Keylogger 101

We have all heard of hacking, virus, ransomwares, etc. as they keep coming up in the news every now and then. But, have you heard of keyloggers? In this blog post, we discuss keyloggers and how they can be used to gain unauthorized access to your system, online accounts, network and data.

As the name suggests, a keylogger logs keys–it captures the keystrokes you make. In fact, use of keyloggers is not illegal. Keyloggers are perfectly legal and are often used by companies to keep tabs on their employees’ IT activities during work and closer home, parents use keyloggers to monitor their children’s computer activities for safety and security purposes. But, as with all tools, even keyloggers can be misused and cause a lot of damage if leveraged by a cybercriminal. By logging keystrokes, the keylogger captures passwords and other confidential information. Imagine someone having access to all your usernames and passwords. Your bank accounts, your shopping accounts, your online subscriptions and what not!

So, how do unauthorized keyloggers enter your system? Like other malwares, keyloggers are snuck into the system to bug it without the knowledge of the user. Clicking on phishing links, downloading, opening or running malicious attachments, using applications or browsers with security loopholes are all ways for cybercriminals to install keyloggers into your system.

The first line of defense against such keylogger attacks is powerful anti malware tools that detect and isolate such threats. Also, invest in a good password management tool that will help you create and manage secure passwords effectively.

As a best practice, you should also implement multi-factor authentication, which requires more than just a password to permit access. Train your staff to follow password best practices and general cyber hygiene such as not browsing unsecured websites, avoiding public WiFi, etc.

From the administration perspective, ensure all your software programs are updated and security patches are implemented on time.

You can consider enlisting the assistance of an MSP who will help you tackle not just the threat posed by keyloggers, but also the wide range of security threats that exist in the virtual world.

Social media security

Social media is a great tool for SMBs to get the word out about their products and services, build their brand, and connect with prospective customers. It also offers paid marketing avenues as well, such as PPCs, marketplaces, etc., But are your social media accounts secure? Typically what happens in a business account on social media is that multiple people may have access to the account. Access could stretch across different departments such as marketing, sales, PR, HR or it could be multiple people from a single team with access rights–usually marketing. If you outsource your social media management to marketing agencies, their staff also end up having access to your social media accounts. All of these situations make your social media accounts very vulnerable. Here are a few tips to keep your social media accounts secure.

Always be aware of who has access to your social media accounts. This may seem obvious, but you may be surprised to know that many SMBs are not sure who all have access to their company social media accounts. They know the marketing department or sales team or PR have the access, but which members in the team actually do, is often a security detail that’s overlooked.

Think about who you want to give access to. Do you want everyone in marketing to have access to your company LinkedIn account? Perhaps it is not a great idea to let that new marketing intern you have known for only 3 days to get access to it. Even within a team, you need to decide who can be trusted with the keys to your social brand.

If you have outsourced your social media management, find out what are the vendor’s policies and SOPs regarding account access. If you are managing your social media in-house, make sure you have a social media policy in place. This policy should cover every detail, right from who will act as the administrator(s) for your social accounts, how often the posts are to be made, to what kind of content is acceptable and unacceptable.

Pay special attention to the administrator(s) of your social accounts. Educate them on social media best practices and password hygiene. Help them understand the importance of good password hygiene practices and ensure they are mindful of their role as your social media administrator because chances are, hackers can get access to your social media accounts via theirs.

Apart from training and educating your staff and implementing social media policies you should also invest in mechanisms such as password managers, multi-factor authentication tools, social media monitoring systems, etc., that make it easy for you to identify and prevent social media mishaps. You cannot afford to take your social media presence lightly. Social media is a powerful brand building platform that can make or break your brand and market mindshare. Your customers are out there on social media platforms judging you, your business values, and your brand personality depending on what you put up on your Facebook, Twitter and LinkedIn accounts. So, it’s important to take social media security seriously and make sure it is covered in your cybersecurity processes.

