Cyber Security Practices We Should All Do- Staying Protected

Cyber security is one of the most talked about subjects in the technology field.
Having your business data secured is crucial, but there are ways to stay protected.
We’re here to help you keep your data protected with these security practices we should all do to ensure cyber security!

Changing Passwords/Password Strength

Password safety cannot be stressed enough! Changing your passwords every 60-90 days will allow your information to stay protected. With that, your cyber security will continue to increase.

Not only will changing your password help, but also make sure it is STRONG. Adding symbols, numbers, and making sure the length is 8 or more characters will help keep the password strong. In the example presented above, pa$$word1a has a stronger password strength than password1 (please don’t use example above for your next password).

Webroot has given some greats tips for creating a new password. Using a phrase and incorporate shortcut codes and acronyms will keep the password strong while being able to remember your favorite phrase or saying. Some examples are 2BorNot2B_ThatIsThe? (To be or not to be, that is the question) or ABT2_uz_AMZ! (About to use Amazon).  Unique passwords are harder to break through than weak and simple passwords (please do not use any examples given above).

When selecting a password, do not use any personal information! Using personal information can lead to hackers knowing the answers to your security questions.

Examples of personal information to not use:
Your name
Age
Date of birth
Child’s name
Pet’s name
Favorite color/song

Don’t Use The Same Password For Everything!

Using the same password for multiple logins will cause a bigger issue than you may think. Having the same password for your banking, company sites, or even for your email will allow hackers to get into multiple accounts rather than just the one they got into.

Having different passwords will increase your cyber security to allow your data to be protected. It seems hard at first, but having that variety will allow not only your companies information to stay safe, but your own personal data will continue to stay protected.

Using A Password Manager

A password manager is program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complicated passwords, storing the passwords in an encrypted database or calculating them on demand.

Having this will alleviate having to write your passwords down on a piece of paper.  Writing your passwords on paper or even putting them on a Word/Google document will create an easier passage for hackers to get into your information.

Updating Your Antivirus

Your antivirus is used to prevent, scan, detect and delete viruses from a computer. But what happens when you don’t update your antivirus?
There are always new viruses developing and keeping your computer clear from them are important. When you don’t update your antivirus, it won’t protect against the newest threats, leading it to believe that it is nothing to worry about. You might not be as protected from cyber security risks as you might think. Even worse, your device could be at risk of the latest threats that your security product is not yet aware of.  Making sure you are updated on the latest software could relieve all stress in not knowing whether or not you are protected from any threats. This will continue to add that extra layer of cyber security you need.

Installing Multi-Factor Authentication

Multi-Factor Authentication is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or other transaction. Having that extra layer of protection will allow your data to be protected while making it difficult for any malicious attacks to happen.

Once you login, you will get a prompt on your phone asking if it is you with the name and address that is trying to login to your account.  When you see the pop-up, you have to click accept or deny.  After you accept that it is you, you will be let in! This is just another layer of cyber security that will help protect your data. DENY any user that is not you logging in!

Phishing Training

Keeping up with your phishing training is IMPORTANT! Malicious attacks are happening within your emails. Clicking on one bad link could lead to a data breach. Knowing how to identify a phishing scam could not only impact your company data, but also your personal information. Phishing training allows you to see simulations of different ways a threat email can come through for you to identify.

Identifying an email could seem harder than you think. Hackers have been able to make it so users think the email is coming from someone reputable within your company. We have broken down the ways to identify phishing emails in our post “Phishing Emails – Ways To Detect and Prevent Attacks,” but having an added layer of security by taking phishing training will decrease your chances of malicious attacks.

For more information or need help getting set up, contact PCS!

Microsoft Issues URGENT Security Warning … Update Your PC Immediately!

Microsoft is urging Windows users to immediately install an update.
Security researchers found a serious vulnerability in the operating system.
We’re here to help you better understand what is going on and how to update your system!

PrintNightmare

The PrintNightmare flaw is a major security risk for enterprises, where print spoolers are used on Windows machines. Microsoft considered it serious enough to rush out a patch last week. The researchers announced in late May that they found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it, but sadly not before it was published elsewhere online.

Microsoft warned that hackers could exploit the vulnerability and be able to install programs, view and delete data or even create new user accounts with full user rights.

Who Is Affected?

Anyone using Windows 10 and earlier are affected! Microsoft urges that everyone using Windows should update their systems IMMEDIATELY.

