CyberSecurity Archives - Les Olson IT

Compliance with the FTC Safeguard Rules Deadline – 9 New CyberSecurity Standards

Barry Preusz — Wed, 28 Dec 2022 16:20:26 +0000

[cz_image id=”cz_89327″ image=”17457″][/cz_image]

Date: December 28, 2022
By Barry Preusz
Edited and reviewed by Michael Moorehead, Senior MIT Engineer Lead, PCSNA, CCNA, MCSA, CSIS, CSCP, CIOS, CSSS, CCAP, CLNP

The Federal Trade Commission (FTC) develops and deploys regulations and rules to thwart the onslaught of cybercrime and data security breaches. The FTC accomplishes its cybersecurity mission by imposing protective standards upon businesses that collect and store consumer data. This blog article will offer an overview of cyberfraud and the current rules governing businesses involved with collecting consumer data. The article will also present proposed solutions to protect consumer privacy and maintain the security of customer information.

What businesses do the cyber protection rules affect?

The scope of financial institutions subject to this law consists of businesses undertaking certain monetary activities rather than how others may categorize the company. These financial institutions must fall under the jurisdiction of the FTC. They cannot be subject to another regulatory authority falling under the Gramm-Leach-Bliley Act (GLBA), 15 U.S.C. Section 6805. The companies affected by these rules include businesses engaged in transactions and customer data collection.

List of Businesses Required to Implement FTC Safeguard Rules

Mortgage lending
Payday loans
Financing
Accounting
Check cashing
Wire transfers
Collections
Credit counseling
Financial advising
Tax preparation
Investment advising (not registered with the SEC)
Credit unions (not FDIC insured)
Companies that bring buyers and sellers together to complete a transaction
Financial institutions and other businesses that record, use, and maintain information or connect to a system containing customer information, including industrial/process controls systems, telephone switching and private branch exchange systems, and environmental controls systems¹
Retailers who extend layaway, deferral payment plans, or accept payment terms utilizing credit cards issued by other institutions do not fall under the provisions of these rules. However, businesses that provide credit purchases through their company’s financial services or promote their own credit cards for purchases are subject to these laws²

Whom does the law protect?

The design of the law is to protect consumer privacy and personal information. Consumers include anyone who has a customer relationship with a business entity.³

Why was this FTC network security rule enacted?

Most businesses collect customer information to process payments and complete transactions. This information is then stored and often used in subsequent purchases. These records contain nonpublic personal information about the customer. This data may take on two forms, a paper record or an electronic transcription. In either form, the records are vulnerable to discovery and digital exploitation attacks. The FTC rules seek to protect consumer privacy, personal information, and financial data from known threats.

Cybercrime losses exceeded $6.9 billion in 2021 according to the Investigation’s (FBI) Internet Crime Complaint Center (IC3).⁴ Since 2019, the combination of phishing, vishing, smishing, and pharming constituted the highest number of incidents among the tools employed by cybercriminals. During 2021, this combination of cyber threats accounted for 323,972 incidences⁵ and $44,213,023 in losses.⁶ Ransomware losses to infrastructure entities cost nearly $50,000,000 in 2021. Healthcare and public health sectors experienced high numbers of attacks. Even government is subject to these attacks, accounting for the fifth highest target.⁷ The T-Mobile confirmation of one of the largest breaches of cybersecurity occurred on August 17, 2021. The T-Mobile data breech reported the confirmed loss of the social security number, name, address, date of birth and driver’s license identification numbers--all the information needed for identity theft--for 40 million customers.⁸

Cyber threats are rampant. Many occur without detection for an extended time. Electronic thieves constantly work to develop new ways to steal data and derive profit from criminal activity. Most disturbing are cybercriminals posing as technical support or IT professionals, offering to resolve data breach issues in an effort to further exploit and commit additional fraud and theft. The IC3 received 23,903 complaints about Tech Support Fraud from victims in 70 countries. The losses amounted to more than $347 million in 2021.⁹ Below is a list of common forms of cybersecurity crimes and 2021 losses.

The Cost of Cybercrimes

Cyberfraud	Loss
Email Fraud	$2,395,953,296
Investment	$1,455,943,193
Confidence Fraud	$956,039,740
Personal Data Breach	$517,021,289
Real Estate	$350,328,166
Tech Support	$347,657,432
Non-Payment/Non-Delivery	$337,493,071
Identity Theft	$278,267,918
Credit Card	$172,998,385
Corporate Data Breach	$151,568,225
Government Impersonation	$142,643,253
Advance Fee	$98,694,137
Civil	$85,049,939
Spoofing	$82,169,806
Other	$75,837,524
Lottery/Sweepstakes/Inheritance	$71,289,089
Extortion	$60,577,741
Ransomware	*$49,207,908
Employment	$47,231,023
Phishing/Vishing/Smishing/Pharming	$44,213,707
Overpayment	$33,407,671
Computer Intrusion	$19,603,037
Intellectual Property/Copyright/Counterfeit	$16,365,011
Healthcare	$7,042,942
Malware/Scareware/Virus	$5,596,889
Terrorism/Threats of Violence	$4,390,720
Gambling	$1,940,237
Shipping	$631,466
Denial of Service/TDoS	$217,981
**Crimes Against Children	$198,950

*Regarding ransomware adjusted losses, this number does not include estimates of lost business, time, wages, files, or equipment, or any third-party remediation services acquired by a victim. In some cases, victims do not report any loss amount to the FBI, thereby creating an artificially low overall ransomware loss rate. Lastly, the number only represents what victims report to the FBI via the IC3 and does not account for victim reporting directly to FBI field offices/agents.¹⁰
**Crimes against children incur a significantly higher cost than any financial burden.