Three things to consider when investing in new software

When running a business, you will often find yourself in need of new software tools to enhance the productivity, efficiency, effectiveness and even the security of your various business processes. These software programs range across a wide spectrum of tools including accounting, finance, IT, e-commerce, marketing, sales and many more. In this blog post, we discuss the key elements you should consider before investing in software tools for your business.

  1. Whose software is it, anyway? Learn more about the company that owns the software. Find out how long they have been in the business. Are they dealing in similar software programs across different industries, or is this their only product? Get more information about their company size and business model. How do they sell? What kind of after-sales support do they offer in terms of training, troubleshooting and product updates? You need to have answers to all these questions. This is especially important if you are investing a considerable amount of money in the software tool. You don’t want to purchase something that may be outdated or produced by a small operation that goes out of business in a couple of months leaving you with no updates or support. Plus, the most important thing, you need to be able to trust the software vendor with your data.
  2. What’s the market saying? Never make impulse purchases when it comes to business software. Check out online reviews, get to know from peers who have used the product/ similar products and even ask your software vendor for references and testimonials. Third party sites like G2Crowd, Capterra, Software Review, etc, are some good examples of neutral software review sites. Though, some of these do have incentivized review programs, for the most part, they appear to be pretty reliable.
  3. Ask for a free trial: Ask your vendor if they can arrange a free-trial or sandbox version of the product for you team to play with for a while before making the decision. This will help you get familiar with the product and then decide if it is worth signing up for in the long run.
  4. How much will you be actually paying? Understand how much you will end up paying finally for using the software to its fullest potential. There are various kinds of pricing models. You may have to pay per user, per device or you may be offered a tiered pricing where certain features of the product are made available to you only upon subscribing to a higher tier. So, while the starting price of such software programs may be in single or double digits, to actually be able to put it to good use may end up costing you thousands of dollars!
  5. Flexibility: How well does the software fit into your current business process. Remember, you are buying the software to make your existing process more efficient. If your process is already set and working optimally, you shouldn’t have to make any drastic changes to fit the software into it. Instead, it should make your process even smoother without causing any disruption. Secondly, let’s say you find it not to be a good fit for you. How easy will it be for you to get out of it in such an instance? Do you end up paying a penalty for early termination of the contract? This may be especially the case where it is a SaaS agreement.

Whether you are buying from a value added reseller (VAR) or a software manufacturer directly, these are some of the elements you need to look into before investing in any business software. However, if you are like most business owners, then you’d probably be too busy to look into all these details. That’s where a trusted MSP can help you. They can recommend the right software based on your needs and also do the necessary due diligence for you before you make the purchase.

Insider threats: Not as uncommon as you think

When we speak of cybercrime and data theft, we typically think of seasoned cybercriminals. But you’d be surprised to know that the cause of businesses becoming victims of cybercrime is most often their own employees–sometimes on purpose, sometimes inadvertently. Remember Bob from accounting who was let go? Or the new intern who worked for 3 days and never showed up? Yep! They could engage in cybercrime activities to ‘get back at you’. Many businesses have been victims of cyberattacks brought on by disgruntled employees, both current and ex.

No matter who attacks you virtually, whether it is a seasoned cybercriminal or an employee who is simply upset with the kind of coffee your office coffee machine makes, becoming a victim of cybercrime causes you a lot of damage. For starters it erodes the trust your customers have in your brand, it affects your brand negatively. If your data is held ransom, you have no choice, but to pay up the demanded amount of money, there may be legal/regulatory penalties to pay as well and then there are chances of lawsuits that you will have to settle. And, remember, your business won’t be running as usual during this time, resulting in a direct revenue loss as well. So, how do you prevent such internal threats? Here are a few tips.

