HOME

October 31st, 2016

A functioning DNS network vs. one that is under a DDoS attack. Image from the Wall Street Journal 10/24/16 article, “Cyberattack Knocks out Access to Websites.”

Security experts have been reminding us that while the growth of the Internet of Things (IoT) has great potential, we must not lose sight of the need for device security. As the market has exploded – particularly with Smart Home ecosystem devices – the focus has been on deploying the latest (Artificial Intelligence) AI devices to consumers as fast as possible. The concern from security professionals has been that little regard has been paid for data security and protection from malware when building these cloud-enabled devices. A recent attack that brought down some of the world’s largest Internet services illustrates the warnings from security experts now appear well founded.

On October 18, unknown hackers used the Mirai malware bot network to hijack Internet of Things (IoT) devices to bring down large swaths of the Internet itself. The specific DDoS (Distributed Denial of Service) attack was on Dyn, a company providing critical Internet services to sites like Reddit, Twitter, Amazon, Spotify and Soundcloud. An attack of this scale is unprecedented, but could be an early hint of more to come.

If you didn’t notice the attack, that’s because Sinu implements ‘smart’ DNS technology for all of our customers that caches and provides the latest good DNS information when current information is not available due to an attack. For Sinu customers, OpenDNS is already included in their service. Businesses that don’t rely on Sinu’s all-inclusive IT service may want to consider paying for safe DNS services from companies that offer added security and protection that haven’t yet been implemented by many ISP’s DNS servers. Verisign or OpenDNS, for example, provide detection and filtering software to prevent against harmful content and malware.

Fast Company described the attack in detail saying, “The attackers apparently used tens of thousands of hacked internet of things devices—household appliances such as digital video recorders, security cameras, and internet routers—to generate a massive amount of digital traffic. That digital noise was sent to Dyn, a domain name service provider used by major online companies, disrupting its ability to translate human-readable internet addresses into the IP addresses networks use to route traffic.”

(For more info about how Domain Name Servers (DNS) work, see Sinu’s blog, Understanding DNS to keep your Data Safe.)

Security experts have been warning developers about this potential for some time. In fact, Mashable reports that the site of esteemed security expert Brian Krebs, who has warned people about the potential for IoT security issues, was attacked by Mirai in September. They note, “generating 665 Gigabits of traffic per second, the incident became perhaps the biggest known DDoS attack since one noted by Akamai in June, which generated 363 Gigabits per second.”

Further, on October 12th, the U.S. Department of Homeland Security issued a warning to Sierra Wireless consumers suggesting they change their password. Sierra Wireless is a multinational wireless equipment designer and manufacturer specializing in IoT devices. The warning specifically mentioned the Mirai malware bot network and the potential that Sierra Wireless devices could aid in a DDoS attack unbeknownst to its consumers.

Just three days prior to Dyn DDoS attack, Level 3 Communications published a blog analyzed the Mirai malware bot network noting the types of devices it targets: “Mirai targets IoT devices. The majority of these bots are DVRs (>80 percent) with the rest being routers and other miscellaneous devices, such as IP cameras and Linux servers. The devices are often operated with the default passwords, which are simple for bot herders to guess. From the source code it has been found that Mirai’s scanning protocol utilizes a list of generic and device-specific credentials to gain access to susceptible devices.”

In a video blog posted on Periscope shortly following the Dyn attack, Level 3’s chief security officer, Dale Drew, noted that between 500,000 and 550,000 devices have been hacked around the world and are now part of the Mirai network. The Dyn attack utilized just 10 percent of those devices meaning the scale of future attacks could have devastating consequences, far beyond the inconvenience of limited access to Twitter and Netflix.

IoT’s vulnerability to malicious attacks will only increase with the advent of more devices. Business Insider reports, “By 2020, more than 24 billion internet-connected devices will be installed globally — that’s more than 4 devices for every human on earth.”

With the deployment of AI built within these software-controlled devices, the next big question we haven’t seen asked (yet) is whether this advanced DDoS attack could signal the future deployment of malware that can learn and adapt on its own, much like the AI equipped devices hijacked in the latest attack. Hijacking AI devices with AI malware could spell a host of new trouble if the companies developing the devices don’t soon begin building additional security protocols into the hardware and software.

