3 essential security tools for every business

3 essential security tools for every business

Your data is one of your most valuable business assets. Keeping it safe should be one of your main priorities. So if you don’t have much security in place, there’s a minimum standard you should be implementing, right now.

There are dozens of security solutions available that all perform different tasks – from preventing criminals gaining access, to recognising attacks in progress, and then limiting the damage that can be done. There’s no one-size-fits-all as every business has different priorities and different types of data to protect.

Here are three essentials that every business should put in place as a basic level of protection.

  1. A firewall

A firewall monitors the internet traffic coming into and leaving your IT network. It acts as a wall between your network and the outside world. It’s your first line of defence against an intruder breaking in to your network.

  •  A password manager for everyone in the business.

A password manager stores all your credentials securely, and can also generate nearly impossible-to-guess passwords for all your accounts and applications.

That’s useful against brute force attacks, where cyber criminals essentially try to force their way into your system by guessing the password. It also stops you writing down your passwords somewhere ‘safe’!

  • A VPN (Virtual Private Network)

A VPN is important for any remote or hybrid workers in your business.

It means your employees can access your network from wherever they’re working, without worrying that their online activity is being watched by a criminal.

VPNs make your browsing completely private, hiding your device and location details, and anything you download. If you or your employees regularly use public Wi-Fi – especially to access your network – a VPN is essential.

These are our absolute minimum recommendations.

The strongest security uses additional tools like Multi-Factor Authentication to prove the identity of all users, and antivirus software to deal with any intrusions.

These work together to create a multi-layered security shield to defend against threats on many fronts.

But it’s important you create a security plan that’s right for your specific business. It’s a good idea to seek some professional help.

Not everyone’s as excited about IT security as we are! But we definitely have a passion for it.

If we can help you, get in touch.

Published with permission from Your Tech Updates.

Read more

Microsoft 365 makes Multi-Factor Authentication easier

Multi Facto Authnetication made Easier

Microsoft is planning to enable Multi-Factor Authentication (MFA) directly in its Outlook app for many 365 business users.

MFA is a vital tool to help protect your online accounts from cyber criminals. It works by generating a second, single-use passcode every time you log into an account. It’s usually sent to an authenticator app on your phone that you have to download and set up first.

Security codes can also be sent via SMS text message, by a phone call, or you might be given a special USB key to plug into your computer.

The process is often made quicker by using a biometric login like your fingerprint or face ID. It’s a minor chore, but the protection it offers far outweighs the couple of extra seconds it takes to access your account.

Microsoft isn’t so sure about those extra seconds, though. If the tech giant can save you that time, it’s going to do it. That’s why it’s looking to streamline MFA for Microsoft 365 business accounts.

It’s rolling out the improvement by building MFA directly into the Outlook app in a feature called Authenticator Lite. Until now, it’s relied on a separate authenticator app or sending login codes.

There’s no news yet for those of us who want faster authentication on our personal PCs. If Microsoft does announce plans to make this feature available to more hardware or operating systems, we’ll update you with any news.

If you don’t already use MFA for your apps and online accounts, we recommend that all businesses implement it as soon as possible. The additional security it offers protects against the vast majority of today’s cyber threats.

For more help and advice about implementing MFA or getting the best from Microsoft 365, just get in touch.

Published with permission from Your Tech Updates.

Read more

What is AI?

The whole world is suddenly talking about Artificial Intelligence.

From Alexa in your kitchen, to Siri on your phone, AI is already all around us, but new names like ChatGPT, Dall-E, Jasper and more feel like they’ve blown up the internet.

These new concepts take things WAY further, helping us to write articles, search the web with natural conversation, generate images, create code, and introduce new ways to make our daily lives even easier.

But emerging technology nearly always launches in a blizzard of geek-speak before it settles into everyday life. Early PC users might remember the ‘DOS prompt’. And when did you ever have to ‘defrag’ your phone?

Experts believe that these new AI tools will become the building blocks of a whole new world of tech, redefining the way we interact with computers and machines.

So let’s help you decode some of the terms you’ll hear this year.

Chatbot Starting with the basics, a chatbot is an app that mimics human-to-human contact. Just type or speak normally, and the chatbot will respond the same way. ChatGPT is a chatbot. If you haven’t tried it out yet, give it a go.

Deep learning This is the technique that’s used to imitate the human brain, by learning from data. Current search tools and systems use pre-programmed algorithms to respond to requests. AI tools are trained on concepts and conversations in the real-world, and learn as they go to provide human-like responses.

Machine intelligence The umbrella term for machine learning, deep learning, and conventional algorithms. “Will machine intelligence surpass human ingenuity?”

Natural Language Understanding (NLU) helps machines understand the meaning of what we say, even if we make grammatical errors or speak with different regional accents.

Weak AI is the most common form of AI in use right now. Weak AI is non-sentient and typically focuses on a single or small range of activities – for instance writing, or repurposing video content. Strong AI, on the other hand has the goal of producing systems that are as intelligent and skilled as the human mind. Just not yet.

This is just the tip of the iceberg, but trust us – you’re going to be hearing a lot more about AI in the months and years to come.

If you’d like more help to understand how AI might form part of your business, just get in touch.

Published with permission from Your Tech Updates.

Read more

Windows is the prime target for cyber criminals

Windows is the prime target for cyber criminals

Windows is the prome target for cyber criminals, the bigget reason why is its huge dominance in the workplace. The bad actors are trying to steal your information, disrupt your business, or hold your data to ransom.

