Cyber Security Practices We Should All Do- Staying Protected

Cyber security is one of the most talked about subjects in the technology field.
Having your business data secured is crucial, but there are ways to stay protected.
We’re here to help you keep your data protected with these security practices we should all do to ensure cyber security!

Changing Passwords/Password Strength

Password safety cannot be stressed enough! Changing your passwords every 60-90 days will allow your information to stay protected. With that, your cyber security will continue to increase.

Not only will changing your password help, but also make sure it is STRONG. Adding symbols, numbers, and making sure the length is 8 or more characters will help keep the password strong. In the example presented above, pa$$word1a has a stronger password strength than password1 (please don’t use example above for your next password).

Webroot has given some greats tips for creating a new password. Using a phrase and incorporate shortcut codes and acronyms will keep the password strong while being able to remember your favorite phrase or saying. Some examples are 2BorNot2B_ThatIsThe? (To be or not to be, that is the question) or ABT2_uz_AMZ! (About to use Amazon).  Unique passwords are harder to break through than weak and simple passwords (please do not use any examples given above).

When selecting a password, do not use any personal information! Using personal information can lead to hackers knowing the answers to your security questions.

Examples of personal information to not use:
Your name
Age
Date of birth
Child’s name
Pet’s name
Favorite color/song

Don’t Use The Same Password For Everything!

Using the same password for multiple logins will cause a bigger issue than you may think. Having the same password for your banking, company sites, or even for your email will allow hackers to get into multiple accounts rather than just the one they got into.

Having different passwords will increase your cyber security to allow your data to be protected. It seems hard at first, but having that variety will allow not only your companies information to stay safe, but your own personal data will continue to stay protected.

Using A Password Manager

A password manager is program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complicated passwords, storing the passwords in an encrypted database or calculating them on demand.

Having this will alleviate having to write your passwords down on a piece of paper.  Writing your passwords on paper or even putting them on a Word/Google document will create an easier passage for hackers to get into your information.

Updating Your Antivirus

Your antivirus is used to prevent, scan, detect and delete viruses from a computer. But what happens when you don’t update your antivirus?
There are always new viruses developing and keeping your computer clear from them are important. When you don’t update your antivirus, it won’t protect against the newest threats, leading it to believe that it is nothing to worry about. You might not be as protected from cyber security risks as you might think. Even worse, your device could be at risk of the latest threats that your security product is not yet aware of.  Making sure you are updated on the latest software could relieve all stress in not knowing whether or not you are protected from any threats. This will continue to add that extra layer of cyber security you need.

Installing Multi-Factor Authentication

Multi-Factor Authentication is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or other transaction. Having that extra layer of protection will allow your data to be protected while making it difficult for any malicious attacks to happen.

Once you login, you will get a prompt on your phone asking if it is you with the name and address that is trying to login to your account.  When you see the pop-up, you have to click accept or deny.  After you accept that it is you, you will be let in! This is just another layer of cyber security that will help protect your data. DENY any user that is not you logging in!

Phishing Training

Keeping up with your phishing training is IMPORTANT! Malicious attacks are happening within your emails. Clicking on one bad link could lead to a data breach. Knowing how to identify a phishing scam could not only impact your company data, but also your personal information. Phishing training allows you to see simulations of different ways a threat email can come through for you to identify.

Identifying an email could seem harder than you think. Hackers have been able to make it so users think the email is coming from someone reputable within your company. We have broken down the ways to identify phishing emails in our post “Phishing Emails – Ways To Detect and Prevent Attacks,” but having an added layer of security by taking phishing training will decrease your chances of malicious attacks.

For more information or need help getting set up, contact PCS!

Phishing Emails – Ways To Detect and Prevent Attacks

Phishing has become one of the most common methods of cybercrime. Despite how much we think we know about scam emails, people still frequently fall victim.
We’re here show you how to detect a phishing email.

phishing scams

Message Is Sent From A Public Email Domain/Misspelled Domain

Sometimes, the hacker will try to use the same information as someone higher up in your organization (such as a president or manager) and use the same credentials but different domain. The one part to check specifically is the email domain. If the email is not recognizable, don’t click on anything!

One example is if the email is allegedly from PayPal, but the domain of the link does not include “paypal.com,” that’s a huge giveaway.  Looking at all your sources will help you identify what is legitimate and what is a malicious attack.

Make sure you are checking ALL parts of the email (not just the display name). Many of us don’t ever look at the email address that a message has come from, but rather just look at the display name. Hackers will use that against you by using the real sender’s picture and name that they are trying to impersonate. Looking into the email address that is sending you anything helps with being able to identify if it is legitimate or if it is a phishing email.