How To Update Your Windows PC

Updating is simple and fast!

  1. Select the Start button
  2. Select Settings
  3. Update & security
  4. Windows Update

This will help update your computer to the most recent Windows update.  Below is a picture example on how to update your PC.

Microsoft also released a patch for Windows 11. Its newest operating system, due out soon, is currently available to beta testers.

For help on updating your system, contact PCS!

Phishing Emails – Ways To Detect and Prevent Attacks

Phishing has become one of the most common methods of cybercrime. Despite how much we think we know about scam emails, people still frequently fall victim.
We’re here show you how to detect a phishing email.

phishing scams

Message Is Sent From A Public Email Domain/Misspelled Domain

Sometimes, the hacker will try to use the same information as someone higher up in your organization (such as a president or manager) and use the same credentials but different domain. The one part to check specifically is the email domain. If the email is not recognizable, don’t click on anything!

One example is if the email is allegedly from PayPal, but the domain of the link does not include “paypal.com,” that’s a huge giveaway.  Looking at all your sources will help you identify what is legitimate and what is a malicious attack.

Make sure you are checking ALL parts of the email (not just the display name). Many of us don’t ever look at the email address that a message has come from, but rather just look at the display name. Hackers will use that against you by using the real sender’s picture and name that they are trying to impersonate. Looking into the email address that is sending you anything helps with being able to identify if it is legitimate or if it is a phishing email.

Email Is Poorly Written

When it comes to crafting phishing messages, scammers will often use a spellchecker or translation machine. It will give them all the right words but not necessarily in the proper context. Noticing poorly written emails will usually mean that it is coming from an outside source and it’s a spoof.  Keep an eye on poor grammar and spelling errors.

Message Has a Sense of Urgency

Phishing emails have a tendency of not only having grammatical errors, but it seems like they always have a sense of urgency. Hackers know that an email that seems urgent receives a little more attention to others emails that can be thrown into the back burner. Criminals know that we’re likely to drop everything if our superiors email us with a vital request. Taking the time to actually look at the email domain and how the email is typed out, you will see that it is a malicious attack and not anyone within the company.
Knowing the difference will help not only you, but the company itself with avoiding a data breach.

Suspicious Links

Sometimes when phishing emails are sent, you see either a button or a link that is attached. You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email. Unfortunately, when a suspicious link is hidden behind a button, it is hard to determine if it is legitimist or if it is a fraud. Looking at the email address and identifying if it is real will help with determining whether it is legitimate or not.

Ways To Stay Protected

One way to make sure you’re alert and aware of phishing attacks is educating yourself is phishing training. Phishing training will allow you and your employees to detect phishing emails and understanding what to look for. With simulations, you will be able to identify many different ways that a phishing attack can occur and ways to prevent a data breach for your company.

For more information about phishing training, contact PCS!

Cyber Security – It’s Not A Choice Anymore … It’s Necessary!

Malicious attacks have spiked throughout the years and cyber security has been discussed in so many ways.
Throughout the pandemic and employees working from home, companies have been targeted and attacked with many different methods.
Hackers don’t take a day off, so we’re here to help you stay protected.

Malicious Attacks – How Often Do They Happen?


According to Embroker, in 2021 cyber attacks happen every 11 seconds. That has increased through time, but it will continue to rise through time. It was said that in  2020, 155.8 million individuals were affected by data exposures …

Impact and Severity of Cyber Attacks

Cyber attacks can impact businesses and organizations in many ways – from minor disruptions to financial losses. Every consequence leads has some form of cost. Malicious attacks can impact your business weeks, if not months later.

Your business may suffer in these areas:
Financial losses
Loss of productivity
Reputation damage
Legal liability
Business continuity problems

Costs of Cybercrime

According to the FBI, the cost of cybercrime in the US was $3.5 billion in 2019, as stated by Colbalt. The cost could be much higher if it remains unnoticed. In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach (IBM). Statistics show that cyberattacks projected to hit $6 trillion in annual loss in 2021, which has doubled since 2015. (Cybersecurity Ventures).
Cybercrimes can cost enough to shut down small businesses if it remains unnoticeable or the malicious attacks are not safely resolved.  The average ransom demand is over $100,000, which continues to grow over time. Over a third of all companies attacked with a ransomware attack, end up paying that price, resulting, on average, in a 16-day downtime for the attacked firm. The percentage and increase of cost continues to rise through the years as hackers continue to learn and grow.