The Growth of E-commerce and Information Technology

Retail e-commerce sales rose to approximately 5.2 trillion U.S. dollars globally in 2021,¹¹ a 17.1% growth rate¹². Statista studies and projects year-over-year (YOY) growth of e-commerce. In the United States, e-commerce growth projections show an increase of 56% through 2026.¹³ This explosive growth utilizes information technology (IT) to help businesses expand their markets while reducing transaction costs.

Business is not the only entity benefiting from using IT. Governments also benefit by allowing consumers to pay taxes and utilities, register vehicles, and request building permits online. As the use of IT grows to serve increasing business needs, the risk of cyber security threats also grows. Malware, trojans, ransomware, DDoS attacks, spam, and viruses yielded by cyber criminals are rampant. Government laws and regulations seek to reduce consumer cyber risks by requiring businesses to “employ reasonable security measures.”¹⁴ Most often, these protective security measures experience delays and implement long after significant breaches occur. Indeed, the detection of security vulnerabilities occurs after criminal exploitation, not before.

What are the FTC Safeguard Rules?

The Safeguard Rules adopted many core concepts of the New York Department of Financial Services Cybersecurity Regulation. These new measures direct businesses to reduce the vulnerability of information to cybercriminals and impose breach notification procedures.¹⁵ Legal researchers Daniel Solove and Woodrow Hartzog assert that the FTC’s privacy laws are currently equivalent to common law rather than contract law. They further suggest that these laws should enforce privacy and stand as regulatory stipulations rather than merely policy.¹⁶ The new FTC Safeguard Rule along with other government rules on cybersecurity are not without objections; some indicate that the regulations employ an inflexible “one-size-fits-all” tactic toward data security. Therefore, additional rules enacted on January 10, 2022, provide financial institutions the flexibility to design an information security program appropriate to the size and complexity of the financial institution, the nature and scope of its activities, and the sensitivity of any customer information at issue.¹⁷

The rules require businesses, particularly financial institutions, that record consumer information to develop, implement, and maintain an information security program with administrative, technical, and physical safeguards. The security program must protect customer confidentiality and guard against unauthorized access to consumer information. The provisions provide nine standards for a rosbust information security program (ISP).

Nine Standards for CyberSecurity

Appoint a qualified individual to supervise the ISP.
Conduct a risk assessment.
Implement security safeguards to control the identified risks, including safe information storage, encryption, multi-factor authentication, information disposal after 2-years of non-use, and maintaining a log of authorized user activity. To meet these safeguards, some IT companies offer three separate Network and Data Security Plans.
Periodically monitor and test.
Train staff members on security awareness. Some IT Service Companies offer FREE Cybersecurity Training.
Monitor service providers.
Regularly update the ISP.
Develop a written incident response plan.
The ISP supervisor must provide at least annually a written report to the company board of directors. The annual report must include an overall assessment of the company’s compliance, risk assessment, risk management, control decisions, test results, security events, management response, recommendations, and service provider agreements.¹⁸

When will businesses be accountable for implementing the new cybersecurity rules?

The Federal Trade Commission establishes a deadline for businesses to comply with the FTC Safeguards Rules by June 9, 2023. Announced on November 15, 2022, this date is an extension of six months over a previous deadline. The extended deadline offers businesses more time to assess their data vulnerabilities and put the nine standards of information security in place.¹⁹

Future Cybersecurity Measures

Besides the government, many individuals and organizations are active in developing solutions to global cybersecurity issues. Proposals for future measures to protect consumers from privacy and data breaches include the following six proposals.

Develop cybersecurity partnerships that share information on prospective threats.²⁰
Develop a cybersecurity knowledge graph to construct a knowledge base for increased cybersecurity situation awareness and intrusion detection.^{21 & 22}
Develop a web-based blockchain-enabled cybersecurity awareness system^{23 & 24}
Employ an unsupervised deep learning technology like an Auto Encoder (AE) or a Restricted Boltzmann Machine (RBM). ²⁵
Engage governments under binding international treaties to enact and enforce cybersecurity laws, particularly China and Russia.²⁶
Stimulate regulations of cybersecurity within the European Union through the Cybersecurity Resilience Act.²⁷

Summary

Privacy and security threats are not going away. Businesses cannot rely on government legislation to curb the tide of data security breaches. Implementation of the nine standards for consumer privacy and information security included in the FTC Safeguard Rules will help protect against known network vulnerabilities. The above proposed security measures may also contribute to stemming data theft. The starting point for most businesses is to implement a Comprehensive Network Analysis. From this point, the development of a strong security plan follows to comply with federal rules and to protect consumers.