Email Is Poorly Written

When it comes to crafting phishing messages, scammers will often use a spellchecker or translation machine. It will give them all the right words but not necessarily in the proper context. Noticing poorly written emails will usually mean that it is coming from an outside source and it’s a spoof.  Keep an eye on poor grammar and spelling errors.

Message Has a Sense of Urgency

Phishing emails have a tendency of not only having grammatical errors, but it seems like they always have a sense of urgency. Hackers know that an email that seems urgent receives a little more attention to others emails that can be thrown into the back burner. Criminals know that we’re likely to drop everything if our superiors email us with a vital request. Taking the time to actually look at the email domain and how the email is typed out, you will see that it is a malicious attack and not anyone within the company.
Knowing the difference will help not only you, but the company itself with avoiding a data breach.

Suspicious Links

Sometimes when phishing emails are sent, you see either a button or a link that is attached. You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email. Unfortunately, when a suspicious link is hidden behind a button, it is hard to determine if it is legitimist or if it is a fraud. Looking at the email address and identifying if it is real will help with determining whether it is legitimate or not.

Ways To Stay Protected

One way to make sure you’re alert and aware of phishing attacks is educating yourself is phishing training. Phishing training will allow you and your employees to detect phishing emails and understanding what to look for. With simulations, you will be able to identify many different ways that a phishing attack can occur and ways to prevent a data breach for your company.

For more information about phishing training, contact PCS!

Amazon Sidewalk And What This Means For Your Connection

Amazon Sidewalk … How Does It Work And What Does This Mean For Your Connection

Starting June 8, Amazon’s smart devices will automatically be linked together all across the U.S. as a part of their Amazon Sidewalk network.
We’re here to tell you what happens when it launches and what this means for you and your internet connection at home.

What Is Amazon Sidewalk

Sidewalk is a shared network that is supposed to help their devices work even when you personally do not have internet connection in your home.  Amazon Sidewalk connects with your neighbors connection so that way their products are still able to work even when you or your neighbors have weak or no connection.  The goal is to create a low bandwidth network bridging all devices so that users can reboot malfunctioning equipment and even locate missing objects outside of the house.
However, Amazon Sidewalk runs off of device owners’ personal Wi-Fi which posts some security concerns.
Operated by Amazon at no charge to customers.

What Devices Support Sidewalk

  • Ring Floodlight Cam (2019)
  • Ring Spotlight Cam Wired (2019)
  • Ring Spotlight Cam Mount (2019)
  • Echo (3rd gen and newer)
  • Echo Dot (3rd gen and newer)
  • Echo Dot for Kids (3rd gen and newer)
  • Echo Dot with Clock (3rd gen and newer)
  • Echo Plus (all generations)
  • Echo Show (all models and generations)
  • Echo Spot
  • Echo Studio
  • Echo Input
  • Echo Flex
  • Tile. Bluetooth tracker owners can use to keep tabs on their keys, wallet or other important items

Benefits And Concerns About Amazon Sidewalk

This seems to be ideal for users who want their Ring or Echo to continuously work even when their Wi-Fi is down.  Having the capability to still use your phone while seeing your cameras and/or Echo to still play music can help in multiple ways when your Wi-Fi connection is weak … But do you ever think how strange it is that you are using your neighbors connection to be able to make your devices work?
Take your Echo for example.  Sometimes your light on it will show red or even yellow when your connection is weak or does not work.  Instead of not having the device working, your device instead takes the connection from your neighbor to be able to allow the Echo to function normally … It’s like nothing ever happened, except that you are basically taking someone’s connection from their home to run your devices.  Strange to think about, isn’t it?  Your completely throwing out the idea of keeping your connection protected by sharing your connection with other Amazon users.

So, the benefit for this is that your Amazon Devices will continue to work, but the concerns are whether or not your internet connection is actually secured since you’re sharing your connection with other Amazon users.  The biggest issue is thinking if hackers will find ways to get into your accounts due to this.

Ways You Can Opt Out Of Sidewalk

Using The Alexa App

  • In your Amazon Alexa app, select the “More” icon at the lower right hand corner of the screen
  • Go to “Settings” > “Account Setting” > “Amazon Sidewalk.” (Just a note: if you’re not connected to any Echo or Ring devices, you will probably not see this option.)
  • Use the toggle to disable Sidewalk

Using The Ring App

  • In your Ring app, go into your Control Center by tapping the the three-lined icon in the upper left-hand corner of the screen
  • Select “Sidewalk” and use the slide button to opt out
  • You’ll be ask to confirm your opt-out. You can opt back in the same way.