The question people are asking is: “What’s next?” People within the security community are speculating right now that the Dyn DDoS attack could be a trial run, and that a larger scale attack may coming in the near future. While no one has yet claimed responsibility for the attack, the FBI is investigating to see if it is part of a state-based effort, ISIS or simply frustrated hackers. Figuring out who is behind it will be helpful in the short-term, but in the long-term, the IoT market is going to have to ramp up its security protocols quickly.

Most of us enjoy the conveniences of home IoT devices – from DVRs to routers and baby monitors. We strongly recommend you purchase cloud-enabled devices that require passwords. Further, hackers have been using default passwords as a means to hijack devices. We advise you to overwrite the default password issued with your device with a new, secure one (for tips on creating and managing strong passwords, see Data Security: Steps you can take today to protect your data).

Topic Articles
October 25th, 2016

2016october25_security_aCyber security is becoming more and more important in an increasingly digital age. While many people and businesses know how important their online security is, they may not know what types of online security are best, nor the differences between the most commonly available options. There are two security authentication measures that are quite similar in name and that are often used. These are known as two-factor authentication and two-step authentication. Read on to get to know some of the key differences so you can be sure you understand your cyber security better.

If you are seeking out a way to improve your business's cyber security, both for your business itself as well as for your customers, you are likely looking at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cyber security. And in current cyber security, many businesses use the terms two-step and two-factor authentication interchangeably.

There are, however, subtle differences between the two. A two-step authentication process requires a single-factor login (such as a memorized password or biometric reading) as well as another of the same type of login that is essentially sent to the user. For example, you may have a memorized password for your first step and then receive a one-time-use code on your cell phone as the second step.

Two-step authentication does function to add an extra step in the authentication process, making it more secure than a single-step authentication (i.e. just the password). However, if a person or business is hacked, it will do only a little to stop hackers from getting a hold of whatever they are looking for.

On the other hand, there is two-factor authentication (sometimes referred to as multi-factor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.

In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, you can be certain that you are using the right type of authentication in your business to keep your business and customer information as secure as possible.

Your network needs the best security technology has to offer. What type of authentication that results in is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.

Published with permission from TechAdvisory.org. Source.

Topic Security
October 19th, 2016

2016october19_businessproductivity_aThe internet is undoubtedly one of the most powerful tools for improving business productivity. But it’s also a magnet for procrastination. With unfettered access to the internet, it’s easy to stray away from your important work responsibilities. If done in moderation, five-to-ten minute breaks on Facebook, Twitter, and YouTube are harmless, but if employees spend several hours a day there, the internet is impeding office productivity. Fortunately, web monitoring can ensure your employees don’t overuse these sites.

Time-saving measures At times, the internet can be very addictive. Internet monitoring software saves employees from the temptation of online videos and games by restricting access to time-wasting sites that you deem unnecessary for business. But internet monitoring software doesn’t even have to be as extreme as denying permission to harmless social media websites. Just letting your employees know that you’ll be randomly monitoring their internet activity discourages them from taking prolonged visits to their Instagram page.

Avoiding harmful websites The internet hosts plenty of unsavory links and websites. Employees who haphazardly click phishing links or access malware-ridden pornography sites can put your business at risk. Working with infected machines can slow down the entire system and, in some cases, completely halt operations. But by using internet monitoring tools you can restrict access to dangerous websites, and identify reckless employees to remove their internet privileges, if necessary.

Controlling bandwidth usage Even while using the internet for the right purposes, bandwidth can be used up quickly. Internet monitoring gives you up-to-the-minute reports on your bandwidth usage. Once you have a clear understanding of your company’s overall bandwidth usage, you can then control its expenditure. This feature allows you to prioritize bandwidth for critical business applications and reduce bandwidth for less necessary websites.

