logo

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 859-7140

You are here: Learning Center / Blog / Improve Your Cybersecurity Year-Round

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Improve Your Cybersecurity Year-Round

This week is the final week of Cybersecurity Awareness Month, but that doesn’t mean that you or your organization should be relaxing your efforts to be more cybersecure. In fact, every aspect of our connectivity, from our devices to the cloud, can affect the future of our personal, consumer, and business cybersecurity.

This week is the final week of Cybersecurity Awareness Month, but that doesn’t mean that you or your organization should be relaxing your efforts to be more cybersecure. In fact, every aspect of our connectivity, from our devices to the cloud, can affect the future of our personal, consumer, and business cybersecurity.

Cybersecurity is increasingly becoming more of a consideration in how we work, learn, and play. It is rapidly expanding beyond the realm of just cellphones and computers and will soon encompass network-connected IoT devices, like smart thermostats, driverless trucks, and even children’s toys. The IoT market is set to reach a value of more than $1 trillion in the next few years, expanding both our connections and capabilities, as well as the potential for new and ongoing breaches in cybersecurity.

Cybersecurity can be overwhelming, especially when you’re dealing with a crisis, like a breach or a hack in your workplace. However, when we treat cybersecurity as a year-round effort, it becomes much easier to manage.

Today, we’ll guide you through some of our most useful and actionable tips to help keep cybersecurity a priority throughout your company, reducing your risk of being targeted by cybercriminals.

Actionable tips for year-round cybersecurity

Being cybersecure doesn’t just begin and end with your IT department. As a business owner and company leader, you have a responsibility to do your part and incorporate greater awareness of cybersecurity into every decision you make.

Making these changes doesn’t have to be an expensive proposition, although many companies are making sizeable investments in this area this year. Annual global cybersecurity spend is growing at a rate of 12–15%, with more than $1 trillion expected to be spent between 2020 and 2025 alone. Making risk-reducing changes can be as simple as limiting file access since, currently, reports show that two-thirds of companies offer all employees access to at least 1,000 sensitive files. This can be remedied quickly and will immediately reduce your risk and limit damages in the event of a breach.

Here are a few more of our most useful tips to help you be more cyber aware.

Remember smart devices connected to the cloud need smart security

Making investments in IoT and smart devices can make our workplace smarter, offering actionable insights that we can use to help increase productivity. However, the use of these devices should not be undertaken lightly.

Instead of unthinkingly letting these devices access your network, take the opportunity to work with your IT department to create new security policies that govern your company’s use of these objects.

Ensuring that these devices are configured correctly will help ensure better security, but that’s just the beginning. Regularly updating devices with the latest patches and network settings will help ensure they remain protected from hackers, who can use them as the first point of contact to access sensitive files and data.

Put cybersecurity first in every decision

As a leader, there’s very little that goes on within your business that you aren’t involved in. Even if it isn’t your forte, you still need to be an advocate for cybersecurity and ensure that it’s considered a critical part of every decision.

Whether you’re leading the development of better cybersecurity policies or simply creating relationships with reliable agencies and partners to ensure you always receive timely access to cyberthreat information, you have enormous power to implement positive change. Make sure that you’re using it to put cybersecurity first in every aspect of your job.

Advocate for strong passwords and passphrases

If companies do not develop strong and resilient password policies, employees will be left to determine the best practices of password creation on their own. Instead of prioritizing company security, most employees will simply do what’s easiest for them, leaving company data and systems vulnerable.

Strong password policies can empower your employees, making it easier for them to get involved in the cybersecurity of your organization. Training them on password best practices and providing them tools like an electronic password manager are great first steps.

Never use public computers to log into your accounts

When you’re trying to stay on top of company business, it’s tempting to bypass security in favor of getting work done. This drive has led many business leaders to use public computers to log into their secure work accounts. These public devices are not safe for secure company work, even if it’s something as simple as checking your email.

Always err on the side of caution and avoid using these public machines. If you have used a public computer to conduct work business in the past, change the passwords on those accounts now.