You’re not stuck using Amazon Sidewalk if you don’t want to!

How To Keep Your Email and Data Safe and Secured

Cyber Crime Has Jumped By 55% In The Past Two Years And Most Is From Email Scams. Keep Your Email Safe!

Within the past two years, we have seen the number of data breaches increase significantly because of hackers being more creative about how to attack businesses.
Cybercrime is on the rise as hackers continue to steal data, disrupt business and cause harm online.
The result is billions of dollars in losses.

Here are some ways to continue to keep your data safe.

 

Multi-Factor Authentication

We’ve said this phrase a lot, but knowing how important it really is can make a difference to keeping your information safe. Multi-factor authentication is an electronic authentication method that a device user is granted access to a website or application only AFTER successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is).
Multi-factor authentication adds a second or third (or more) factor to the login process for company resources (apps, services, servers, etc.).
You can use multi-factor for banking accounts, emails, any sort of company program that has valuable information, and even email

Email Security Platform

Having an email security platform will help monitor what emails come through and whether or not they are spam or safe.
Cybir supports Ironscales (a self-learning email security platform to stop phishing attacks) to deliver an advanced email security platform with machine learning capabilities.  Cybir implements regular testing of employee security awareness via phishing campaigns.  Cybir offers key features to keep users safe of any acts of phishing within the company. With the jobs they have while incorporating their key features. it has the extra protection that can save the company from experiencing a data breach and losing any valuable information.

Managed Detection and Response (MDR) Solution

Keeping extra security in mind, you want to make sure that through the antivirus and firewalls, you are still being protected.  Huntress is a great and reputable software that helps clients keep that extra added protection needed so hackers can’t get into their system.  Hackers are getting very creative with the way they try to get into businesses.  Huntress helps monitor your system so you can rest 24/7 knowing your business is safe. This will help your computer system stay safe and avoid getting into.

Protection Against Account Takeover

Every email system needs something to be able to not only monitor emails, but help get rid of them and help with the compromised system.  Barracuda Sentinel helps with phishing and account takeovers.  This helps with your emailing and helping your company stay protected and risk any attackers getting into your data.  It has a 3 step procedure that is known to continue the added protection you need.

Cyber Security Training

Knowing what to look for is important.  Having cyber security training for employees to understand what to look for in case something comes up to where it shows up in the email will complete the added necessities to make sure your emails are safe and not worry about a data breach.  What you can learn from the training can also help in your own personal email to make sure your personal information is not being compromised when spam emails come in.  It doesn’t happen to just business … It can get personal too!

Having all these tools will guarantee that you won’t have a data breach.
Always stay safe with as much security as you can! You don’t want intruders coming in.
Don’t be involved in the 55% that have been compromised!!

For more information or need help setting up your systems so there are no intruders, contact PCS today!

Why Is Upgrading To Windows 10 Important?

Upgrading To Windows 10 Is More Important Than You Think!


When you think of major changes to Windows, you remember that colorful logo, how easy it is to navigate something you’ve had for years, and how comfortable you are with the software itself.
But, have you thought about what you could be missing if you don’t upgrade to the most recent software?
We at PCS are here to tell you that it’s not a good idea to keep your software updated to keep your computer safe!

Microsoft Ends Support For Windows 7

Microsoft announced back in 2020 that they will no longer have technical assistance and security updates for anyone running on Windows 7.   If you’re still running that outdated operating system, you’ll open up your company to hacks, malware, viruses and other potential future security flaws.

Windows 10 Protects Your Business

Microsoft quotes that “Windows 10 will help protect your company against modern cyber-attacks, deliver experiences your employees will love, and enable continuous innovation with a platform that keeps your company up to date with the latest technology.”  So what does this mean? It means that Windows 7&8 won’t be able to give you the full secured experience needed to keep your business running safely.  It’s a free upgrade to guarantee safety from data breaches and any hacker attacks!
The main attraction for this upgrade is so business can have the new cutting edge features.  These include allowing users to log into their devices without the need for passwords through Microsoft Passport and Windows Hello; Credential Guard, which protects corporate identities; and automatic data encryption to keep sensitive data protected.

Better Experience

Windows 10 is a happy medium between Windows 7 and Windows 8.x. Windows 8 made a lot of users unhappy due to its touch-centric interface and unintuitive Start menu and controls.  It includes features that can enhance productivity. One of the biggest features is Cortana, the voice assistant that can help employees set reminders and schedule appointments. Windows 10 also features virtual desktops, which allows users to manage multiple sets of windows on one machine.