Increasing productivity on the internet Internet monitoring software may be a powerful tool, but it should be used responsibly. As a business owner, you need to walk a fine line between over-surveillance and under-surveillance. What you should do is establish a clear internet policy. Then, explicitly define the disciplinary measures to be dispensed on anybody who goes against the requirements of the internet policy. And deal with time-wasting employees on a case-by-case basis. It’s unreasonable to remove everyone’s Facebook privileges because one or two abused theirs.

Employee productivity can be difficult to achieve, especially with the proliferation of what we would like to call, “procrastination software.” But with web monitoring software, you can truly get your business -- and your employees -- back on track. Looking for more ways to increase business productivity with technology? Give us a call. We’ll be happy to make suggestions.

Published with permission from TechAdvisory.org. Source.

Topic business
October 10th, 2016

2016october10_socialmedia_aFacebook is constantly working to improve communication between different parties. What started as a means to communicate socially is now used to improve communication at work, too, through Facebook at Work. After spending several years trying to find a way to turn FB into an enterprise solution, Facebook at Work will finally be launched today. The new service is meant to help workers communicate with their colleagues and share information. Let’s take a look at how.

Facebook releases generally take place in the company’s home country, the US. However, this time around the social media giant will launch its take on enterprise communication tools in London, where Facebook at Work was first dreamed up.

Facebook at Work has set its sights on improving productivity in the workplace. In addition to aesthetic updates like changing from the iconic blue color to a business-friendly grey, users will have a totally separate platform from the original Facebook. Work accounts are strictly for work interactions and will not mix with users’ personal profiles. So how is it different from just creating a work-friendly account on the original platform?

Facebook at Work creates a microcosm of the social media site, just for your company. Employees can communicate with coworkers, post pictures, plan for upcoming events, and make office announcements at ease. As an added bonus, Facebook at Work will employ auto-translate functionality to make communication between foreign nationals easy.

Aside from the fact that transitions will be easy with so many people already using the site for personal accounts, Facebook at Work is hoping Work Chat and Video Call options will be able to rival the likes of Skype for Business, Google Hangouts, and Slack. And with the addition of new avenues of privacy come new security guarantees. In an attempt to assuage the concerns of HR departments and paranoid employees alike, the improved security measures in Facebook at Work are separate from the personal platform and unique to the enterprise.

Regardless of whether or not you’re a fan of the original, Facebook at Work is a product keen on helping enterprises improve communications and increase work productivity. If you’re interested in getting in on the ground floor of this new workplace application, we’re your ticket. From product updates to completely new social media sites, we’re your one-stop-shop for getting the word out about your business and your product. Message us for more information today.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
October 7th, 2016

2016october7_security_aSocial engineering is the ability to manipulate people into willfully giving up their confidential information. The data varies, but in terms of cyber security this usually means passwords and bank information. Criminals are using social engineering to gain access to your business and its network by exploiting employees who often don’t have a clue about what is happening. Avoiding it is a matter of training, and we’re here to educate you on the subject.

As more and more of our information moves into the digital realm, criminals are turning to social engineering to trick people into trusting them with their delicate information. People often trust others too easily and make themselves the targets of easy attacks from criminals. These attacks may come in the form of messages, baiting scenarios, fake company responses, and many others.

Most often, messages are sent to users in the form of an email that might contain a link or something to download. Although they may look legitimate, these emails often contain viruses; once the link is opened or you attempt to download it, a virus latches onto your computer, giving its creator free access to your email account and personal information.

Emails such as these can also come with a compelling story about needing help, winning the lottery, or even paying taxes to the government. Under the veil of legitimacy, criminals will ask you to trust them with your account details so they can either reward you or help you avoid fines and punishments. What you actually get is a bad case of identity theft.

In another scenario, criminals will bait their targets with “confidential information regarding their account.” This may come in the form of fake company messages that appear to be responses to your claims, which are followed up by a request for login details. While victims believe they are slamming the door on a crime by providing their information, they’ve actually provided their attackers with the keys.

There are several ways people can avoid becoming victims of social engineering. First, always ensure that you delete all spam from your email, and thoroughly research sources before responding to claims from a company -- even if it seems like the one you normally use.