  1. The first step is to recognize that your own staff can be a threat. Adopt a trust, but verify, approach and take the necessary steps in line with that attitude.
  2. Educate your staff about the dangers lurking online. This will prevent cases where your staff are inadvertently party to the crime. Sharing OTPs, passwords, use of unsecured Wifi networks, leaving devices unsecured, visiting suspicious sites, clicking on phishing links, opening dubious attachments, etc., are all examples of your employees accidentally opening the doors for a cybercriminal.
  3. Conduct sessions on corporate ethics, reinforcing what’s acceptable and what’s not. Also brief your staff on the consequences of unethical virtual behavior such as data theft, hacking or wilful compromise of your network and data security.
  4. Perform surprise audits to check if your IT policies are being adhered to. Take actions against staff found flouting the rules.
  5. Invest in cybersecurity systems such as firewalls, network monitoring tools that identify and alert you on abnormal IT activities, powerful anti-malware programs, role/permission based access management mechanisms.

An MSP specializing in cyber security will be able to help you build a secure IT environment that takes into account all of these and more, so you don’t have to worry about threats to your data.

Gaining a competitive edge during the pandemic

The COVID-19 pandemic has been tough on everyone. The lockdowns, the need to follow social distancing–though indispensable–have been tough on individuals and also resulted in a lot of revenue loss to businesses. For SMBs though, this time has been particularly difficult, with a general downturn in the economy and the job losses, which has been affecting people’s ability to make purchases. In the middle of all these challenges, SMBs are grappling with yet another issue–the need to keep their business running, even remotely in some cases. A lot of businesses had a tough time adapting to the work-from-home setup. Since this sudden transition to the work-from-home model was largely unplanned, a lot of them became victims of cybercrime and many more are being targeted even as you read this.

If you’re one of those businesses that implemented the WFH model overnight, then it’s time you paid attention to the cybersecurity angle of it. Here are some ways to do that-

  1. First things first. Establish a work-from-home/BYOD policy that defines the roles and responsibilities of your employees as they operate from home. Clearly define the extent to which they will be held accountable in the event of a data breach at their end.
  2. Are you providing your employees with the systems/devices they need to work from home? Or, are they using their own devices. If they are using their own devices, then there’s only so much control you can exercise in terms of access and functionality. What you can do, as a positive reinforcement though, is provide them with powerful anti-malware software access that they can install on their devices, which can keep your data safe even as they work on it.
  3. Train your staff on common cybercrime modus operandi and help them identify instances where they are facing a cyberthreat. This will help them steer clear of the usual suspects such as phishing links, clone websites, suspicious attachments, dubious emails, etc.,
  4. Educate your staff on cyber security best practices such as password hygiene, avoiding public WiFi connections, etc.
  5. Consider using technologies such as the Cloud and remote desktop access. Such technologies do not store your data on the employee’s device, giving you greater control over how, when and from where the data is accessed.

The Coronavirus pandemic made the work-from-model a necessity and while businesses hurriedly switched to that to keep the wheels turning, many are increasingly beginning to consider it as a permanent solution to keep operating costs low, and employees happy–many appreciate the lack of commute, freedom and better work/life balance WFH has to offer. This means, WFH is here to stay even post-pandemic. Now is the time to invest in creating a secure work from home environment and an experienced MSP can help you get there faster.

Best practices for remote desktop access

Remote desktop access is an essential in these days when businesses are expected to be responsive to their clients almost 24/7. Moreover, there has been a surge in the remote desktop access practice with coronavirus pandemic. But, did you know that remote desktop access, while almost indispensable now, can threaten your network security? In this post, we discuss a few best practices that you should engage in for safe remote desktop access.

Have your basics in place

Make sure your security basics are covered. Your systems should be secured with the latest Firewalls, anti-malware software and up-to-date with all security patches and software upgrades. Another item on this list is passwords. Make sure you are following good password hygiene such as no password sharing, setting secure passwords, not repeating passwords, etc.,

Train your employees

Train your employees who will be accessing your network via remote desktop connections to identify cyber security threats and steer clear from them. Educate them to identify phishing links, clone sites, dubious attachments, etc.,

Use multi-factor authentication

Multi-factor authentication adds a layer to security and is especially important in case of remote desktop authorization. Multi-factor authentication works by confirming the identity of the user across 3 areas–what they know, what they have and who they are. . User IDs, passwords, secret questions, date of birth, etc., fall in the first category (What they know), while OTPs sent to their smartphone, a physical token or an access card belong to the second category (What they have) and the third category (Who they are) includes biometric authentication such as retina scan, fingerprint or voice recognition.