Turn off Wi-Fi and Bluetooth when idle

When your Wi-Fi and Bluetooth connectivity is engaged, your location is being tracked. To help limit your exposure, especially when you’re in the workplace, you should always disconnect your Wi-Fi and Bluetooth capabilities when they are not in use.

More resources:

Looking for more resources on how to help your company be more cyber aware? Check out this list of resources from the Cybersecurity & Infrastructure Security Agency (CISA), the organizers of Cybersecurity Awareness Month.

How cloud computing can improve your organizational cybersecurity

If your sensitive data and applications are all hosted on a local server, this can be a huge potential risk for your cybersecurity. Making a move to the cloud can help offer better protection for these assets, while also simplifying the process of regular backups and disaster recovery efforts. Many organizations have used the upheaval of the last year to implement new cloud architecture, with forecasts projecting a global spend of almost $75 billion in 2021 alone.

Have you considered implementing more cloud computing to help with your organization’s cybersecurity? What’s holding you back?

This is a complex, yet necessary, process that can help lower your company’s risk for a breach. If you aren’t sure how to proceed, a trusted cloud expert can help you determine the best way forward.

Enlist a Dallas-Fort Worth cloud services expert for continued cybersecurity support

VersaTrust has been working with businesses in the Dallas-Fort Worth area for over 25 years. In that time, we’ve been trusted to implement quality IT solutions for small- and medium-sized businesses, to help improve their ROI and ensure their ongoing cybersecurity.

Want to start a conversation about improving your organization’s cybersecurity through a move to the cloud? Reach out to VersaTrust to start the conversation today.

Cybersecurity Professionals Are Difficult To Find – Consider Outsourcing

With the labor market increasingly taxed by the Great Resignation, Outsourced IT services are increasingly in demand. Add in this decade’s rapid spike in cybersecurity woes, and it becomes an even more desperate picture. Hardest hit are small businesses whose profit margins are under pressure from inflation and that are struggling to hire and retain talent.

According to the 2020 Cybersecurity Workforce report, the IT industry is currently in need of 3 million qualified cybersecurity workers. 64% of the cybersecurity professionals surveyed say their organization is impacted by this cybersecurity skills shortage.

Until recently, most businesses have been able to skate by on bare-bones cybersecurity. Relying on a single software solution or firewall to keep them safe. Cybersecurity can no longer be an afterthought – even for micro-enterprises. If you deal with information, you’re dealing in gold – and it is absolutely critical to safeguard your organization, workforce and clients.

Consider what security measures you have in place, and then consider how rapidly an issue would be remediated by your team. If you don’t have a cybersecurity expert on staff, or haven’t consulted with one, chances are there are big gaps in your security. Outsourcing IT for cybersecurity doesn’t mean you have to replace your current IT staff. On the contrary: a provider can support and augment your team, so you have the best of both worlds.

Outsourcing allows small and large businesses to leverage economies of scale for their IT needs. A recent study from Computer Economics found that security was the fastest growing IT role being outsourced. It’s little surprise, as more companies recognize they can’t insource the right skills to address these varied and complex threats and keep their companies safe. That makes security a priority for outsourcing.

By choosing to leverage external resources, these companies can refocus on their core competencies and offload the external pressures created by an ever-changing IT threat landscape, increasing complexities presented by technology and the scarcity of IT employees who can navigate these challenges at a fair price.

There are several benefits to outsourcing IT, especially when it comes to improving your security.

Here are our top 5:

Expert Cybersecurity, Affordable IT Services

Outsourced IT security management calls for expertise in diverse skill areas, typically requiring multiple specialists. At the same time, there is a market-wide shortage of these skills. Hiring and retaining workers with the requisite skills to protect your company is expensive and uncertain. In contrast, you can access a team of such experts by outsourcing and pay flat fees with relative certainty that your IT team is going to be there, protecting you around the clock.