The same applies for links. Confirm the destination of any link before clicking on it. Sites like bit.ly are often used to shorten long and cumbersome links, but because users have grown accusomted to them they are often used to hide malacious misdirections.

Never give out sensitive information that includes your password, bank information, social security, or any other private details. No respectable financial institution will request this type of information through email or a site other than their own. If you’re unsure, navigate away from the page you’ve been sent to and visit the page you believe to be making the request. If the address doesn’t have the letter ‘s’ after ‘http,’ it’s likely a scam.

Last but not least, check that all your devices are protected by the most recent antivirus software. While the strength of social engineering lies in the fact that it’s people-driven rather than technology-driven, antivirus software can help detect and prevent requests from known cybercriminals.

Cyber security is essential to the success of any modern business. Don’t let yourself become victim to criminals who have mastered the art of social engineering. While we’re proud of our extensive experience as technology professionals, we also have more than enough expertise to keep your business safe from those who are using people-based exploits. Get in touch with us today for all your security concerns.

Published with permission from TechAdvisory.org. Source.

Topic Security
September 30th, 2016

2016september30_businessvalue_aMost people tend to think that the concept of virtual reality has a place with The Jetsons family, but not so much at the office -- think again. Recently, more and more businesses are exploring ways they can mesh virtual reality with daily business operations to possibly help benefit customer service and even employee satisfaction. Take your business to the next level by embracing three dimensions instead of two. Here’s why:

Create your own virtual product prototypes

With the help of virtual reality, you’ll no longer have to rely on manufacturing when you want to see what your product physically looks like and how it might work. These virtual products allow you to make any changes before going through with production. According to Abi Mandelbaum, CEO and co-founder of YouVisit, “Model creation in VR, for example, can save companies time and money, as these types of models or prototypes allow viewers to examine a product and make changes without the time or expense of building a physical model.”

Virtual designs for engineers

Especially beneficial for engineers, architects and other professionals that work with building or engineering large structures, virtual reality helps save both time and money. As an alternative to small models or 2D renderings, VR offers a more immersive experience that helps design and replicate structures.

Virtual tours

Let’s say that you’re a real estate agent showing houses to potential buyers. Your buyers might be in a different state or simply don’t want to spend time going from house-to-house. Virtual reality allows customers to see what the home looks likes in a three-dimensional setting without them having to actually be there.

Showing all the angles of a product

In order to entice buyers into making a purchase, they must first get an idea as to what it’s actually like, and they need to see as many angles as possible -- especially for products that customers don’t get to physically touch. With virtual reality, customers are given a better idea of what your product is like. Abi Mandelbaum says that “Virtual reality can allow current and potential customers to explore a product before they commit to making a purchase. Furthermore, VR completely immerses customers, helping place a product directly into their (virtual) hands or empowering viewers to see a product in action.”

Take customers on an adventure

If you are in any tourism or adventure-based business, you can use virtual reality to give customers a taste of what to expect from the attractions. Imagine that you have an amusement park and want to attract customers’ attention. You can opt to offer a short VR replication of one of your rides so people can see whether or not they’d like it. Or if you own a resort or campground, you’ll also be able to create reality versions of whatever activities you offer.

VR has the potential to take your small- and medium-sized business to the next level if done properly of course. If you have any questions about how you can mesh virtual reality with your company, don’t hesitate to send us an email or give us a call. We’ll be more than happy to assist with your queries.

Published with permission from TechAdvisory.org. Source.

Topic business
September 29th, 2016

By guest contributor, Margaret Tung, co-founder and CEO of

About Vesper: Vesper eliminates the headaches of turnover and bad office management by providing outsourced office management services and expert admin staff to SMBs. Vesper Office Managers assist with everything from procurement, calendar management, and event planning to ad-hoc projects, like office moves, and more.

At Vesper, we might be biased, but when it comes to looking at what assets are valuable to a well-run company, an office manager comes up pretty high on the list. Office managers are jacks-of-all trades – they help ensure the logistics of the office run smoothly, they’re team cheerleaders and morale boosters — and they’re also there to jump in and handle a slew of unforeseen responsibilities as they arise.