Footnotes

¹FTC Safeguards Rule: What Your Business Needs to Know. Federal Trade Commission, May 2022. Glossary, Financial institution. Accessed 14 Dec. 2022. https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know#Information_system.
²Code of Federal Regulations Title 16. Standards for Safeguarding Customer Information. National Archives. 16 CFR Part 314, Section 314.2(h) Amended 12/19/2022. Accessed 23 Dec. 2022. www.ecfr.gov/current/title-16/chapter-I/subchapter-C/part-314#314.2
³Code of Federal Regulations Title 16, Section 314.1(b). www.ecfr.gov/current/title-16/chapter-I/subchapter-C/part-314#314.2
⁴Abbate, Paul. Internet Crime Report 2021. Federal Bureau of Investigation. 2021, Page 18. Accessed 16 Dec. 2022. www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf.
⁵Abbate, Internet Crime Report 2021, 8.
⁶Abbate, Internet Crime Report 2021, 23.
⁷Abbate, Internet Crime Report 2021, 15.
⁸Sievert, Mike. The cyberattack against T Mobile and our customers: What happened, and what we are doing about it. (2021). Accessed 22 Dec. 2022. www.t-mobile.com/news/network/cyberattack-against-tmobile-and-our-customers
⁹Abbate, Internet Crime Report 2021, 17.
¹⁰Abbate, Internet Crime Report 2021, 23.
¹¹Chevalier, Stephanie. Global Retail E-commerce Sales 2014-2026. Statista, 21 Sept. 2022, Accessed 15 Dec. 2022. www.statista.com/statistics/379046/worldwide-retail-e-commerce-sales.
¹²Gaubys, Justas. Global Retail E-commerce Sales 2014-2026. Global Ecommerce Sales Growth (2021–2026) [Oct 2022 Update]. Accessed 15 Dec. 2022. www.oberlo.com/statistics/global-ecommerce-sales-growth.
¹³Chevalier, 1.
¹⁴Breaux, Travis D., and David L. Baumer. Legally ‘reasonable’ security requirements: A 10-year FTC retrospective. Computers & Security 30.4 (2011): 178-193. Accessed 14 Dec. 2022. www.sciencedirect.com/science/article/pii/S0167404810001124.
¹⁵Casey, Brian T., Augustinos, Theodore P., and Cox, Alexander R. New Federal Trade Commission’s Safeguards Rule Is a Game-Changer for Extended Warranty and GAP Waiver Industries. Accessed 14 Dec. 2022. heinonline.org/HOL/LandingPage?handle=hein.journals/blj139&div=85&id=&page=.
¹⁶Solove, Daniel J., and Woodrow Hartzog. The FTC and the new common law of privacy. Colum. L. Rev. 114 (2014): 583. Accessed 14 Dec. 2022. heinonline.org/HOL/LandingPage?handle=hein.journals/clr114&div=19&id=&page=.
¹⁷Federal Trade Commission. Standards for safeguarding customer information; final rule. 16 CFR Part 314. Federal Register, May (2002). Accessed 14 Dec. 2022. www.federalregister.gov/documents/2021/12/09/2021-25736/standards-for-safeguarding-customer-information.
¹⁸FTC Safeguards Rule: What Your Business Needs to Know. Federal Trade Commission. May, 2022. Glossary, Financial institution.
¹⁹FTC Extends Deadline by Six Months for Compliance With Some Changes to Financial Data Security Rule. Federal Trade Commission, 15 Nov. 2022, Accessed 23 Dec. 2022. www.ftc.gov/news-events/news/press-releases/2022/11/ftc-extends-deadline-six-months-compliance-some-changes-financial-data-security-rule.
²⁰Rodin, Deborah Norris. The cybersecurity partnership: A proposal for cyberthreat information sharing between contractors and the federal government. Public Contract Law Journal 44.3 (2015): 505-528. Accessed 16 Dec. 2022. www.jstor.org/stable/26419479.
²¹Yan, Jia; Yulu, Qi; Huaijun, Shang; Rong, Jiang; Aiping, Li. A practical approach to constructing a knowledge graph for cybersecurity. Engineering 4.1 (2018): 53-60. Accessed 16 Dec. 2022. www.sciencedirect.com/science/article/pii/S2095809918301097.
²²Wang, Xiaodi, and Jiayong Liu. A novel feature integration and entity boundary detection for named entity recognition in cybersecurity. Knowledge-Based Systems (2022): 110114. Accessed 16 Dec. 2022. www.sciencedirect.com/science/article/abs/pii/S0950705122012102
²³Razaque, A.; Al Ajlan, A.; Melaoune, N.; Alotaibi, M.; Alotaibi, B.; Dias, I.; Oad, A.; Hariri, S.; Zhao, C. Avoidance of Cybersecurity Threats with the Deployment of a Web-Based Blockchain-Enabled Cybersecurity Awareness System. Appl. Sci. 2021, 11, 7880. Accessed 16 Dec. 2022. www.mdpi.com/2076-3417/11/17/7880.
²⁴Lucio, Yeisón Isaac, Siler Amador Donado, and Katerine Márceles. Architecture of an intelligent cybersecurity Framework based on Blockchain technology for IIoT. SYSTEMS ENGINEERING 24.2-2022. Accessed 16 Dec. 2022. revistaingenieria.univalle.edu.co/index.php/ingenieria_y_competitividad/article/download/11761/14962/45117.
²⁵M. Z. Alom and T. M. Taha, Network intrusion detection for cyber security using unsupervised deep learning approaches, 2017 IEEE National Aerospace and Electronics Conference (NAECON), 2017, pp. 63-69, doi: 10.1109/NAECON.2017.8268746. Accessed 16 Dec. 2022. ieeexplore.ieee.org/abstract/document/8268746.
²⁶Alom, Md Zahangir, and Tarek M. Taha. Network intrusion detection for cyber security using unsupervised deep learning approaches. 2017 IEEE national aerospace and electronics conference (NAECON). IEEE, 2017. Accessed 16 Dec. 2022. www.cambridge.org/core/journals/leiden-journal-of-international-law/article/abs/from-cyber-norms-to-cyber-rules-reengaging-states-as-lawmakers/63A45029B685C11BBD9512AC0459FAE5.
²⁷Ludvigsen, Kaspar Rosager, and Shishir Nagaraja. The Opportunity to Regulate Cybersecurity in the EU (and the World): Recommendations for the Cybersecurity Resilience Act. arXiv preprint arXiv:2205.13196 (2022). Accessed 16 Dec. 2022. pureportal.strath.ac.uk/en/publications/the-opportunity-to-regulate-cybersecurity-in-the-eu-and-the-world.

