Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

VT Logo header logo wrap shape

VT Logo header logo wrap shape

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

inner banner overlay

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Cybersecurity Tips on Working from Ho-Ho-Home This Holiday Season

Cybersecurity-tips-for-a-safe-and-secure-holiday-season

The remote work or work-from-home business model is here to stay. Just consider these statistics:

  • Companies that embrace remote work have 25% less turnover than those that don’t;
  • In the past decade remote working has increased by 115%;
  • 86% of employees feel that remote working reduces stress;
  • People who work remotely half of the time save 11 days’ worth of commuting time every year; and
  • Telecommuting reduces greenhouse gas emissions by an amount equivalent to 600,000 vehicles.

These are some pretty compelling reasons to embrace remote working. While working from home is convenient and has many benefits, it also exposes individuals and businesses to a number of cybersecurity risks. Whether employees are connecting to networks from the office, from home, or from their local coffee shop, businesses need to plan for the risks of cyberattacks (such as data loss and leakage) and work to mitigate them. Networks with a centrally managed corporate network and remote workers present unique security challenges. 

With the holiday season right around the corner, there are heightened cyber risks that come along with the season. Between the increased online shopping and potential travel plans, cybercriminals see the holiday season as a major prospective payday. Here we review some general strategies for addressing holiday cybersecurity this season.

Remote Work Cybersecurity Strategies

To keep information safe, business owners need to educate their employees on how to manage network security, work securely, and prevent the migration of home vulnerabilities to the office. It is also important that employees and employers receive a basic level of cybersecurity training so that they understand the implications of their actions. Cybersecurity executives and professionals aren't the only ones who need to know how to deal with cyber attacks.

This new way of working expands the potential of cybersecurity threats with new vulnerabilities surrounding every employee whether working from home or at a local coffee shop. Here are five strategies to mitigate any security risks associated with remote working vulnerabilities:

  • Experts recommend that telecommuters use a secure VPN to provide end-to-end encryption. For organizations that allow access to email and cloud services from an employee’s personal device, it is recommended to apply the same endpoint security rules for antivirus software and custom firewalls as for employer-managed devices.
  • Empower employees to address the security of their home networks. Personal computers are an easy way for attackers to gain access to networks. Ensure employees have passwords to home routers and the proper firewalls in place to decrease the chances of an attack.
  • Implement policies that require employees to change their various device and application passwords frequently, ideally at least every three months. Passwords should be complex with specific character requirements, and not of the ‘123456’ variety.
  • Be selective about what software and applications are allowable, and ensure that employees know not to install unapproved applications.
  • In the event that a cyberattack does happen on a staff members’ home system, ensure that employees know to report it immediately 

E-Commerce Cybersecurity Strategies

Online shopping and the holidays go hand in hand. Heck, there is even a day specifically for e-commerce transactions (Cyber Monday, which falls on the Monday following Thanksgiving). It is safe for organizations to assume that their employees will be indulging in some online shopping during the holiday season, and they should plan accordingly by instructing their staff to ensure that all internet-connected devices ‒ including PCs, smartphones, and tablets ‒ are free from malware and infections by running only the most current versions of software, web browsers, and other apps. Employees should be mindful of the e-commerce sites they are visiting by shopping only on sites that use SSL protection. The easiest way to tell whether a site uses SSL protection is to check the browser’s address bar for HTTPS in the URL. Sites without the ‘s’ in HTTP are not safe to submit payment information or other personal details and should be avoided at all costs. 

Employees should also be encouraged to regularly monitor their accounts, check their online financial accounts regularly for suspicious spending, and to take advantage of text and email alerting services that many banks and credit card companies now offer.

Identity Theft Cybersecurity Strategies

Identity theft, also known as identity fraud, is a crime in which an attacker obtains key personally identifiable information, such as social security numbers or driver's license, in order to impersonate another person. Identity theft has taken on a new lease of life in the digital age, and our data has become a valuable asset that can be monetized and used to engage in fraudulent activities. 

The best way for employees to protect themselves from identity theft is to be diligent about not sharing personal information and shredding sensitive documentation as needed. Creating, and regularly updating, long and unique passwords for all accounts and using multi-factor authentication wherever possible are also strong tactics for mitigating the risk of identity theft. 

Phishing Cybersecurity Strategies

With the expansion of telecommuting, vulnerabilities have increased as more devices are being introduced into corporate data ecosystems and new phishing schemes have been introduced. The FBI reports that phishing was the most common type of cybercrime in 2020 with the number of incidents reported doubling between 2019 and 2020. ‘Think before you click’ is a mantra that should be adopted and regularly repeated by all organizations.

Cybercriminals have really stepped up their phishing game in recent years. The FBI recently shared this list of the top ten most common phishing email subject lines from last year:

  1. IT: Annual Asset Inventory
  2. Changes to your health benefits
  3. Twitter: Security alert: new or unusual Twitter login
  4. Amazon: Action Required | Your Amazon Prime Membership has been declined
  5. Zoom: Scheduled Meeting Error
  6. Google Pay: Payment sent
  7. Stimulus Cancellation Request Approved
  8. Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription
  9. RingCentral is coming!
  10. Workday: Reminder: Important Security Upgrade Required

It’s easy to see how employees could be taken in, which is why it is critical to provide regular security training for your employees so that they understand and be able to spot phishing scams, malware, and social engineering threats. In addition to conducting phishing awareness courses, organizations can conduct mock phishing drills to keep employees alert and only click on links they trust. Ensuring your employees are educated in the ways to identify phishing attempts will go far towards keeping your networks and data safe and secure.