Focus on your core business

Outsourcing your IT even partially can free up critical resources to focus on the core of your business. Your existing IT team can manage infrastructure and all those “keeping the lights on” tasks or turn their attention to strategic initiatives to make your business more effective and competitive. For example, outsourcing your IT security allows your staff technicians to focus on high-impact projects that lead to the success and growth of your business.

Informed policy guidance

The IT threat landscape is always changing, and companies that don’t have a full, expert grasp of the extent of these security risks can’t adequately address them. Creating effective security policies takes in-depth experience that most IT generalists don’t possess. For instance, the IT staff in your company may not be able to accurately assess the effectiveness of your existing security policies or how well your company is keeping up with compliance requirements you’re required to follow.

Unbiased checks and balances

Your IT security is best outsourced, because it ensures some necessary degrees of separation between your company and your security checks and balances. Processes like security assessments and recommendations can become sensitive territory when managed internally. Outsourcing puts it in the hands of neutral parties who are fully vested in protecting your organization and can offer verification of that protection.

Comprehensive security coverage

Most companies focus on infrastructure security measures, like firewalls, anti-virus and spam filtering, but fail to address internal threats or physical security risks, like inappropriate data access or removal and employee security lapses. These actually represent a large risk to organizations. Employees removing confidential information on a USB key or a busy manager clicking on a phishing link can have catastrophic results. The nuances of these internal threats rely on trained security professionals. It’s not something you can have a regular IT person scout for with enough success to detect all the vulnerabilities.

With an outsourced IT provider, you can address security from all angles, covering your bases and providing safeguards and protections your internal IT staff often don’t have the experience, training and skills to implement and oversee. Given that 60% of small businesses suffering a serious cybersecurity incident go out of business within 6 months, outsourcing your IT security could be one of the most important decisions you make as a business owner.

The Outsourced IT Provider Fort Worth Trusts for Cybersecurity

We’ve provided outsourced IT services for companies throughout Fort Worth to improve their cybersecurity, get compliant with regulatory mandates and weather the storms of the 2020s. By partnering with VersaTrust, you get the benefits of a fully compliant IT and security team at the fraction of the cost of having an in-house IT team. At VersaTrust, we work with you to continually improve your IT and cybersecurity as your business grows.

Contact us today to find out how we can help your business grow!

Cybersecurity Awareness Month: Phight the Phish

October is Cybersecurity Awareness Month. Now, in its 18th year, Cybersecurity Awareness Month exists to help Americans develop an appreciation and awareness of the importance of cybersecurity. One of the focus areas of this year’s campaign is phishing. And with good reason. Consider the following statistics:

October is Cybersecurity Awareness Month. Now, in its 18th year, Cybersecurity Awareness Month exists to help Americans develop an appreciation and awareness of the importance of cybersecurity. One of the focus areas of this year’s campaign is phishing. And with good reason. Consider the following statistics:

  • The Federal Bureau of Investigation (FBI) reported over 240,000 instances of phishing in 2020 – a 110% increase from 2019
  • There were 11 times as many phishing complaints in 2020 as compared with 2016
  • Globally, 75% of organizations experienced a phishing attack last year
  • 96% of phishing attacks were perpetrated via email

While cybercrime has been rising steadily for years, COVID-19 provided a host of opportunities for cybercriminals who were quick to exploit the global pandemic for their nefarious means, most notably through COVID-related fraud around the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

What is phishing?

Computerworld describes the origins of phishing as follows:

“The word phishing was coined in 1996 by hackers stealing America Online accounts and passwords. By analogy with the sport of angling, these internet scammers were using email lures, setting out hooks to ‘fish’ for passwords and financial data from the ‘sea’ of internet users. They knew that, although most users wouldn’t take the bait, a few likely would.”

With a phishing attack, the perpetrator sends unlawful emails, asking for personal information or credentials (perhaps a pin number). Oftentimes, these emails are disguised and appear to be sent from a company or service that the recipient uses and may redirect the individual to a phony website in the hope that users will bite and provide the information they ask for, such as credit card numbers, account numbers, passwords, usernames, and other valuable information. This information can be used to access important accounts, resulting in identity theft and financial loss.