The post Compliance with the FTC Safeguard Rules Deadline – 9 New CyberSecurity Standards appeared first on Les Olson IT.

Cybersecurity in the Home

Brittany Monson — Mon, 31 Oct 2022 20:19:17 +0000

[cz_image id=”cz_13705″ image=”17416″][/cz_image]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

[cz_title id=”cz_42365″]

3 Steps Households can take

The COVID-19 pandemic forced millions of Americans to embrace working from their own home; a concept they had limited or no experience with at the time. And while many employees have returned to the office, a recent University of Chicago study found that 72% of those workers surveyed would like to continue working from home for at least 2 days a week, and 32% said they would like to work from home permanently. In this new reality, having your household safe and secure from cyber threats needs to be a top priority.

In this increasingly wireless world, the steps households should take in terms of cybersecurity have changed. Most homes now run networks of devices linked to the internet, including computers, gaming systems, TVs, tablets, and smartphones that access wireless networks. Thus, having the right tools in place will instill confidence that your family members can use the internet safely and securely for personal and work-related endeavors.

Below are 3 steps households can take to better protect themselves against cyber-attacks:

[/cz_title]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

[cz_image id=”cz_106228″ image=”17399″][/cz_image]

[cz_title id=”cz_24917″]

Secure Your Wireless Router

Using a wireless router is an increasingly convenient way to allow multiple devices to connect to the internet from different areas of your home. However, unless your router is secure, you risk the possibility of individuals accessing information on your computer, and worse, using your network to commit cybercrimes. Needless to say, all wireless devices using this router are vulnerable if your router is not protected.

Some simple ways to secure this piece of hardware include changing the name of your router. The default ID is typically assigned by the manufacturer, so changing your router to a unique name that won’t be easily guessed by others is a simple way to keep your router protected. Another important step is changing the preset passphrase on your router. Leaving the default password in place makes it significantly easier for hackers to access your network. In fact, according to NCA’s 2021 Oh Behave! Report, only 43% of participants reported creating long and unique passwords for their online accounts “very often” or “always”. Additionally, almost a third (28%) stated that they didn’t do this at all. Embracing unique and strong passwords is a huge and simple step to securing your home from all types of cyber threats.[/cz_title]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

[cz_image id=”cz_48022″ image=”17400″][/cz_image]

[cz_title id=”cz_67663″]

Install Firewalls and Security Software On All Devices

Firewalls are essential because they help keep hackers from using your device which otherwise could result in your personal information being sent out without your permission. They guard and watch for attempts to access your system while blocking communications with sources you don’t permit. Installing a firewall on wireless routers is a necessity. Furthermore, make sure all devices that are connected to the wireless network have security software systems installed and updated. Many of these gadgets have automatic update features, so households should make sure they are on for all available technology. The most up-to-date security software, web browsers, and operating systems are the best defense against online threats such as viruses and malware.[/cz_title]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

[cz_image id=”cz_41219″ image=”17401″][/cz_image]

[cz_title id=”cz_54694″]

Back-Up All Household Data

While steps can be taken to avoid your network, devices and accounts being hacked or compromised, they can never be 100% effective. Households need to embrace backing up data, especially as it relates to important information. Users can protect their valuable work, photos, and other digital information by making electronic copies of important files and storing them safely. This can be done using cloud software in addition to manual storing devices like USBs. Regardless, storing data in an alternative location that is safe and secure provides another layer of protection.

Taking simple, proactive steps to keep family, friends, and yourself safe from cyber criminals inside your household should no longer be viewed as optional but rather a necessity. Between technological devices being introduced and updated at a rapid pace and employees continuing to embrace working from home in some capacity, everyone has an ethical responsibility to actively minimize the risks of breaches and attacks inside their home.

[/cz_title]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

[cz_image css_position=”relative;display: table;margin:0 auto” link_type=”custom” id=”cz_103096″ image=”16120″ link=”url:http%3A%2F%2Fstaysafeonline.org%2Fcybersecurity-awareness-month%2F|target:_blank”][/cz_image]

[cz_gap height_tablet=”8px” height_mobile=”7px”]

The post Cybersecurity in the Home appeared first on Les Olson IT.

4 Tips to Keep Your Business Safe and Secure

Brittany Monson — Fri, 28 Oct 2022 15:26:16 +0000

[cz_image id=”cz_28376″ image=”17397″][/cz_image]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_110338″]

4 Tips to Keep Your Business Safe and Secure

Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years. Expeditious shifts from in-person to online to hybrid workplaces forced companies to change, or at least reexamine, their cybersecurity practices and protocols, and far too often they weren’t prepared. In fact, according to Cyber Edge’s Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021.

Now, businesses that have suffered cyberattacks along with companies that’ve been fortunate enough to avoid being a victim of breaches and hacks are looking at ways they can bolster their defenses and safeguard their data. But which plans, practices, and services should these organizations invest in?

Below are 4 steps businesses of all shapes and sizes can take to better protect themselves against cyber-attacks:[/cz_title]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_image id=”cz_102562″ image=”17399″][/cz_image][cz_title id=”cz_74799″]

Identify “Crown Jewels” of Your Business

Understanding what information cybercriminals are after most is essential to combating cyber-attacks. Therefore, creating an inventory list of the valuable data and assets within your organization, including manufacturer, model, hardware, and software information, is of the utmost importance. In addition, take note of who has access to important data and information while also accounting for all storage locations. This practice will ensure that business leaders have a track record of accessibility so that they know where to look in case of a vulnerability or breach.[/cz_title]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_image id=”cz_105277″ image=”17400″][/cz_image]

[cz_title id=”cz_105770″]

Protect Assets by Updating and Authenticating

At the end of the day, protecting your data and devices from malicious actors is what cybersecurity is all about. To accomplish this, make sure your security software is current. Investing in the most up to date software’s, web browsers, and operating systems is one of the best defenses against a host of viruses, malware, and other online threats. Furthermore, make sure these devices have automatic updates turned on, so employees aren’t tasked with manually updating devices. Additionally, make sure all data is being backed up either in the cloud or via separate hard drive storage.