Ensure Your Stress-Free Holiday Season

While it is a magical time of year, the holiday season can also come along with it’s share of stresses. Between the jam-packed social calendar, family commitments, working hard to pick out the perfect gifts, and the general busyness of the season, there are plenty of things to add stress without piling on cybersecurity-induced stress. 

Wondering if your company is safe and primed to survive the holiday season cyber safe? Versa Trust has been serving Texas businesses for over 25 years and can give your organization the peace of mind it so richly deserves this holiday season. Their suite of security services will protect your data, save you money, and keep your organization cyber safe. Connect with them today for a no-obligation risk assessment.

0 Comments
Continue reading

Tightening Security with Microsoft Azure

Combatting Cybercrime with Multi-Factor Authentication in Microsoft Azure

Originally Published December 2017

hands in gloves breaking into computer

Back in 2020, working from home emerged as a necessity in response to a pandemic. Now, businesses have realized the convenience and appeal it offers, and an increasing number of companies have incorporated remote or hybrid work into their overall business strategies.

In addition to the rise in remote work, we have also seen a number of high-profile business breaches over the past year that have highlighted the importance of cybersecurity. The SolarWinds breach and the Colonial Pipeline attack both clearly demonstrate that businesses of all sizes can be hit by these criminals, and everyone needs to be ready. Businesses have begun to realize that criminals care less about the size of your organization or your industry. They only care about whether or not they see you as a likely target.

With employees working from their own offices and breaches disrupting businesses of all sizes, cybersecurity has to take center stage in a new way. Keeping your network safe, while also ensuring your employees have access, requires a careful balance. Multifactor authentication can provide you with an excellent tool to get started. Let’s explore the value that this single authentication strategy can offer.

Breaking Down the Basics: What Is Two-Step Verification?

Two-step verification serves as a critical second layer of security that demands an additional method of authentication to allow user sign-ins and transactions. It works by requiring two forms of account authentication to prevent unauthorized access or account hacks.

Two-factor authentication involves any two or more of the following verification methods:

  • Something a user creates and knows (typically a password)
  • Something only the user has possession of (a trusted device that is not easily duplicated, like a smartphone or tablet)
  • Something entirely unique to the user’s actual being (biometrics like fingerprint logins)

As people work from home and engage with their organizations remotely, they access company networks across a variety of platforms and devices. Between smartphones, tablets, laptops, and PCs, business users have multiple ways to access accounts and applications from anywhere. Two-step verification allows business users to implement an extra layer of protection in this growing digital atmosphere. Furthermore, as leaders in business technology optimization, Microsoft has wasted no time in implementing their own two-factor authentication method for Azure.

Secure Azure: Benefits of Multifactor Authentication in Microsoft Azure

Azure multifactor authentication (MFA) is an easy-to-use, scalable, and reliable two-factor authentication solution that provides increased protection of user accounts. Azure MFA helps professionals control and protect access to data and applications, without creating a ridiculously complicated and irritating sign-in process for users. Azure MFA allows users to implement a reliable authentication system, through a variety of mediums.

Let’s break down the key benefits of implementing Azure MFA:

Easy To Use

First and foremost, Azure MFA is incredibly simple to implement and even easier to use. The extra protection that comes with Azure MFA allows users to manage their own devices, from anywhere, which alleviates the security burden for management and IT admin staff.

Scalable

Azure MFA harnesses the power of the cloud and integrates seamlessly with on-premise applications. This means Azure’s authentication feature can handle high-volume, mission-critical situations and is equipped to support business growth.

Consistent Protection

Azure MFA is designed specifically to ensure consistent and user-friendly authentication processes for business users. Azure MFA provides this consistent protection by deploying the highest industry standards and best practices.

Reliable

Because business never sleeps, Microsoft guarantees 99.9% availability of Azure MFA. The service is only unavailable when it is unable to receive or process verification requests for authentication.

How It Works: Functionality Considerations for Azure Multifactor Authentication

Azure MFA is so secure, thanks to its layered approach to protection. Hackers looking to gain unauthorized access to an account will have a much harder time compromising multiple checkpoints, as opposed to basic, password-only options. By implementing Azure MFA, even if a cybercriminal were to crack a user’s password, the information would be useless without possessing a trusted device or completing the next authentication step.

This means that, even if an employee’s home internet is breached or if your assistant forgets their laptop in their hotel room, you have an additional level of security protecting your information.

Azure multifactor authentication helps lock down access to data and applications, while meeting user demand for a simple sign-in process. It provides additional security by requiring a second form of authentication via a wide range of easy and customizable verification options.

The following is a list of methods that can be used for second-step verification:

Phone call

Here, a call is automatically placed to a user’s registered phone. To authenticate access, users enter a PIN, if necessary, followed by the # key.

