COVID-19 Update from Sharp Business Systems - Learn More

Sharp Business Systems
National Cybersecurity Awareness Month

As more employees work from home due to the pandemic, cybercriminals are taking advantage of lax security practices. Companies must increase security measures to protect both individual employees and the entire enterprise.

Sharp is sharing some IT tips to help educate you and your staff, so you can become more aware and potentially circumvent an impending attack.

Four reasons hackers target small and medium-sized businesses (SMBs)

Small and medium-sized businesses (SMBs) are uniquely susceptible to cybersecurity threats. This is because they often lack the resources of larger enterprises to invest in more sophisticated and comprehensive solutions. COVID-19 has only made it worse, leading to a spike in global cyberattacks since the start of the pandemic.

Here are four reasons hackers target SMBs:

  1. Complacency when it comes to security.

    Because of the size of their company, they think they are safe from cyberattacks, but it’s the opposite. Hackers are aware that larger companies are better protected than smaller business, making SMBs more attractive and easier to attack.
  2. Lack of IT resources and budget.

    Smaller businesses are more at risk than larger ones because they often lack the dedicated budget and expertise required to effectively thwart an attack.
  3. Lack of employee security awareness training.

    Most cyberattacks start with a malicious email. Would your users know how to scrutinize them before opening attachments or clicking any links? SMBs need to remain one step ahead of cybercriminals and invest in ongoing security awareness training as well as a cybersecurity roadmap.
  4. Hackers see quality over quantity when it comes to data.

    You might think that your organization’s data is not worth stealing, but all that matters is how critical that data is to your business operations. Hackers are aware that SMBs often lack multi-layered protection, making it easier to attain sensitive employee and customer records. All this appeals to hackers who then sell your data over on the Dark Web to make a profit.

How do you know if you’re properly protected?

A Network Risk Assessment can help improve your security posture by pinpointing vulnerabilities in your network infrastructure that can lead to costly data loss, interruption of business and other technical problems.

Schedule a Network Risk Assessment

Protect your business with a multi-layered safety net

You’ve probably heard that you need a “layered approach to IT security”—but what does that mean, exactly?

Many people install security cams and alarm systems in their homes to secure doors and windows. Your laptops and mobile devices can also be the windows and doors to your company data. So why wouldn’t you want to take a similar multi-layered approach to secure your network?

What is multi-layered protection?

Single-layered protection can only stop threats at one stage of an attack. Multi-layered protection prevents infections that come from email, browsing, files, URLs, ads, social media and connected devices as well as other blended threats. It also protects users and devices across all stages of an attack.

Phishing scams - hook, line and sinker

Hackers don't break in, they log in. Most breaches are the result of stolen passwords, not sophisticated hacking tools.

Phishing scams were the most common type of internet crime last year according to the FBI. A phishing scam is a type of social engineering. It’s when a hacker poses as a trustworthy party to trick people into handing over personal details or account information. Hackers begin by sending employees emails that look legitimate and might include links directing them to a scam website that asks for their username and password.

Recently large, well-known companies have been hit with ransomware. Most of these ransomware attacks come in the form of phishing/spam e-mail. It’s important to be educated on social engineering to prevent becoming a victim of a cyberattack.

Become aware and better prepared by downloading our Guide to Social Engineering Red Flags

Patching and password pointers

Patching

Patches are software and operating system updates that address security vulnerabilities. Updates are important because they repair and patch security holes, remove bugs and reduce the risk of passing a virus on to your friends, family and business associates.

Security measures to take when applying patches and updates:

  • Only apply automatic updates from trusted network locations (e.g., home, work) and avoid public access points (e.g., airport, hotel, coffee shop).
  • When installing updates on a work device, utilize a company Virtual Private Network (VPN) on a trusted, secure network.
  • Refrain from clicking the “remind me later” option because software updates are important for your digital safety and cybersecurity.

Password Security

Passwords are the front line of protection for user accounts. A poorly chosen password may result in the compromise of your entire company network. Follow the password tips below to help ensure your accounts are secure:

  • Passwords expire every 90 days and must be changed
  • New passwords cannot be the same as the previous four passwords
  • Passwords should be at least eight characters in length, contain both uppercase and lowercase characters, at least one number and special characters (!, @, #, $, %, ^, &, or *)
  • Whenever possible and if available, enable two-factor authentication to add an extra layer of security
  • Consider using passphrases, a longer more secure version of a password - A passphrase is composed of multiple words and is more secure against "dictionary attacks." A good passphrase is long and contains uppercase and lowercase letters, numbers and special characters. An example of a good passphrase is "Sharp.R0cks!my$oX!"

Research Study: The Evolving Cybersecurity Threat for SMBs and How MSPs Can Mitigate the Risk

Organizations of all sizes are transforming to better serve their customers in a digital economy, distributing applications to public clouds to increase agility. Unfortunately, this has also created more complex IT environments. Organizations, or more specifically SMBs, recognize the need to invest in better solutions to protect them from attacks. But who can they turn to for help?

Download White Paper Download Infographic

Schedule a Network Assessment

Contact us today to help set you on a path to a more secure IT environment.