Phishing is a form of social engineering, which is the art of manipulating people in order to gain access to buildings, systems, or data through the cloud. While email is the most common medium for phishing attacks, text messages, direct messaging, social media, and video games are also used in order to get people to respond with their personal information. Phishing attacks have one characteristic in common: They are designed to trigger emotions such as curiosity, compassion, fear, and greed.

How can you spot a phishing attack?

Phishing emails are one of the most common online threats, and it is important to know the telltale signs and know what to do if you see them. Here are a few rules of thumb in helping to identify phishing attacks:

  • A legit organization will never send you an email asking for passwords, credit card information, credit numbers, or tax numbers, and also will not send the link you need to log in – if the company you are dealing with needs information about your account, the email should refer to you by name and instruct you to contact them by phone
  • Check email addresses carefully – cybercriminals often use an email address that resembles one of a reputable company, but has been modified to omit a few characters
  • A general greeting such as “Dear Customer” or “Sir” and missing contact information or a signature block are strong indicators of a phishing email
  • Be alert when you receive a suspicious, urgent, or threatening email from a company

The Cybersecurity & Infrastructure Security Agency (CISA) has provided a number of resources in support of Cybersecurity Awareness month, and has also shared these general cybersecurity tips:

  • Use multifactor authentication on all accounts and devices
  • Be password-savvy, get creative and avoid using use the same password for multiple accounts
  • Protect all devices with anti-virus software
  • Limit the information you post on social media
  • Before connecting to public wireless hotspots, confirm with staff that the network is legitimate

Examples of phishing attacks

While there are some definite telltale signs of phishing attacks, as identified above, they can also be incredibly well done. Cybercriminals have come a long way from the Nigerian prince days of yore. And since seeing is believing, we have included a few examples below.

This email, purporting to be from Netflix, is one that has been making the rounds. Recipients are encouraged to update their account by providing their credit card information.

phising

The Internal Revenue Service (IRS) will never send an email asking for your banking information, like in this fraudulent email example.

refund

Even Chick-fil-A isn’t safe from cybercriminals.

it services

Keeping yourself and your organization cybersafe

The theme for Cybersecurity Awareness Month is Do Your Part. #BeCybersmart. Sound advice. And one of the best ways to be cybersmart is by working with the right managed services provider (MSP) partner, one that is up to speed on the latest and greatest in the constantly evolving field of cybersecurity and cloud computing, and one that is committed to keeping you and your organization secure. VersaTrust is that right MSP partner. By taking the time to get to know your business and your organizational requirements, VersaTrust is able to customize IT solutions that are in line with your strategic goals and constraints, and all within your budget. Reach out today and #BeCybersmart.

Cybercrime and You: Why Cybersecurity Is Critical for Small Businesses

In 2019, more than $3.5 billion was lost to cybercrime. During this, the 18th annual Cybersecurity Awareness Month, we want to help you understand the threat of cyberattacks. More importantly, we want to help you see the cybersecurity steps that you can take to protect your business so that you do not become yet another victim of these digital criminals.

In 2019, more than $3.5 billion was lost to cybercrime. During this, the 18th annual Cybersecurity Awareness Month, we want to help you understand the threat of cyberattacks. More importantly, we want to help you see the cybersecurity steps that you can take to protect your business so that you do not become yet another victim of these digital criminals.

What is cybercrime?

Cybercrime occurs when criminals target people electronically. These digital crimes can take a variety of forms. For example, cybercrime would include fraud, theft, and malware. These different forms of crime can result in tremendous devastation for the victims as they find themselves attempting to recover their private data, as well as any funds that were lost.

Cybercrime can target individuals and businesses, stealing everything from Social Security numbers and business data to funds directly from the bank.

Why should I care about cybercrime?

It can be tempting to assume that only large companies need to concern themselves with cybercrime. However, these attackers will not limit themselves to only multimillion-dollar organizations. They know that often smaller businesses do not have the same level of protection in place and, thus, can be easier targets.