Limit access wherever possible by deploying Cloud solutions

To a certain extent, the Cloud is a good alternative to remote desktops and more secure. So you can opt for the Cloud-based setup wherever possible and limit remote desktop access to those to absolutely need it.

Remote desktop security strategy formulation and implementation is tedious, but necessary. You can ask your MSP to assist you with remote desktop security strategy implementation. An MSP who is well versed in cybersecurity measures will be able to do this for you. At the same time, don’t forget to inquire about possible Cloud based alternatives to remote desktop access.

Five reasons to invest in a password management system ASAP

Password management tools are software programs that put up enough security and safety mechanisms in place to ensure there’s no password breach.

Your employees can use the program to generate random, high-security passwords as per the industry best practices. They don’t have to worry about remembering them either, because these tools have built-in mechanisms to store the passwords securely and retrieve them automatically when needed.

All passwords are encrypted and stored privately, so no one, other than the authorized user has access to their passwords.

It takes care of timely password update reminders and password reset, so you don’t have to worry about them.

Password management tools make it easy for you to enforce role-based access permissions. For example, a data entry executive may be able to enter data into the sheet only once, and may need authentication from the manager to edit the data, or only someone at the managerial level may be allowed to make edits to the data.

Some password management tools support multi-factor authentication, thus helping you make this important security feature a part of your data security process.

Password management tools also offer administrators and managers full view of the log-ins and also generate detailed access reports. You will know which user logged in, at what time, using which device. Some password management tools can send alerts when there’s a log-in from devices, networks or locations that are unusual.

There are a variety of password management tools available in the market. While their basic function is the same–keeping your passwords secure, password management tools can offer you a lot more in terms of data security. Consult with an MSP who deals with cybersecurity as they can help you pick the password management tool that’s right for your business. But, remember, at the end of the day, there’s no substitute for good password hygiene, so no matter what tool you deploy, you still need to educate and train your employees to follow good cybersecurity practices.

Eight common password mistakes to avoid

Research points out that more 80% of data breaches happen due to password hacking, meaning that poor password hygiene is responsible for a majority of cybercrimes that follow data breaches. To make sense of this statistic better, let’s first look at what constitutes poor password hygiene.

Using simple passwords

Often passwords that are easy-to-remember are easy-to-hack. Do you use passwords such as password, password1234, delta123, etc.,? If yes, then you should be changing them at the earliest to something less obvious.

Repeating passwords across platforms

As another solution for remembering passwords, people tend to use one, single password universally. This dilutes the password even if it is a strong one. Plus, there’s always the risk of the password being hacked at one place and putting the data stored at all other places also at risk.

Unauthorized password sharing

Unauthorized password sharing for the sake of getting things done faster is a very real problem. For example, someone is on leave and someone else needs access to a particular file from their computer. The employee who is on leave shares the password and that can result in a security compromise.

Writing down passwords

This the most obvious, yet oft-made password mistake. Just so they don’t forget the passwords, people tend to write them down on a piece of paper, a diary or sometimes, store it on their phone. You know what can follow if the piece of paper or diary or the phone is stolen. Same goes for storing passwords on email and if the email server is compromised.

Not revoking access on time

Cases where ex-employees log-in credentials were used to hijack company data are not unusual. When companies forget to revoke the access of employees as they move out of the department or organization, they are leaving a gaping cybersecurity hole open which is easy to take advantage of.

Not updating passwords

Using the same password for years or even months can be risky. Passwords should be changed every 3 months and perhaps even sooner for critical applications.

