Securing IT Infrastructure in today’s corporate environments is extremely critical. There are lurking threats waiting to infest networks and systems with all kinds of major issues leading to massive setbacks for any company. With the possibility of losing millions of dollars and their earned reputation at stake; most companies regardless of size have taken a very serious approach to securing their IT assets. The risk of any exposure to any type of attack clearly outweighs the investments that a company should be making in ensuring that they are secure. Like all other IT implementations, security too is an ongoing process. It cannot start and end...
If you talk to any security expert about securing online accounts, the first thing they will tell you is “enable 2FA.” However if you start looking at the number of accounts where Two-Factor Authentication is purposely turned off or opted out of, you will be surprised at how high the number is. The reason for this is because most end users consider 2FA to be a nuisance, and don’t see the need for it when it comes to securing their accounts.
Over the course of this three-part series, we have explored security measures to help keep your organization better protected from cyber criminals. In part one, we examined the importance of patching, and in part two,we explored advanced email security. In this final part of the series we will cover security awareness training that should be implemented in every business.
With election campaigns and candidate advertisements running rampant, it makes sense to go into some basic dos and don’ts when surfing the Internet. Once connected to the Internet, a majority of the sites are primarily free. Although, most of these websites are not there just to help you out, they are there to make money. A blogger, if they get enough viewers to their site, can sell ads that help pay them to write. Home Depot’s site is there to educate you on what they sell and get you to go to the store. Facebook and Google are there operate to make money off advertisements.
Distributed denial of service or (DDoS) attacks typically make news when they are large enough to bring down a website, and the affected website belongs to a well-known organization. In 2017, the total number of DDOS attacks that were observed and reported was 7.5 million, up from 6.8 million in 2016. On average, companies are faced with 237 DDoS attacks per month. Most DDoS attacks are not large, volumetric attacks, and DDoS hackers target all kinds of organizations. No organization is immune to a DDoS attack, and any size DDoS attack should be cause for alarm.
I still talk with people in the security industry that confuse a vulnerability scan with a penetration test. These are very different yet complimentary tools.
A vulnerability scan can be run against your external IP range, as well as your internal IP range. If you run it against your external IP range you will see what the hackers see when they look at your network from the outside. If there are any known vulnerabilities, the scanner should pick it up and report it to you. This would be the first step in getting your network more secure.
This three-part series will highlight areas that are easy for Thrive to implement to help keep your business protected from outside threats. If you missed Part One: Patch, Patch, Patch, we covered the importance of patching your environment to prevent potential disruption or even disaster. This installment, Part Two, will focus on advanced email security; how it developed and why you should ensure to use it in your businesses. Moving forward, Part Three will use this information and detail the proper measures to take when it comes to security awareness training.
There’s an old adage in IT that goes something like this: “people only notice/value technology when it doesn’t work as expected.” This is never truer than with the databases that sit behind so many of the applications we use every day. We expect applications to perform as quickly as we’ve grown accustomed to. We also expect the information contained in them to be kept securely, accurately, and for as long as we need it. A substantial part of an application’s capability to satisfy these baseline requirements depends on the database. So, while most of us never interact directly with databases, most of us become acquainted with them when they become slow, or worse, lose data to theft or other disaster.
This three-part series will highlight areas that are easy for Thrive to implement in your organization to help keep your business protected. Part one will cover patching, part two advanced email security, and part three security awareness training.
Just as you could have a hole in a window in your house, you may have one on your servers and computers as well!
During our last family get together someone asked me about data protection. Thinking back, I might have said too much. I had proceeded to explain how text messages are not safe, your Facebook data isn’t private, and your SSN is out there for the world to see. I think that was when everyone migrated away from me during the party and started talking to others.