If you’re running a small company that’s growing – or one that’s just getting off the ground – you may not have experienced the wonders of having an office manager yet. But if you’re looking to get bigger, or make office life easier and more manageable, it might be time to consider bringing in an office manager (or a second one). Check out some telltale signs that your office could benefit from some office management help below; if these sound like what your company is experiencing, it’s probably time to take the leap.

Four Signs it’s Time to Hire an Office Manager

1. Your CEO spends too much time handling administrative duties.

Most startups start with just a few people – and rely on those few people – to handle all of the company responsibilities. But as a company starts to grow, it’s more important for its executives to focus on the important stuff: like securing funding, meeting investors, and marketing new products and ideas (etc., etc.). If your head execs are spending time doing administrative things like ordering lunches, planning cocktail hours, and tracking employees’ days off, it’s probably time to hire some help. This will not only ensure that company leaders can focus on growing the company, but also that all logistics stay organized – and nothing slips through the cracks. According to a study of startup hiring done by Plivo, most startups in the Bay Area hire an office manager when they have somewhere between 5 and 20 employees.

2. Problems in the office linger.

Life in the office can get crazy busy – and sometimes there’s just not enough free time to stop and fix the AC, un-jam the printer, or replace the broken coffee machine. If there are problems with the physical office space that go unfixed for more than a week, it’s time to get someone to help you manage it. One of the most important office manager duties is to maintain the office space, and keeping the office in good shape (especially the office kitchen) is a way to keep team morale high – and productive. (Unhappy employees have been shown to cost the US between $450-$550 billion each year due to lost productivity!)

3. Your cash flow is a mess.

Staying on top of cash flow is key for a successful business. However, it can be hard to keep track of how much money is coming in and simultaneously make sure that all wages, bills, etc. are paid on time. Hire an office manager to help set up a payment system for your company; that way, everyone will get paid on time, and you’ll know how much money your company actually has in the bank.

4. You’re constantly rescheduling meetings.

Being disorganized in the office has been shown to cost executives $177 billion each year. If you feel like you’re constantly rescheduling meetings because you’ve double-booked people, haven’t been able to keep your calendar straight or are drowning in clutter– an office management service can help you out. Having someone to help maintain schedules will help make sure that you make all of the important meetings and — skip the hassle of trying to keep all your appointments straight.

Do you think you’re ready for an office manager (or a second one to help out)? Or, maybe you just want to learn more about outsourcing office management services? If so, get in touch with Vesper. Our experienced office managers can help you stay on top of all the administrative stuff at work, so you can focus on what really matters.

Topic Articles
September 29th, 2016


Image: www.apple.com/iwork/

Apple’s annual September media event in San Francisco focused largely on the release of the iPhone 7 and 7+ with a dash of Twitter humor over the new AirPod wireless earbuds. (We’re still wondering if there’s a Find Your AirPod app…) However, the less extolled take-away could be big for small business.

Apple announced they were taking iWork to the iCloud to attempt to compete with Microsoft 365 and Google Docs for office product market share. iWork is Apple’s counterpart to Microsoft Office which offers three component apps – Pages, Numbers, and Keynote. CloudPro reports, “The move sees Apple play catch-up with Microsoft and Google, and underlines Apple’s aim of becoming more of a player in the enterprise market.”

While the “real time collaboration” presentation probably would have seemed more innovative three years ago as other office software products were going to the cloud, the key for Apple users is iWork’s cross-platform use and real time collaboration. According to Apple, people can work collaboratively in real time across devices (from an Apple laptop, iPad or iPhone). iWork in iCloud has been available in beta format for over a year, and while there is no official release date for the finished product, the company says it will be launching “soon.”

According to CloudPro, “The collaboration also features private and public modes with a participant list that shows who is working on the document, each user sporting a different colour. The public and private modes determine when iWork syncs files.”

Bringing Apple’s iWork into the cloud for real time collaboration across devices is a big start – albeit a long overdue one – toward capturing the enterprise market. However, PCs are still prevalent in the workplace and while Apple has opened up iWork to PC users who have an Apple ID via iCloud, people will have to see a clear and immediate benefit to changing their office software. Early adoption of Apple’s iWork for iCloud in the classroom may help pave the way for iWorks future.