Single factor authentication

For the more critical areas, multi-factor authentication must be deployed. Relying on password alone is a huge cybersecurity risk. Multi-factor authentication includes tokens, biometric authentication, OTPs, etc., which make it very difficult to hack into the application.

These are some of the basic password mistakes that almost everyone is guilty of at some point. You can prevent these from happening in your organization by educating your staff about them and training them well to cultivate good password hygiene.

How to manage cookies effectively so they are not a threat to your data

How to manage cookies effectively so they are not a threat to your data

Avoid third-party cookies: Third-party cookies are primarily used for online advertising and retargeting, so you won’t miss anything significant by avoiding these cookies. So, whenever you see a cookie alert on any site, first, check if it is for third-party cookies and if yes, it’s best to ‘Not accept cookies’. As a business, don’t allow third-party cookies on your site.

Secure sites: Make sure the sites you visit are secure (HTTPS) and have a valid SSL(Secure Socket Layer) certificate. The SSL certificate ensures that any data that’s exchanged is encrypted, meaning even if the hackers get access to the cookies, the information will be garbled eliminating any data leakage. As a business, make sure your site is secure and has a valid SSL certificate.

Anti-malware software and security patches: Install antimalware software programs on your computers and make sure they are up-to-date. Install security plug-ins and patches as soon as they are available, without delay. Do not use outdated software or operating systems for which support and security upgrades have been discontinued. Cybercrime modus operandi evolves at a rapid pace, an outdated cybersecurity setup will do you no good.

Invest in a good password manager tool: One of the reasons people tend to store passwords and other sensitive information online–which involves use of cookies, is because they have a tough time remembering passwords. A good password management system provides you with a safe and secure alternative.

Educate your staff: Train your staff to identify and steer clear of basic cybersecurity risks such as

  1. Phishing links
  2. Clone websites
  3. Using public Wi-Fi
  4. Poor password hygiene
  5. Unverified app downloads, etc. ,

IT Policy: Establish a solid IT policy that spells out the dos and don’ts for your staff to follow in the office and also when accessing work data remotely.

If all of this feels overwhelming on top of running a business, it makes good sense to bring an MSP onboard who can take care of not just the Cookie monster but also of your entire IT security setup.

Understand your Cookie to manage it better!

Understand your Cookie to manage it better!

There are 3 kinds of cookies, each having different functions. One of them is session cookies. If it weren’t for session cookies, you wouldn’t be able to do any online shopping, banking, social media posting or any other activity that requires you to be logged in/identified. These session cookies are temporary cookies and they disappear once you log out of the website, thereby ending your session. It is the session cookies that enable the website to identify you and your actions and react accordingly. Without them, every click you make on the site, will be treated as a new one, unrelated to the previous action. For example, you logged into your bank account to transfer money to a friend. If you click on “Money Transfer”, without a session cookie, the bank’s website won’t recognize you from your log-in and you just won’t be able to proceed further. You will be stuck in an endless loop of log-ins.

The second kind of cookies are called persistent cookies.These cookies are stored in the hard drive of your computer. Unlike the session cookies, they are not temporary and don’t disappear until you clear them proactively. Persistent cookies are used by websites to offer you a customized browsing experience. For example, when you visit the website of a company that has a global presence, you may be given the option to choose your preferred language and country, so the site displays relevant information. Unless you clear the cookies from your computer manually, the next time you visit the site, you will automatically be taken to the version of it that you chose last time–probably English, US.

The third kind of cookies are called third-party cookies and are typically used to retarget customers as a part of online advertising campaigns. You might have noticed that sometimes after you visit online shopping sites, ads related to the items you viewed on the shopping site shows up as you browse other websites too. That is a situation where third party cookies have been deployed.

While cookies by themselves are harmless, cybercriminals can use them as a medium to attack you virtually. But you just cannot make do without cookies. So, how do you manage cookies effectively to stay safe? Download our whitepaper, The Cookie, monster is coming for you to learn more!