Text message

If preferred, users can receive a text message on their mobile phones. The message will provide a six-digit code, and users then enter this code on the sign-in page to authenticate.

Mobile app notification

Users can also set up verification through the Azure mobile app. A verification request will be forwarded to a user’s smartphone, and the user is then able to enter a PIN, if necessary, followed by selecting Verify on the mobile app to authenticate.

Mobile app verification code

Similar to the previous option, the Azure mobile app also has a verification code feature that users can take advantage of. The app, running on user smartphones, has a tool that generates verification codes that change every 30 seconds. Users select the most recent code and enter it on the sign-in page to authenticate.

Third-party OATH tokens

Finally, if – for whatever reason – the above options aren’t preferred, the Azure multifactor authentication server can be configured to accept third-party verification strategies as well.

IMPORTANT NOTE: Azure multifactor authentication provides varying verification methods for both the cloud and server platforms. Business owners can choose which methods are available for users. For full details, check out info on selectable verification methods.

Strategies for Implementation: Getting Started With Azure Multifactor Authentication

Now that we have the lay of the land, let’s take a look at the steps necessary for implementing Azure MFA for business users. Implementing the solution isn’t difficult at all and, if business owners follow this step-by-step guide, they’ll have a second layer of security deployed in no time.

PREREQUISITE

Before anything else, businesses must be signed up for an Azure subscription.

In order to take advantage of Azure MFA, businesses that do not already have an Azure subscription will need to sign up for one. If you are just starting out and want to take a test drive, there is a trial subscription option.

Enable Azure Multifactor Authentication

This part is generally easy and automatic. As long as business users have licenses that include Azure MFA, there’s nothing that you need to do to manually activate the feature. You can start requiring two-step verification on an individual user basis under the following Azure licenses:

However, if you don’t have one of these 3 licenses, or you don’t have enough licenses to cover all business users, you’re not out of luck. You’ll just have to complete an extra step and create an MFA provider in your Azure directory. For full instructions, check out this guide.

Turn on two-step verification for users

Next, business owners need to turn on the two-step verification feature so that it’s required of all users. You have the option to enforce two-step verification for all sign-ins or create conditional access policies to require two-step verification only in certain situations. This can be valuable for businesses that want to add an extra layer of security for people working from home offices or other remote locations. You can require additional authentication steps for those accessing data outside of your office network. There are a variety of ways to set up your preferred method – you can find a collection of step-by-step procedures here.

Configuration

Finally, once Azure MFA is set up, business owners can configure and optimize deployment. The configuration allows for a variety of customizing strategies, like fraud alerts, bypass permissions, trusted device logs, and more. For full details on strategies for configuration, check out this how-to configuration guide.

The business environment continues to change at a rapid pace, particularly with the widespread adoption of hybrid and fully remote work options. As businesses look to combine the convenience of allowing employees to work remotely with the necessary security, they need strategies that will protect their data and information. This means it’s now more important than ever for business owners to get strategic with IT security.

Azure’s MFA two-factor verification solution offers business owners an easy way to combat cybercrime, empower users and protect company data. Employees have an extra level of protection on their devices and for their different platforms, whether they log in from an office building or from a location a thousand miles away. Azure MFA operates as an additional line of defense for business users, making it harder than ever for cybercriminals to hack into password-protected accounts.

Is your company making use of Azure MFA or another solution for two-step verification? If not, what are you waiting for? Whether or not you have implemented remote work options, cybercriminals have made it clear that they continue to look for new ways to breach business networks. Implementing two-factor authentication is one of the easiest ways to up your cybersecurity game. If you have questions about implementation, reach out to a local IT firm for professional consultation. You have nothing to lose and everything to gain.

Continue reading

Improve Your Cybersecurity Year-Round

VersaTrust-Cybersecurity-all-year

This week is the final week of Cybersecurity Awareness Month, but that doesn’t mean that you or your organization should be relaxing your efforts to be more cybersecure. In fact, every aspect of our connectivity, from our devices to the cloud, can affect the future of our personal, consumer, and business cybersecurity.

0 Comments
Continue reading

Cybersecurity Professionals Are Difficult To Find – Consider Outsourcing

VT-MSP

Multiple studies show cybersecurity attacks are increasingly targeting small businesses, as criminals recognize the ease with which they can often infiltrate them. At the same time, according to the 2020 Cybersecurity Workforce, the industry is currently in need of about 3 million qualified cybersecurity workers, and 64% of the cybersecurity professionals surveyed say their organization is impacted by this cybersecurity skills shortage.

Continue reading

Cybersecurity Awareness Month: Phight the Phish

VersaTrust-Phishing

October is Cybersecurity Awareness Month. Now, in its 18th year, Cybersecurity Awareness Month exists to help Americans develop an appreciation and awareness of the importance of cybersecurity. One of the focus areas of this year’s campaign is phishing. And with good reason. Consider the following statistics:

0 Comments
Continue reading

By accepting you will be accessing a service provided by a third-party external to https://www.versatrust.com/

Mobile? Grab this Article!

QR-Code dieser Seite