Here’s a great example … If your phone has an update, what happens when you don’t update it? It starts to lag and eventually you start to lose safety features that are needed and you are never kept up with the new features that helps keep your software running.  It’s the same thing for windows!  You never want to run on an old update on a phone, so why would you on Windows?

These are just the top reasons why you should upgrade your windows system.  Keeping your Windows updated and keeping it up to date on the latest update will allow the security aspect to be monitored better and you won’t have to worry about the hassle of worrying about viruses and cyber attacks.
With Microsoft not supporting anything under 10, why would you wait to upgrade?

For more information or need help getting your business set up with Windows 10, contact PCS!

The Dangers of Direct RDP Access!

Direct RDP Access Used To Be So Common That Now It’s Become More Dangerous.

Did you grow up leaving your doors unlocked and your cars unlocked?
I bet you didn’t have to worry about intruders coming in.
Come to think of it, I don’t think I see it anymore.
Direct RDP access is just leaving your door unlocked for an intruder to come in!

Let’s go over why direct RDP access is dangerous.

What Is Direct RPD Access

The Remote Desktop Protocol (also known as RDP) is used to allow remote access to a computer.  Once you log into a computer, you are able to access everything the way you were able to working on the desktop. RDP is very easy to use and widely implemented. Remote Desktop even comes built-in to most versions of Microsoft Windows.  When it is used within a private network, it’s a very strong business tool. Unfortunately, it’s not secure enough to safely expose to the Internet.

What Can Happen With Direct RDP Access

Hackers are able to get into the information easier than you think.  They can target a specific business and they can act as an employee to gain access to administrative accounts.  Once they gain access, it gives them leverage to steal data, destroy data, install malware or ransomware, or even just staying under the radar and using the resources to host their own services or use as an intermediary to commit other crimes.
Most common is seeing employees getting locked out of their systems/accounts as a hacker forces access with their password.  Then the damage is done and a data breach has occurred.

What You Can Do To Prevent This

As we used above, the easiest way to avoid this is to simply close the door!  Closing down the ports to RDP and reduce the attack. There are so many different tools and protocols that can be used to provide businesses with the safety they need with secured access.

A few examples are as followed:
Setup VPN (Virtual Private Network) that must be connected first before using RDP.
Using a multifactor authentication mechanism can be implemented to augment traditional password authentication.

Another way to prevent a data breach from occurring is to contact your IT company for them to setup everything for you and your company that will keep your business safe.

Close the door and lock it so hackers can’t get in! Avoid intruders!

For more information or you want to get your company on the right track to safety, contact PCS!

How Often Should You Change Your Passwords?!

KEEP YOUR PASSWORDS UPDATED AND SECURED!

When you create a password, you often find something that not only you can remember, but you are also add different characters to make them safe.  From one special character, to at least 6 characters with one capital letter and a number, it can sometimes drive you NUTS on what your password could be.
But, in technology world, there is a reason why this needs to be done.

IT HELPS KEEP YOUR INFORMATION SAFE!

Here are some tips on password changes and how to keep everything safe.

How Often Should You Change Your Password?

Password changes should be about every 60-90 days, if not more.  Be sure you’re also using your multi-factor authentication and a password manager to increase your password security. This is alleviate having a security breach with having the same password lingering around your system for a while.  Always make sure your passwords are STRONG.

You Should Never Have The Same Password Twice!

Having the same password twice could end up being an issue when it comes to security.  If somehow they get into one thing, they will use the same information to get into everything! Make sure you are keeping consistent with having different passwords and having a password manager to keep all your passwords secured and organized. The golden rule is to never have the same password twice or use any personal information in your passwords.
Don’t use names, pets, birthdays, anniversaries, addresses, SS numbers, children’s names, etc. for your passwords.  Passwords should always be a random combination of letters, numbers, and symbols or unrelated phrases.

Change The Weak Passwords

Passwords should always be strong.  Leaving weak passwords will only allow hackers to potentially get into your information.  It’ll cause issues in the end if you leave them on the weaker side.

Always Use A Password Manager

We have discussed why password managers were important, but we want to refresh your minds on why it is.  A password manager is program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complicated passwords, storing the passwords in an encrypted database or calculating them on demand.
DON’T STORE YOUR PASSWORDS ON A GOOGLE DOC OR WORD DOC!!!  That will only give your information away even faster if someone were to hack into your system.