Everyone loves cookies–even cybercriminals

Everyone loves cookies–even cybercriminals

When you visit a site, probably for the first time or from a new device or browser, you will see an alert that mentions the site uses Cookies to offer you a more personalized experience and asks you if you are okay with it. Let’s admit it. A lot of us don’t even bother to read what the notification says before we click “Accept” and move on with our browsing.

Cookies are tiny information packets that store data related to your interaction and behavior on websites. It is like walking into your favorite local diner and having them serve up the “usual” instantly. Cookies, track your digital footprint on a website and allow the site to offer you a more personalized browsing experience. For example, let’s say you visited Amazon.com and looked at some cameras, perhaps you put one into your cart as well, but never checked out, or added one to your wishlist on the site. The next time the camera is on a sale, Amazon app sends you a notification about the price reduction. That happens with the help of cookies. And, that’s just one example. Cookies are not necessarily limited to shopping sites.You know how sometimes you can save your password for some sites, so you don’t have to type it or log in every time you visit the website? You are able to do that because of cookies. Any site can have cookies, though shopping and banking sites can’t function without them. These are known as session cookies and are absolutely indispensable, while some like persistent cookies make your web browsing experience more pleasant and the third party cookies, while not very pleasant, are used basically to facilitate online advertising. How do cookies become a security threat, then?

Cookies become a security threat when hackers get access to them. If hackers hijack your cookies, they can get access to your session, your passwords and other related online activities. Hackers sometimes create “Super Cookies” and “Zombie cookies” to steal information from authentic cookies. Such cookies are difficult to identify and delete and sometimes work like worms replicating themselves, thus making it more difficult to get rid of them. Hackers can also steal your cookies if they get access to your network or to the server of the website you are visiting. For example, if your bank’s or shopping website’s server was hacked into, chances are, the hacker has access to your cookies and thereby all your account details.

If you liked what you read, then check out our whitepaper, The cookie monster is coming for you, for a more detailed account of the threats posed by cookies and how you can manage them better.

Don’t let hurricanes blow your data away!

Don’t let hurricanes blow your data away!

“Life is not about sheltering yourselves from the rain, it is about learning to dance in the storm”, goes a popular saying. But, if you are a small business, you first need to shelter your assets from the rain, before you can afford to dance in the storm without a care in the world. Hurricanes, tornadoes and thunderstorms can catch you off-guard resulting in losses worth thousands of dollars. Your inventory may be damaged, your place of business may be flooded and your critical business data lost. While most small businesses do take timely steps to ensure their inventory and place of business are protected from natural disasters, a lot of them tend to overlook the risk such natural disasters pose to their IT infrastructure and data. To many, it doesn’t seem to be that big an issue–and invariably, this is where they go wrong. Data loss due to natural calamity or any other reason can cause significant damage to a business, resulting in extreme consequences such as complete business shutdown. Safeguarding your data shouldn’t be a project you embark upon after a hurricane warning is issued.

In this post we discuss the steps you can take to mitigate the risks natural disasters pose to your data and IT infrastructure.

  1. Recognize the need for data safety, security and recovery in times of disaster.
  2. Bring together your key resources and create a team that’s responsible for implementing your disaster backup and recovery plan.
  3. Identify the key areas that need to be addressed. In the event of a disaster, what are the processes that absolutely need to function to keep your business going and what needs to be done so they still function smoothly?
  4. Prepare a solid disaster recovery-business continuity plan. You can enlist your in-house IT team or bring an MSP onboard to do this.
  5. Create a list of all the software programs, applications and hardware that are critical to your business process
  6. Include floor plans, physical access details, entry-exit security codes etc, pertaining to your place of business in the plan.
  7. Include information about your backups in the disaster recovery and business continuity plan.
  8. Conduct mock drills and audits to ensure your plan is executable and gives you the intended results.

All of this can be overwhelming, especially with a business to run and a Hurricane to watch out for! That’s why most SMBs rely on trusted managed service providers to do it for them, while they focus on their core area–managing their business and customers.