Another important way to keep your assets safe is by ensuring staff are using strong authentication to protect access to accounts and ensure only those with permission can access them. This includes strong, secure, and differentiated passwords. According to a 2021 PC Mag study, 70% of people admit they use the same password for more than one account. Using weak and similar passwords makes a hacker’s life a lot easier and can give them access to more materials than they could dream of. Finally, make sure employees are using multi-factor authentication. While this may result in a few extra sign-ins, MFA is essential to safeguarding data and can be the difference between a successful and unsuccessful breach.[/cz_title]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”][cz_image id=”cz_66083″ image=”17401″][/cz_image]

[cz_title id=”cz_59373″]

Monitor and Detect Suspicious Activity

Companies must always be on the lookout for possible breaches, vulnerabilities, and attacks, especially in a world where many often go undetected. This can be done by investing in cybersecurity products or services that help monitor your networks such as antivirus and antimalware software. Moreover, make sure your employees and personnel are following all established cybersecurity protocols before, during, and after a breach. Individuals who ignore or disregard important cybersecurity practices can compromise not only themselves, but the entire organization. Paying close attention to whether your company is fully embracing all your cybersecurity procedures and technology is incumbent upon business leaders.

.[/cz_title]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_image id=”cz_60998″ image=”17402″][/cz_image]

[cz_title id=”cz_63888″]

Have a Response Plan Ready

No matter how many safeguards you have in place, the unfortunate reality is that cyber incidents still occur. However, responding in a comprehensive manner will reduce risks to your business and send a positive signal to your customers and employees. Therefore, businesses should have a cyber incident response plan ready to go prior to a breach. In it, companies should embrace savvy practices such as disconnecting any affected computers from the network, notifying their IT staff or the proper third-party vendors, and utilizing any spares and backup devices while continuing to capture operational data.

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_image css_position=”relative;display: table;margin:0 auto” link_type=”custom” id=”cz_57025″ image=”16120″ link=”url:http%3A%2F%2Fstaysafeonline.org%2Fcybersecurity-awareness-month%2F|target:_blank”][/cz_image]

[cz_gap height=”55px” height_tablet=”10px” height_mobile=”10px”]

[cz_image id=”cz_63489″ image=”17219″][/cz_image]

[cz_gap height_tablet=”10px” height_mobile=”10px”][cz_title id=”cz_45205″]

Cyber Security Summit Videos are Up!

[/cz_title][cz_button title=”Watch Now!” btn_position=”cz_btn_center” text_effect=”cz_btn_txt_move_down” id=”cz_79326″ link=”url:https%3A%2F%2Flesolson.com%2Fsecuritysummit%2F|title:Security%20Summit” sk_button=”border-radius:5px;padding-left:30px;padding-right:30px;text-align:center;font-size:24px;line-height:20px;background-color:unset !important;background-image:linear-gradient(0deg,#5b0000,#ba0230);” sk_hover=”color:#ffffff;” sk_icon=”border-radius:4px;padding:10px 10px 10px 10px;margin-left:-8px;margin-right:12px;background-color:#ffffff;” alt_title=”Cybersecurity Info” alt_subtitle=”FREE FREE FREE”]

The post 4 Tips to Keep Your Business Safe and Secure appeared first on Les Olson IT.

The Anatomy of a Data Breach: What are They and What to do When You Spot One?

Brittany Monson — Mon, 17 Oct 2022 23:40:08 +0000

[cz_image id=”cz_47371″ image=”17357″][/cz_image]

[cz_title id=”cz_54269″]Arguably no phrase has dominated the tech world in the last 24 months more than the term “data breach.” From breaches that have impacted critical infrastructure like the Colonial Pipeline to hackers compromising healthcare records at UC San Diego Health, the last two years have been saturated by headlines of cybersecurity mishaps. Yet, despite the prevalence of the breach-centric news cycle, many everyday individuals may not know what exactly a data breach is, how they typically start, and why they occur.

According to IBM, the average time it takes to identify that a breach has occurred is 287 days, with the average time to contain a breach clocking in at 80 days. And with 81% of businesses experiencing a cyberattack during COVID, it is essential that individuals are familiar with the anatomy of a data breach so that they can keep their data, as well as their colleague’s and customers’ data, safe.

With that in mind, here is some helpful background on what data breaches are and why they are so problematic.[/cz_title]

[cz_title id=”cz_36093″]

What is a data breach?

While it may seem like a complex concept, once the jargon is removed, a data breach is straightforward to explain. According to Trend Micro, a data breach is “an incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner.” And while data breaches can be the result of a system or human error, a vast majority of data breaches are the result of cyber-attacks, where a cybercriminal gains unlawful access to sensitive system data. In fact, 92% of the data breaches in Q1 2022 were the result of cyberattacks.

What kind of data can be breached?

Unfortunately, cybercriminals look to get their hands on any information that they possibly can ranging from more obvious sensitive information such as social security numbers and credit card information to more obscure data like past purchase history.

What are some of the tactics used to execute data breaches?