How To Prevent Malicious Attacks

Here at PCS, we help you with all your cyber security needs. With Managed Endpoint Protection/Next Generation Antivirus, Advanced E-mail Security/Phishing Training, and Multi-factor Authentication, it would be a challenge for malicious attacks to happen.

For more information or to make sure your company is protected, contact PCS!

Data Loss – What Is It and What Can You Do To Stop It

Data Loss
What exactly is it?
How can you avoid it?
We’re here to go over everything you need to know about preventing data loss to help keep your information safe!

What Is Data Loss?

Data loss is exactly what you think it is. Whether your information/back-ups are accidentally or maliciously deleted from your system, important data is lost. This might happen when a malicious internal user gains inappropriate administrator privileges, or when an external party seeking to do damage to your company’s reputation hacks into your system. It could be thanks to poorly configured backup jobs or other settings. In addition to these human causes, hardware failure or theft can also account for data loss.

What Can You Do To Protect Your Data?

iland is a cloud service provider of secure and compliant hosting for Backup as a Service (BaaS).  iland’s Insider Protection, guards you against straightforward deletion of all backups and even more sophisticated attacks. The service will assure that a copy of your backup is always available!

Internal or External Threat Protection

Insider Protection enables you to recover a full backup of deleted data! Instead of deleting your backup files, hackers may choose to corrupt or encrypt your backups. This would replace any recovery points you may have causing you to instead use damaged backups. With Insider Protection you will have access to backups that the attackers did not, giving you the confidence you need during a disaster recovery event.

How It Works and How To Recover

With iland Insider Protection, backup files that were deleted maliciously or accidentally are kept in an air-gapped directory. This directory will only be accessible to iland technicians! Backup files that were deleted will remain in this isolated folder for seven days and can be saved to be transferred back to you once you are ready to restore data. Your files will not go away until after seven days of isolated storage.

If you fall victim to a breach like a ransomware infection, the data protected by iland would be untouchable and could be trusted to restore critical data after an attack, easing your mind and reducing your downtime.

 

Contact your PCS Account Representative today
to add this increased security to your current iland cloud storage!

Data Breach – How Can It Happen And Ways To Avoid It!

It seems like recently, we have been hearing a lot more about how businesses have experienced data breaches.  But how did the hackers get into their systems?
We’re here to tell you different ways that hackers can get into your companies information and how to prevent it!

1. Weak and Stolen Credentials (Passwords)

Weak passwords are the easiest way for malicious attacks to happen to your company. They allow hackers to ease their way into your system faster than you could imagine. Having strong and secure passwords that change every 60-90 days will greatly decrease the chances of these attacks.

Password Managers can help store, generate, and manage your passwords for local applications and online services. They assist in generating and retrieving complicated passwords, storing the passwords in an encrypted database, or calculating them on demand.

2. Phishing Scams

Email has been used more for business throughout the years. Hackers have found a way to gain access into your information by creating email that impersonates those that you would receive every day, perhaps even from company executives. Phishing emails are scams that target a specific person/company. Having email security will help identify threats to make sure you keep your companies’ information safe. Identifying email threats will also help to keep your personal information and accounts from being hacked. Knowing what types of email are threats can make a big difference to you and your company!

3. No VPN/Secured Wi-Fi

Not using a VPN service, or logging into an unsecured network can allow hackers to gain access to your business data! Allowing your data to travel through an unsecured network gives access to someone who is using the same network, or even a hacker who is trying to gain access to information you were retrieving on your devices. Once you connect to an unsecured Wi-Fi network, your information is vulnerable. Make sure to use your VPN service, or log into a secured Wi-Fi when trying to access important information. These steps create an extra layer of security, helping to avoid malicious activity, and making it more difficult for your data to get into the wrong person’s hands.

4. Running Updating Operating Systems/Applications

If you’re still running Windows 7 or haven’t updated your applications … STOP HERE AND READ!! Using outdated software and applications can lead to system vulnerability. Microsoft confirmed that Windows 7 will no longer be supported for security updates or technical assistance. If you’re running an outdated operating system, you’ll open your company up to known hacks, malware, viruses and other potential future security flaws.
For example, any Google Chrome versions prior to 91.0.4472.114 may have vulnerabilities that allow attackers to execute arbitrary code in your browser. Having an outdated application or web browser could lead to malicious attacks within your systems, targeting all the information that hackers want to get their hands on. An attacker could view, change, or even delete data if they have the access to do so.
Try to keep track of everything and make sure you install all your software updates as new ones come out. It will help reduce system vulnerabilities and from being a target of a data breach!