In his keynote speech, Tim Cook noted that education has always been a focus of the company. With Apple’s iWork, this becomes a smart long-term strategy for capturing the next generation of consumers as students begin adopting the software in the classroom. According to Digital Trends, “Apple’s contribution to President Obama’s ConnectED initiative has been extended to 114 schools, including classroom and device support for 4,500 teachers, to whom Apple has donated MacBooks and iPads for use in the classroom.”

While Apple waits for this next generation of consumers to bring their iWork habit to the workplace, it will be interesting to see if Apple’s iWork for iCloud provides enough benefits that people are willing to “unlearn” what they know about Microsoft Office or Google Docs to adopt this new solution. The price tag may help entice people to give it a try: iWork will be free for anyone who buys a new computer or device from Apple, or anyone who has already installed it. Upgrades, essentially, are free as would be the case on iCloud. Otherwise, iWork apps are $20 for each computer or $10 for an iOs device.

Topic Articles
September 29th, 2016

This is the seventh in a series of articles addressing top technology challenges facing nonprofit organizations. If you have a suggested topic, please email us, and we will try to address that topic in an upcoming article!

At Sinu, we have guided our customers though the process of developing and implementing strategic cloud migration plans. We have identified several opportunities with benefits that most of our nonprofits can realize immediately, whether it is through cost savings or reducing the risk of data loss or downtime.

Before migrating any of your infrastructure to the cloud, it is important to consider the following:

  • What are your organizational goals and how can technology help achieve them?
  • What is your current infrastructure and where is your hardware in its replacement cycle?
  • Do the critical applications you are currently using meet your needs, and do they offer cloud solutions that can offer the same or increased functionality?

Once you assess this information, communicate your vision for a cloud strategy to your management team. If they understand what you want to achieve when moving applications to the cloud, whether it’s cost savings, increased functionality, remote access, reduced risk, or a combination of all these benefits, any changes will be more easily embraced and implemented by your team.

Look for opportunities to immediately mitigate the risk of data loss and potential downtime. For nonprofits with fewer than 1,000 employees, we suggest moving at least 80 percent of your basic infrastructure into the cloud over the next three years. Email and backup are critical and should be migrated immediately. Payroll is another critical application that can be moved to the cloud to help avoid disruption of compensation for employees even during local outages or disasters.

During the process of developing a cloud migration plan, you will need to assess your current technology, including your hardware and software. For instance, if you have an in-house server that needs to be replaced in the next six months, this is an opportune time to consider migrating that infrastructure to the cloud because it will likely save on the capital expense of replacing that server while reducing the risk of data loss.

We have developed a free Cloud Migration Worksheet you can download today which outlines several opportunities and considerations when developing a strategic cloud migration plan. We hope you find the brief helpful and please contact us if we can answer any questions.

Topic Articles
September 21st, 2016

2016september21_security_aAs with all technology, trendy phrases come and go with the passing of every IT conference and newly released virus. And when dealing with cybersecurity, keeping up with them all can mean the survival -- or demise -- of a business. If you’re looking for a list of the industry’s most relevant terms, you’ve come to the right place.

Malware

For a long time, the phrase ‘computer virus’ was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as a type of malware.

Ransomware

Don’t let all the other words ending in ‘ware’ confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is ‘ransomware,’ which encrypts valuable data until a ransom is paid for its return.

Intrusion Protection System

There are several ways to safeguard your network from malware, but intrusion protection systems (IPSs) are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can deploy an exploit or take advantage of a known vulnerability.

Social Engineering

Not all types of malware rely solely on fancy computer programming. While the exact statistics are quite difficult to pin down, experts agree that the majority of attacks require some form of what is called ‘social engineering’ to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy, and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value -- always verify the source of any service requesting your sensitive data.

Anti-virus

Anti-virus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyber attackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and ‘patch’ this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest advances in malware.

Redundant data

When anti-virus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.

We aren’t just creating a glossary of cyber security terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out for yourself.

Published with permission from TechAdvisory.org. Source.

Topic Security