The dangers of cybercrime exist both offline and online. When attackers gain access to this type of confidential information and resources, they can empty bank accounts, steal private information, and cause tremendous disruption throughout daily life.

Fortunately for businesses of all sizes, basic self-defense practices can help to protect your information and keep your data out of the hands of bad actors. As many as 56% of IT leaders report that they believe their employees have picked up bad cybersecurity practices while working from home, leaving businesses at greater risk for attacks. Fortunately, there are steps you can take to protect your business.

Examples of cybercrime

Cybercrime can take several different forms, but all of them can cause tremendous problems for businesses. Knowing the different methods of cybercrime, however, can help you understand the various methods of attack and how businesses can take steps to protect themselves.

Malware attacks

Malware attacks victimize businesses by attacking computer systems and networks. These crimes can take a variety of forms, such as spyware or adware.

Ransomware attacks

With a ransomware attack, the criminals take control of important networks or databases for the business. They lock the rightful owners out and refuse to allow you access until you agree to pay a ransom for the data.

Bots

With a botnet attack, hackers get the computer user to inadvertently download some type of malware that allows them to control the computer. They then can remotely use this computer to further their destruction and commit more crimes. Criminals can end up controlling entire networks of computers and use them for nefarious purposes, such as theft.

Physical cyberattacks

With a physical cyberattack, a criminal uses cyber means to gain control over internet-based machines. For example, they might take control over security infrastructure and disable it for a building.

Social engineering

Social engineering attacks manipulate victims into revealing confidential information that they would not otherwise reveal. For example, an employee receives an “urgent” call from a person pretending to be someone significant at the organization, and demanding confidential information that they need “right away.” This scenario can result in employees mistakenly complying.

Phishing attacks

With a phishing attack, attackers will send deceptive emails or other forms of communication to employees of a company to secure confidential login information or similar data. For example, they might send highly researched emails to a mid-level employee, correctly using the hierarchy of the company and the responsibilities of the recipient in the organization. They then ask for information, such as the login to an account or billing information.

These types of attacks occur often, as 61% of data breaches use compromised credentials. This stresses the importance of businesses paying close attention to the threat of phishing and training employees on how to spot the threat.

How can I better protect myself online?

As a small business owner, you have several tools and processes that you can use to better protect yourself. We will walk you through a few important cybersecurity steps you can use right away.

Secure your networks

If you can connect it, you need to protect it. Wireless routers provide cybercriminals with an excellent means to access online devices. You need to make sure that all of your networks are secured.

Use the latest virus protection software

You also want to make sure that you maintain the latest virus protection software on your network and computers. This provides you with a proven defense against the latest attacks from cybercriminals. Virus protection software works to incorporate information about the latest types of attacks, so you have the best possible protection.

Stay up to date on your software

Developers do not only update their software to improve features and provide a better user experience, they also look for security gaps to close and improve the overall protection you have when using the software. While it can feel tempting to put off running regular security updates, you want to make sure you complete them as soon as possible to protect your business.

Double your login protection

You want to make sure that no unauthorized users can log into your accounts and access your private information, and multifactor authentication (MFA) will help. Creating a two-step login process will help ensure that no one has access to your accounts but you. Even if the criminals manage to secure one of your passwords, such as through phishing or hacking, they will still not reach the account itself. This gives you the chance to update your passwords and make sure that this attacker stays away from your data.

Using this double authentication process can provide powerful protection for users. More than 99.9%of the Microsoft enterprise accounts that have experienced a security breach did not use this important multifactor authentication.

How do I learn more about cybersecurity?

Cybersecurity continues to play a critical role in building a modern business. With criminals interested in attacking your business digitally to steal money and information, you need to make sure that your business has its self-defense systems established. Even after Cybersecurity Awareness Month has passed, you need to make sure your protective measures stay in place.

Fortunately, VersaTrust is here to provide you with the help and support you need to keep your business secure. Contact us today.