Malicious attacks can be avoided if you take the proper steps. A VPN Service, Email Security, Password Manager, Multi-Factor Authentication, and up-to-date software will help keep your system protected and secure!

Want to make sure you’re protected and taking the right steps? Contact PCS for all your cyber security needs!

How Important Is Having A VPN Service?

The term “VPN” gets thrown around more often than others when it comes to your access.  Whether it be for business or personal, being told to have a VPN has always been standard protocol on our systems.  But what exactly is it? Where can we use it? What happens if you don’t have it?
We’re here to tell you what you need to know and how it works!

What Is A VPN?

VPN stands for Virtual Private Network. It gives you online privacy and anonymity by creating a private network from a public internet connection.  They mask your IP (internet protocol) address so your online actions are virtually untraceable. Virtual Private Networks  also secure connections to provide greater privacy than even a secured Wi-Fi hotspot.

Why Do You Need A VPN Service?

Having a VPN service is not only important for business settings, but you can also get it for your personal devices!  When you’re on the internet, especially on an unsecured Wi-Fi network, you could be exposing your private information and browsing history.

Imagine yourself being at an airport or even a coffee shop where there is no secured service.  You are browsing through your emails and even working on a big project for work that is due in a few days.  The amount of clicking you do and what is being put into the unsecured network could potentially get into  by a stranger using the same network. Unless it’s a secured network that allows you to put in a password when trying to connect, your information is vulnerable.

Having the ability to not worry about someone else getting into your information is one way to keep your data and your companies data secured.   Especially when most companies are working remotely, you don’t want to have that thought in the back of your mind whether or not someone can access your companies information.

How Does A VPN Protect Your IP Address And Privacy

The VPN essentially creates a data tunnel between your local network and an exit node in another location.  It makes it seem like you’re miles away in another place when really you are home! Having that luxury allows your location to stay private, while also keeping data and information private.  Think of it like a sturdy tunnel that no one can get into.
Virtual Private Networks use encryption to scramble data when it’s sent over a Wi-Fi network and encryption makes the data unreadable.

Without a VPN, your internet service provider can know your entire browsing history. With a VPN, your search history is hidden. That’s because your web activity will be associated with the VPN server’s IP address, not your own.

What A VPN Can Hide

  • Browsing history
  •  IP address and location
  •  Location for streaming
  • Devices
  • Web activity

Where Can You Use Your VPN?

The answer? Anywhere! Once you have it, you can use it to be able to keep your data secured. While traveling, at home, in the office, and even while enjoying a cup of coffee at your nearest coffee shop.  Having the VPN on your laptop, tablet, iPad, and even any phone device will help make sure your information is protected.

Need help with keeping you and your company safe? Contact PCS!

Why It’s Dangerous To Answer “Fun” Questions On Social Media!

DON’T CLICK ON ANYTHING YOU DON’T KNOW ON SOCIAL MEDIA!

Facebook has been one of the most guilty social media sites to lead hackers into finding out security questions.  Having access to these answers can lead hackers to obtaining information, such as bank accounts and important data within your systems.
We’re here to help you understand why answering questions and clicking links can actually put your data at risk!

“Did You Know” Questions

Facebook has these questions that are supposed to be fun for everyone to get to know each other. One thing that can lead to it though is getting information within the answers to be able to answer security questions.  Answering about your first dog, where you were born, or anything with personal information will lead to figuring out security questions for bank accounts, credit card information, and even billing information!  They seem to be fun when you first answer them, but when the wrong person gets their hands on that kind of information, it can lead to more severe accounts that can be compromised and information being stolen.
The posts that ask what was your first grade teacher, who was your childhood best friend, your first car, the place you [were] born, your favorite place, your first pet, where did you go on your first flight … Those are the same questions asked when setting up accounts as security questions. You are giving out the answers to your security questions without realizing it! Hackers can use these questions to build a profile and hack into your accounts or open lines of credit

Facebook Quizzes

“At What Age Will I Be Married?”
“Can We Guess Your Age?”
“What Character Are You From The Simpsons?”
These kinds of questions will get you to click on them for curiosity, but it can actually be dangerous to click on those links! Readers Digest confirmed Facebook quizzes may lead you to a website with dangerous downloads, or have malicious links and possible viruses included in the questions. In 2019, CNN reported how this practice were used in a scandal. Ukrainian hackers used Facebook quizzes to install malicious browser extensions.  Better Business Bureau issued an alert just this past year advising against taking Facebook quizzes.  Protect yourself and your information by only clicking links that you are familiar with and trust!  just say no to online personality tests or any seemingly innocent game that asks questions. All those clicks and taps give away your information!

