attack spread across your entire infrastructure. A blend use of firewalls, DNS filtering, malware protection, antivirus software, and email security solutions. Implementing security features at all points is needed more now then ever before.

Final Thoughts

The cyber security landscape is evolving, and threats get more advanced every day. To protect your business, it is vital that all your employees make cyber security a top priority.

 

Stay in the loop!