Cybercrime is getting more sophisticated each day. However, cyberattack tactics do not have to be cutting-edge or advanced to be very effective. Here are a few examples of popular tactics used by cybercriminals:[/cz_title]

[cz_gap height=”100px”]

[cz_service_box type=”vertical” title=”Malware” icon=”fa fa-check” id=”cz_21794″ sk_overall=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;padding:30px 40px 40px 40px;border-width:3px 3px 3px 3px;margin-top:0px;” sk_title=”font-size:36px;color:#ba0230;font-weight:400;” sk_icon=”font-size:36px;color:#ba0230;” sk_icon_con=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;border-width:3px 3px 3px 3px;margin-top:5px;” cz_service_box=””]Another tried-and-true method for cybercriminals is malware. Malware is malicious software that secretly installs itself on devices – often by way of a user engaging with fake links and content – and quietly gains access to the data on an individual’s device or a business network.[/cz_service_box]

[cz_service_box type=”vertical” title=”Phishing” icon=”fa fa-check” id=”cz_56040″ sk_overall=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;padding:30px 40px 40px 40px;border-width:3px 3px 3px 3px;margin-top:0px;” sk_title=”font-size:36px;color:#ba0230;font-weight:400;” sk_icon=”font-size:36px;color:#ba0230;” sk_icon_con=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;border-width:3px 3px 3px 3px;margin-top:5px;” cz_service_box=””]Phishing is when a cybercriminal pretends to be a legitimate party in hopes of tricking an individual into giving them access to personal information. Phishing is one of the oldest tricks in the book for cybercriminals, but it is just as effective as ever. For example, 80% of security incidents and 90% data breaches stem from phishing attempts[/cz_service_box]

[cz_service_box type=”vertical” title=”Password Attack” icon=”fa fa-check” id=”cz_43298″ sk_overall=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;padding:30px 40px 40px 40px;border-width:3px 3px 3px 3px;margin-top:0px;” sk_title=”font-size:36px;color:#ba0230;font-weight:400;” sk_icon=”font-size:36px;color:#ba0230;” sk_icon_con=”border-bottom-style:solid;border-color:#cccccc;border-top-style:solid;border-right-style:solid;border-left-style:solid;border-width:3px 3px 3px 3px;margin-top:5px;” cz_service_box=””]Through password attacks, cybercriminals look to gain access to sensitive data and networks by way of “cracking” user passwords and using these credentials to get into networks and extract data from a given network.[/cz_service_box]

[cz_gap height=”100px”]

[cz_title id=”cz_81201″]

How to spot a possible breach?

The best way to stop a data breach is to stop it before it even starts. This includes taking steps from making sure passwords are long and complex to reporting suspicious emails. If you do suspect that you have been the victim of a breach, immediately contact your IT department or device provider to notify them and follow subsequent protocols to help them scan, detect, and remediate any issues that exist.[/cz_title]

The post The Anatomy of a Data Breach: What are They and What to do When You Spot One? appeared first on Les Olson IT.

Concerned About Cyber? 4 Easy Steps for Staying Secure in 2022

Brittany Monson — Fri, 30 Sep 2022 18:29:57 +0000

[cz_image id=”cz_74627″ image=”17331″][/cz_image]

[cz_gap height=”30px”][cz_title id=”cz_99764″]Cybersecurity has become one of the biggest hot topics both inside and outside of technology circles over the last two years. From securing learning devices due to a rise in digital learning during the COVID-19 pandemic to coping with the fallout of high-profile breaches of national infrastructure such as the Colonial Pipeline, there is a seemingly endless news cycle dedicated to cybersecurity mishaps and concerns.

And with this onslaught of negative news, it can be easy for everyday individuals to become overwhelmed and feel powerless in the face of the “insurmountable” threats posed by cybersecurity. But nothing could be further from the truth.

With all the jargon that is typically thrown around in relation to cybersecurity, there is a longstanding misperception that cybersecurity is beyond everyday people and that it should be left to professionals. Moreover, there is a prevailing sense among the public that breaches are simply a fact of life and that we should just learn to deal with them. But this just isn’t true. In fact, everyday people have a huge role to play in cybersecurity threat prevention, detection, and remediation. For example, according to IBM, 95% of breaches have human error as the main cause. Therefore, everyday day technology users are very much the first line of defense when it comes to thwarting cybercrime. Unfortunately, though, many individuals are not aware of some of the best practices for boosting cybersecurity and how easy they are to use.

With that, here are a few key best practices that everyday people can implement today to enhance their own cybersecurity and create a more secure world for everyone.[/cz_title]

[cz_gap height=”100px”]

[cz_gap height=”25px” height_tablet=”10px” height_mobile=”10px”][cz_image parallax_h=”true” parallax=”-6″ image=”17315″ id=”cz_57663″ sk_css=”padding-right:30px;margin:0 auto;position:relative;”][/cz_image]

[cz_gap height=”40px” id=”cz_13892″ height_tablet=”30px”][cz_title bline=”cz_line_after_title” smart_fs=”true” id=”cz_36977″ sk_lines=”background-color:#ba0230;width:60px;top:0px;”]Watch out

For Phishing

[/cz_title][cz_gap height=”30px” id=”cz_58641″]

Phishing – when a cybercriminal poses as a legitimate party in hopes of getting individuals to engage with malicious content or links – remains one of the most popular tactics among cybercriminals today. In fact, 80% of cybersecurity incidents stem from a phishing attempt. However, while phishing has gotten more sophisticated, keeping an eye out for typos, poor graphics and other suspicious characteristics can be a tell-tale sign that the content is potentially coming from a “phish.” In addition, if you think you have spotted a phishing attempt be sure to report the incident so that internal IT teams and service providers can remediate the situation and prevent others from possibly becoming victims.