Social Media Personality Quizzes

Having any sort of personality quiz needs to be done through a reputable source.  Seeing them on social media should be the red flag that makes you stay away from them!
Posting personal information on social media is never the best option, but having it posted on a website that you can share on social media can cause hackers to retrieve information that you didn’t want to be accessed.  This goes on to explaining security questions.  Hackers will try to use different forms of quizzes to retrieve information.  Asking how old you are, D.O.B., your full name, where you were born, and everything in between will give someone access to your most personal information.

Using all the sources, social media is one of the easiest ways for an attack to happen.  Once you give someone all the information they need, they will go ahead and use it for their own malicious attacks.

Always make sure you’re keeping safe, use Multi-Factor Authentication for your sites (social media has it), and don’t click on links that you’re not familiar with!

Need help with keeping your information safe? Call PCS!

Amazon Sidewalk And What This Means For Your Connection

Amazon Sidewalk … How Does It Work And What Does This Mean For Your Connection

Starting June 8, Amazon’s smart devices will automatically be linked together all across the U.S. as a part of their Amazon Sidewalk network.
We’re here to tell you what happens when it launches and what this means for you and your internet connection at home.

What Is Amazon Sidewalk

Sidewalk is a shared network that is supposed to help their devices work even when you personally do not have internet connection in your home.  Amazon Sidewalk connects with your neighbors connection so that way their products are still able to work even when you or your neighbors have weak or no connection.  The goal is to create a low bandwidth network bridging all devices so that users can reboot malfunctioning equipment and even locate missing objects outside of the house.
However, Amazon Sidewalk runs off of device owners’ personal Wi-Fi which posts some security concerns.
Operated by Amazon at no charge to customers.

What Devices Support Sidewalk

  • Ring Floodlight Cam (2019)
  • Ring Spotlight Cam Wired (2019)
  • Ring Spotlight Cam Mount (2019)
  • Echo (3rd gen and newer)
  • Echo Dot (3rd gen and newer)
  • Echo Dot for Kids (3rd gen and newer)
  • Echo Dot with Clock (3rd gen and newer)
  • Echo Plus (all generations)
  • Echo Show (all models and generations)
  • Echo Spot
  • Echo Studio
  • Echo Input
  • Echo Flex
  • Tile. Bluetooth tracker owners can use to keep tabs on their keys, wallet or other important items

Benefits And Concerns About Amazon Sidewalk

This seems to be ideal for users who want their Ring or Echo to continuously work even when their Wi-Fi is down.  Having the capability to still use your phone while seeing your cameras and/or Echo to still play music can help in multiple ways when your Wi-Fi connection is weak … But do you ever think how strange it is that you are using your neighbors connection to be able to make your devices work?
Take your Echo for example.  Sometimes your light on it will show red or even yellow when your connection is weak or does not work.  Instead of not having the device working, your device instead takes the connection from your neighbor to be able to allow the Echo to function normally … It’s like nothing ever happened, except that you are basically taking someone’s connection from their home to run your devices.  Strange to think about, isn’t it?  Your completely throwing out the idea of keeping your connection protected by sharing your connection with other Amazon users.

So, the benefit for this is that your Amazon Devices will continue to work, but the concerns are whether or not your internet connection is actually secured since you’re sharing your connection with other Amazon users.  The biggest issue is thinking if hackers will find ways to get into your accounts due to this.

Ways You Can Opt Out Of Sidewalk

Using The Alexa App

  • In your Amazon Alexa app, select the “More” icon at the lower right hand corner of the screen
  • Go to “Settings” > “Account Setting” > “Amazon Sidewalk.” (Just a note: if you’re not connected to any Echo or Ring devices, you will probably not see this option.)
  • Use the toggle to disable Sidewalk

Using The Ring App

  • In your Ring app, go into your Control Center by tapping the the three-lined icon in the upper left-hand corner of the screen
  • Select “Sidewalk” and use the slide button to opt out
  • You’ll be ask to confirm your opt-out. You can opt back in the same way.

You’re not stuck using Amazon Sidewalk if you don’t want to!