Don’t Forget To Use Multi-Factor Authentication

Multi-factor Authentication is your best friend. We’ve discussed how important it is, but it goes well with a password manager so no one can get into your information.  Multi-factor authentication is an electronic authentication method that a device user is granted access to a website or application only AFTER successfully presenting two or more pieces of evidence.  It usually involves a code or token needed to access any important information.

Make Time To Change Passwords

This part is going to take you a little bit of time.  Make sure you set aside enough time to go through all your passwords and update your password manager with the new ones.  A few times a year is ideal to be able to change all your passwords effectively and make sure your information is stored correctly.  You don’t want to rush it and end up having to redo all that work.

Having all these tools will allow you to feel more secured about your password and information safety.
Once you have a schedule set to update them, it’ll feel like second nature.

Need help setting up your passwords or have questions? Contact us here at PCS and we can help make sure you’re secured!

Image VS File-Based Backups … The Great Debate!

Image-based backups VS file based back-ups are tricky. 

Knowing when you should use which is even harder.
Knowing what is best for you comes down to what kind of information you are looking to save and back-up.
Let’s go over the difference and what would be best for you and your company.
The main question is … What are you looking to recover?

Difference Between Image VS File-Based Backup’s

Image-based backups preserve a copy of a machine’s operating system. That includes system state and application configurations, as well as the data associated with that machine.  It’s basically an image of your entire operating system including files, executive programs, and OS configurations.  It works best if it is necessary to bac k up a VMware or Hyper-V virtual machine. This is very simple to configure type of backup where you just select an entire drive, partition, or an entire machine, which typically backs up the entire selection you have selected.

File-based backups will back up each file on your PC.  It will save the files, but not the applications that created them. If you did not setup your file backup to save “all” the documents on your machine, then you won’t be able to restore them. It is reasonable when it is necessary to copy separate files so that they can be recovered to any other system. File backups basically come down to you selecting some files and folders that you want to back up and then where you want those file level backups to go.


File-based backups are usually more flexible way to doing backups, scheduling, and are normally smaller backups.

Image-based backups are usually better in disaster scenarios when an entire system restore is required.

What Type of Backup is Recommended?

Now that we have established the difference between the two, the major question stands … Which one is recommended? Both is adequate when having back-ups.

A good backup setup would usually include:
1. An image backup once a month.
2. A full file level backup once a week.
3. A differential file level backup every day other than the full backup day.

This type of schedule will most often help give you an easy and quick way to get files and folders back.  Having extra backup to be able to recover any and all files will be a huge impact to your business information.

 

Need help backing up your computer? Don’t know where to start? Contact PCS and we can help!

Cyber Training … Why Is It Important?

Cyber security is one of the most important things in today’s technology world. 

From data breaches to just taking someone’s banking information, hackers are now being more creative with their tactics. But, there are plenty of ways to always stay alert so you can keep on top of any security threat.

Cyber Security Training

You hear this term a lot and it’s something that has been harped about … But why is it so important?

The workplace has evolved throughout the years and technology has been a big party of that transformation. Adding in the risk of having someone come into your personal information and even company data means workplaces need to have more security.  Firewalls and anti-virus protections are simply not enough for hackers.  Hackers have been more creative with their tactics and scams that now everyone needs to be more alert!

Having the ability to know what is a threat and what is just your daily routine is important.
|Cyber security training can help you recognize different types of threats using simulators and common hacker moves.

If you can’t recognize emails, links, or even phone calls, you can be potentially putting a company at risk for a data breach.
You always want to be alert with any email that is coming to you!

 

Having the ability to be one step above a hacker is challenging. One way is by having simulations will help you see the different kinds of attacks and how you can prevent your company from having a data breach and/or information deleted/stolen.

In 2020, there was an estimated amount of 1001 cases.
That’s 1001 cases that could of probably been avoided if companies has cyber security training.

Data breaches are getting worse and users are not aware of the risks!

Employees are often the primary targets for hackers looking to get into critical business systems.
Rather than trying to breach a secure network or system through external means, it’s much easier for hackers to pretend to be authorized members of a company while they inflict their damage from the inside and do so undetected.

Sadly, many employees don’t even realize how important cybersecurity training really is for the organization they work for.
Even worse, according to a survey of over 4,500 employees, 22% of employees don’t feel like they should be obligated to keep their employer’s information safe.

Employees handle the information on an everyday basis, so a hacker will come to them first before anyone else. Internal attacks are easier.

Don’t wait to get cyber security training. You could not only protect the company, but you can even protect your own information!

For more information about Cyber Security training, contact PCS today!