Month: June 2021

Your employee’s social media account was hacked How does it affect you?

Posted on by Empower

Did you know that social media accounts are one of the favorite targets for cybercriminals? You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that doesn’t seem to be the case. Here’s why. Social media accounts hold A LOT of personal information including name, email ID, date of birth, place of birth, place of work (your business!) high school attended, names of family, friends and pets, anniversaries, and more…which means, they are basically gold mines of Personally Identifiable Information (PII). Plus, if you play games and have your credit card details saved, there’s more information and better the chances for the cybercriminal to commit fraud. All of this data can then be used to hack into other accounts of the user, including financials. So, hacking into someone’s social media account can help cybercriminals gain entry into other, more ‘useful’ and secure accounts.

But, how does it matter to you, as a business? If your employee’s personal social media account is hacked, it shouldn’t affect you, as a company, right? Wrong…here’s how it can affect you.

  • If the employee whose social media account is hacked is the administrator of your company’s official social media handles, you are in big trouble as hackers will gain access to your company account and consequently to customer information, because you may be having clients who follow your business account on social media. The whole situation can result in a lot of damage to your business and brand reputation and also result in penalties and possible lawsuits.
  • Even if your employee doesn’t handle your company’s social handles, the hackers may have enough of their PII to try and pry open a small entryway into your IT network.

You can avoid such mishaps by

  • Training your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts
  • Ensuring your employees are able to identify and steer clear of phishing and social media frauds
  • Helping your employees understand the importance of practicing good password hygiene across all their online accounts – social, work or personal.
  • Ensuring they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
  • Sharing regular Zero-Day vulnerability alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime

Your managed IT services provider will be able to help you in organizing and conducting these kinds of training and awareness sessions at regular intervals for your staff.

Are your data security measures strong enough?

Posted on by Empower

Let me start this blog by asking you a question. How did your business respond to the security threats brought on by the COVID-19 pandemic? The reason we are discussing this is because a survey conducted by Password Keeper and Ponemon Institute revealed that during the 2020 Coronavirus pandemic, the effectiveness of organizations’ IT posture in terms of cybersecurity dipped by almost 30%.

One of the main reasons for the compromise in IT security was the hurried transition of so many businesses to the remote work model. Working from home often meant the staff were using their personal computers to access work data, sometimes, even on shared WiFi networks without the latest software updates, security patches and firewalls – all invitations to cybercriminals. But, the research also pointed out that almost 50% of the respondents were also concerned about the physical safety of their data. When employees work from home, business data is stored on their personal devices. This includes personal laptops, desktops, thumb drives, external hard disks and sometimes, even smartphones and tablets. Ensuring the data stored in such a manner is not lost, stolen or inadvertently made public is a huge challenge. The cloud can help resolve this challenge to some extent. By migrating your data to the cloud you get a range of benefits such as

  • It is easily accessible-from anywhere, anytime using an internet enabled tablet, computer or even a smartphone
  • The cloud service provider offers multiple layers of security to keep your data safe from prying eyes
  • There is no chance of losing data due to misplaced thumb drives or computer hard disk crashes

An MSP offering cloud services will be able to assist you in making the transition from physical data storage to the cloud smoothly. They can also address cybersecurity concerns and offer solutions. However, migrating to the cloud alone is not the solution to all data security issues. You will still need to train your staff on how to identify and avoid malware attacks, phishing scams and to practice basic password hygiene and data security best practices.

WFH is here to stay Are you ready?

Posted on by Empower

The year 2020 was nothing like what we had seen before. At a certain point in time, it felt like the world would come to a standstill. With lockdowns and travel restrictions imposed across the world, businesses were pushed into a ‘new normal’.

One of the things that was a part of the ‘new normal’, was working from home. Whether it involved employees working remotely on a full-time basis or using a hybrid approach, this work-from home (WFH) setup brought along with it multiple challenges, especially to those organizations which weren’t into this model already. Accessing critical work information, carrying out meetings on Zoom, attending conferences remotely and even setting up trade show booths online, were all new concepts. While the pandemic may be temporary, one thing is certain – the remote work culture is not.

WFH existed even before the Coronavirus pandemic. There were a sizable number of companies – primarily in the IT industry that routinely hired remote workforce. Freelancers operated remotely too for the most part. However, the pandemic forced every company that can operate remotely to adopt the WFH model. While the initial switch was cumbersome, challenging and even frustrating, the benefits offered by the WFH model can’t be discounted.

Here’s how it benefited employees:

  • Helped save time and money that would otherwise be spent on commuting from home to work.
  • Offered greater flexibility, as working from home let employees choose their working hours, at least in some cases.
  • They needed fewer days off as things like staying home and caring for a sick child/spouse or an elderly parent didn’t mean having to take a day off work anymore.
  • With lesser workplace oriented distractions, they were able to accomplish more in lesser time, which means they had more personal time and a better work-life balance.

From the organizational perspective, working from home:

  • Meant more productive, focused, energetic employees with workplace distractions and long commutes eliminated.
  • Resulted in lesser absenteeism as employees had flexible work schedules and could be home when their presence was needed, without having to take a day off.
  • Helped them save on costs related to maintenance, utilities and employee recreation that they would be otherwise incurring.
  • Can help companies save on huge rental expenses by trading larger office spaces for smaller/shared workspaces and conference rooms.

So, there’s no doubt that the trend of WFH will continue and become a norm in daily lives. It seems to be creating a win-win situation for both the employees and the organizations they work for. However, for WFH to function smoothly, you need to have a solid IT infrastructure, one that ensures the transition from the traditional office setup to the WFH model is smooth and the integration between the various elements involved in the new WFH environment is seamless.

Are you ready to switch to the WFH mode? It’s time to get in touch with a managed IT service provider who can help you make this move.

Data security in the ‘Work-from-home’ environment

Posted on by Empower

The pandemic threw a lot of challenges at the world. One of them, from the business perspective, that overshadowed the others was cybersecurity. How does an organization ensure data safety and security in an environment where businesses can’t really control what employees do even during work hours? New best practices emerged that will remain in use even in the post-pandemic era. Because the trend of working from home now seems to be here to stay. This blog will discuss some best practices for data security that can be deployed when working remotely.

  • If you can provide your employees with a computer that they will solely access for work, then that solves the majority of the issues. When employees use their own devices for accessing work data, the risk of a security breach is higher as businesses don’t have any control over staff’s personal devices. Your employee’s computer may have security loopholes such as pending updates and security patches or unauthorized software programs. If, instead, it is a company device, you can install control mechanisms that limit what your employees can do with the device. You can impose firewall restrictions, make it a part of your intranet and also monitor employee activities freely.
  • If you are allowing employees to use their personal devices for work purposes, you can encourage them to keep their device safe by alerting them about software updates, security patches and offering to install the latest version of antimalware software for their devices. This is a win-win situation for you and your employees, as you get to keep your data safe, while they get to keep their device and personal data secure.

In either case, you need to educate your employees on the basics of data security. These include password hygiene, identifying phishing attempts, attachment hygiene, etc.

Don’t forget the cloud! The cloud can help you keep your data safe and secure even in the remote working environment by adding layers of data security and eliminating storage of data on local hard drives and removable storage devices. Contact a cloud service provider today to learn more!