Tens of millions of attempted malware attacks were discovered throughout this year, and a massive 95% of those threats were targeted at Windows.

Although most of these are unsuccessful, those that are succsessful can cause havoc for the affected businesses. The best way to minimise or prevent this is by taking all possible precautions to protect your business and your data.

  • Hardware and software companies release regular updates to address threats to Windows users, as well as security patches designed specifically to deal with new risks. These should all be installed as soon as they become available.
  • Your people should be regularly trained in how to spot cyber security threats and what to do if they suspect one.
  • And because it’s not possible to protect every business from 100% of all threats, it’s also important that you have a strong resilience plan in place.

Resilience Plan

This should detail exactly how your business should react if it falls victim to a cyber attack and who should be notified to take action. Everyone in the company should have access to this document and know to report any potential attack as quickly as possible – that’s the best way to lessen its impact.

If you have an IT service provider, they’ll be able to make the best recommendations to keep your business safe and secure, train your people, and even provide monitoring to spot any potential danger before it becomes a problem.

This is something we do every day. So if we can help your business become more resilient, just get in touch.

Read more

Are you sure you are downloading Zoom?

Are you downloading Zoom or Malware. When you think about tools for remote working and chatting online, one of the first names in your mind is Zoom.

But its popularity has opened the door for cyber criminals. They’re using its name to steal sensitive data.

Researchers have discovered at least six convincing-looking download sites. They’re not the real thing. They’re designed to tempt you into downloading FAKE Zoom software, containing ‘info stealers’ and other forms of malware (malicious software).

Outcomes!

Accidentally use one of these sites thinking that you’re downloading a Zoom update… and you risk having sensitive data stolen. Possibly your banking info, passwords or browser history.

Some can even steal your multi-factor authentication details. That could give cyber criminals access to your most sensitive data.

The research also found these ‘stealer logs’ for sale on the dark web, where criminals can buy this information and use it to gain access to business networks.

Once a cyber criminal has access to your network, every piece of data you have stored becomes a target. In extreme cases, this can leave you vulnerable to ransomware attacks, or data theft.

While these fake sites can be incredibly convincing, take these simple steps to avoid being fooled.

  • Before you download the Zoom application (or any application), double check the address of the website you’re on. Is it what you’re expecting? If you clicked an email to get to that site, are you 100% sure it’s from the real company?
  • Study the rest of the web page too, looking for anything that doesn’t ring true, such as spelling mistakes or a clunky layout.
  • Make sure your security software is up to date and is actively scanning for malware and suspicious downloads.
  • Have a plan to roll out this advice across your business.

If you need any help or advice to keep your business protected from malware and other security threats, get in touch.

Published with permission from Your Tech Updates.

Read more

Malicious browser extension are you using them?

There are hundreds of thousands of browser extensions designed to help us to save time, be more productive, and personalise our online experience.

And while the majority of them do what they’re supposed to, some are not designed to help you at all…

If you’re unfortunate enough to download a malicious browser extension without realising, it could harm your productivity and even flood your work with unwanted advertising.

This is known as adware. It’s a form of malware (malicious software) that’s designed to bombard you with unwanted adverts.

It can also change your search engine and send you to affiliate pages when you’re making purchases. These activities generate revenue for the extension’s creators.

In a recent report from a cyber security company, it revealed more than 4 million of its customers have been attacked by adware hiding in browser extensions over the last couple of years.

And often people didn’t realise they were under attack.

There’s a darker scenario where these malicious extensions are hiding actual malware which can infect your computer.

This can lead to sensitive data such as your logins or even payment details being stolen. And of course malware can spread across an entire network.

To keep your business and its data safe from the risk of malicious browser extensions, it’s important you only ever download them from reliable and trusted sources.

What to do

Read reviews and look at ratings. If a browser seems too good to be true it probably is.

As the business owner, you might also look into controlling which extensions can be installed by your team.

We can help with this, as well as looking at up-to-date software protection and (fun) security training for your team.

Published with permission from Your Tech Updates.

Read more

Are your Apps spying on you?

Are your apps spying on you. It’s no secret that some applications are a little too interested in us and what we’re doing.

We’ve all had this experience. You might be talking to a friend about a new product that you’d like to try. Or perhaps you’ve discussed somewhere you’d like to visit.

Then the next time you go online you see adverts for the exact things you were talking about.

It’s more than a coincidence, surely???

Until recently, we haven’t had a lot of control over what information our apps are gathering about us.

Android and iOS first stepped up to give us more power over our online privacy. We were given the ability to control which apps could access our data, and sensitive things like our camera and microphone.

But while it’s easy to think of this only being an issue with phones… laptops have the same problems.

So here’s some great news, to stop your apps spying on you.

Microsoft’s testing a new feature in Windows 11 to put the power back in our hands.

It’s currently testing a new feature – called Privacy Auditing – which allows you to see which applications have been accessing sensitive hardware, like your webcam and microphone.

You’ll also be able to see if your screenshots, messages, and even your contacts and location data have been accessed. And there’s a log of which apps accessed this info, and when.

When launched, the feature will be available in your Privacy & Security menu, under App Permissions.

There you’ll be able to see a full list of what’s been accessed, by which app, and when. It should become your first port of call if you suspect any suspicious activity is taking place on your device.

When the feature is released, it will be a great tool to check periodically to help you avoid malicious activity and to make sure your sensitive data remains in the right hands.

In the meantime, if you’d like someone to look over the data permissions on your business’s devices, get in touch.

Published with permission from Your Tech Updates.

Read more