[cz_gap height=”100px”]

[cz_gap height=”40px” id=”cz_13892″ height_tablet=”30px”][cz_title bline=”cz_line_after_title” smart_fs=”true” id=”cz_78857″ sk_lines=”background-color:#ba0230;width:60px;top:0px;”]Update your Passwords or Use

a Password Manager

[/cz_title][cz_gap height=”30px” id=”cz_58641″]

Having unique, long, and complex passwords is one of the best ways to immediately boost your cybersecurity. Yet, only 43% of the public say that they “always” or “very often” use strong passwords. Password cracking is one of the go-to tactics that cybercriminals turn to access sensitive information. And if you are a “password repeater,” once a cybercriminal has hacked one of your accounts, they can easily do the same across all your accounts.

One of the biggest reasons that individuals repeat passwords is that it can be tough to remember all the passwords you have. Fortunately, by using a password manager, individuals can securely store all their unique passwords in one place. Meaning, people only must remember one password. In addition, password managers are incredibly easy to use and can automatically plug-in stored passwords when you visit a site.

[cz_gap height=”25px” height_tablet=”10px” height_mobile=”10px”][cz_image parallax_h=”true” parallax=”6″ image=”17320″ id=”cz_62832″ sk_css=”padding-left:32px;margin:0 auto;position:relative;”][/cz_image]

[cz_gap height=”100px”]

[cz_gap height=”25px” height_tablet=”10px” height_mobile=”10px”][cz_image parallax_h=”true” parallax=”-6″ image=”17325″ id=”cz_47699″ sk_css=”padding-right:30px;margin:0 auto;position:relative;”][/cz_image]

[cz_gap height=”40px” id=”cz_13892″ height_tablet=”30px”][cz_title bline=”cz_line_after_title” smart_fs=”true” id=”cz_52772″ sk_lines=”background-color:#ba0230;width:60px;top:0px;”]Enable

Multi-Factor Authentication

[/cz_title][cz_gap height=”30px” id=”cz_58641″]

Enabling multi-factor authentication (MFA) – which prompts a user to input a second set of verifying information such as a secure code sent to a mobile device or to sign-in via an authenticator app – is a hugely effective measure that anyone can use to drastically reduce the chances of a cybersecurity breach. In fact, according to Microsoft, MFA is 99.9 percent effective in preventing breaches. Therefore, it is a must for any individual that is looking to secure their devices and accounts.

[cz_gap height=”40px” id=”cz_13892″ height_tablet=”30px”][cz_title bline=”cz_line_after_title” smart_fs=”true” id=”cz_62625″ sk_lines=”background-color:#ba0230;width:60px;top:0px;”]Activate

Automatic Updates

[/cz_title][cz_gap height=”30px” id=”cz_58641″]

Making sure devices are always up-to-date with the most recent versions is essential to preventing cybersecurity issues from cropping up. Cybersecurity is an ongoing effort, and updates are hugely important in helping to address vulnerabilities that have been uncovered as well as in providing ongoing maintenance. Therefore, instead of trying to remember to check for updates or closing out of update notifications, enable automatic update installations whenever possible.

[cz_gap height=”25px” height_tablet=”10px” height_mobile=”10px”][cz_image parallax_h=”true” parallax=”6″ image=”17320″ id=”cz_37090″ sk_css=”padding-left:25px;margin:0 auto;position:relative;”][/cz_image]

[cz_gap height=”100px”]

[cz_image id=”cz_19172″ image=”17219″][/cz_image]

[cz_gap height_tablet=”10px” height_mobile=”10px”][cz_title id=”cz_75729″ cz_title=””]

Learn even more about Cybersecurity

with industry professionals

[/cz_title][cz_gap height_tablet=”10px” height_mobile=”10px”][cz_button title=”Security Summit Overview” btn_position=”cz_btn_center” text_effect=”cz_btn_txt_move_down” id=”cz_77690″ link=”url:https%3A%2F%2Flesolson.com%2Fsecurity-summit%2F|title:Security%20Summit” sk_button=”font-size:24px;text-align:center;line-height:20px;background-color:transparent;background-image:linear-gradient(0deg,#5b0000,#ba0230);padding:20px 30px 35px;border-radius:5px;” sk_hover=”color:#ffffff;” sk_icon=”border-radius:4px;padding:10px 10px 10px 10px;margin-left:-8px;margin-right:12px;background-color:#ffffff;” alt_title=”Register” alt_subtitle=”FREE FREE FREE” cz_button=””]

[cz_gap height=”100px”]

The post Concerned About Cyber? 4 Easy Steps for Staying Secure in 2022 appeared first on Les Olson IT.

Les Olson IT Announces Commitment to Growing Global Cybersecurity Success by Becoming a Cybersecurity Awareness Month 2022 Champion

Brittany Monson — Wed, 28 Sep 2022 21:54:40 +0000

[cz_image id=”cz_106251″ image=”17297″][/cz_image][cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_65462″]Building on annual success Cybersecurity Awareness Month 2022 is set to highlight the growing importance of cybersecurity in our daily lives and look to empower everyday individuals and businesses to take cybersecurity steps by making cyber more accessible[/cz_title]

[cz_gap height=”40px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_34924″]Les Olson IT today announced that it has signed on as Champion for Cybersecurity Awareness Month 2022. Founded in 2004, Cybersecurity Awareness Month, held each October, is the world’s foremost initiative aimed at promoting cybersecurity awareness and best practices. The Cybersecurity Awareness Month Champions Program is a collaborative effort among businesses, government agencies, colleges and universities, associations, nonprofit organizations, and individuals committed to the Cybersecurity Awareness Month theme of ‘It’s easy to stay safe online.’

[/cz_title]

[cz_quote name=”John Huston” subname=”Corporate Managed IT Sales Manager at Les Olson IT” rating=”” quote_position=”absolute;top: calc(50% – 60px);right: calc(50% – 60px)” id=”cz_54277″ sk_name=”font-size:26px;color:#ba0230;font-weight:700;”]We are excited to bring free educational content to our community and share best practices for building a cybersecurity culture for your business.[/cz_quote]

[cz_title id=”cz_64844″]From mobile to connected home devices, technology is becoming more intertwined with our lives every day. And while the evolution of technology is moving at the speed of sound, cybercriminals are working just as hard to find ways to compromise technology and disrupt personal and business life. Cybersecurity Awareness Month aims to highlight some of the emerging challenges that exist in the world of cybersecurity today and provide straightforward actionable guidance that anyone can follow to create a safe and secure digital world for themselves and their loved ones.

This year, Cybersecurity Awareness Month’s main focal areas revolve around four key fundamental cybersecurity best practices:[/cz_title]

[cz_stylish_list id=”cz_27133″ items=”%5B%7B%22title%22%3A%22Recognizing%20and%20reporting%20phishing%20%22%2C%22subtitle%22%3A%22is%20still%20one%20of%20the%20primary%20threat%20actions%20used%20by%20cybercriminals%20today.%22%2C%22icon_type%22%3A%22icon%22%2C%22icon%22%3A%22fa%20czico-071-interface-1%22%2C%22icon_color%22%3A%22%23ba0230%22%7D%2C%7B%22title%22%3A%22Understanding%20the%20benefits%20of%20using%20a%20password%20manager%22%2C%22subtitle%22%3A%22and%20dispelling%20existing%20myths%20around%20password%20manager%20security%20and%20ease%20of%20use.%22%2C%22icon_type%22%3A%22icon%22%2C%22icon%22%3A%22fa%20czico-071-interface-1%22%2C%22icon_color%22%3A%22%23ba0230%22%7D%2C%7B%22title%22%3A%22Enabling%20multi-factor%20authentication%22%2C%22subtitle%22%3A%22on%20personal%20devices%20and%20business%20networks.%20%22%2C%22icon_type%22%3A%22icon%22%2C%22icon%22%3A%22fa%20czico-071-interface-1%22%2C%22icon_color%22%3A%22%23ba0230%22%7D%2C%7B%22title%22%3A%22Installing%20updates%20on%20a%20regular%20basis%22%2C%22subtitle%22%3A%22and%20turning%20on%20automated%20updates.%22%2C%22icon_type%22%3A%22icon%22%2C%22icon%22%3A%22fa%20czico-071-interface-1%22%2C%22icon_color%22%3A%22%23ba0230%22%7D%5D” sk_icons=”font-size:36px;” sk_overall=”padding-left:2em;”]

[cz_gap height=”30px” height_tablet=”10px” height_mobile=”10px”][cz_title id=”cz_20387″]Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact with the goal of providing everyone with the information they need to stay safer and more secure online. Les Olson IT is proud to support this far-reaching online safety awareness and education initiative which is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security.

For more information about Cybersecurity Awareness Month 2022 and how to participate in a wide variety of activities, visit staysafeonline.org/cybersecurity-awareness-month/. You can also follow and use the official hashtag #BeCyberSmart on social media throughout the month.[/cz_title]

[cz_gap height=”35px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_100357″ cz_title=””]

About Les Olson IT Security Summit Event

Save the Date for our Les Olson IT Cybersecurity Summit. October 12th in honor of Cybersecurity Awareness Month. We have a passion for security and want our families, communities, and businesses to be protected. The threat landscape is always changing and we’ve put together a strong lineup of experts in their fields to share with our local business leaders the vision of what they can do to lead with cybersecurity in mind. The event will be tailored to business executives no matter their skill level in IT, but IT leadership will benefit as well. Registration is open now for both virtual an in person attendance. I Hope to see you there. For more information, visit https://lesolson.redpeppersoftware.net/security-summit/[/cz_title]

[cz_gap height=”35px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_74109″]

About Cybersecurity Awareness Month

Cybersecurity Awareness Month is designed to engage and educate public- and private-sector partners through events and initiatives with the goal of raising awareness about cybersecurity to increase the resiliency of the nation in the event of a cyber incident. Since the Presidential proclamation establishing Cybersecurity Awareness Month in 2004, the initiative has been formally recognized by Congress, federal, state, and local governments, and leaders from industry and academia. This united effort is necessary to maintain a cyberspace that is safer and more resilient and remains a source of tremendous opportunity and growth for years to come. For more information, visit staysafeonline.org/cybersecurity-awareness-month/[/cz_title]

[cz_gap height=”35px” height_tablet=”10px” height_mobile=”10px”]

[cz_title id=”cz_95862″]About National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world. We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organizations from cybercrime. We create strong partnerships between governments and corporations to amplify our message and foster a greater “digital” good. National Cybersecurity Alliance’s core efforts include Cybersecurity Awareness Month (October); Data Privacy Week (Jan. 24-28th); and Cybersecure My Business, which offers webinars, web resources, and workshops to help businesses be resistant to and resilient from cyberattacks. For more information, please visit https://staysafeonline.org.[/cz_title]

The post Les Olson IT Announces Commitment to Growing Global Cybersecurity Success by Becoming a Cybersecurity Awareness Month 2022 Champion appeared first on Les Olson IT.

Security Operations Center

Brittany Monson — Tue, 02 Aug 2022 20:01:40 +0000

[cz_image id=”cz_93303″ image=”17039″][/cz_image]

[cz_gap]

[cz_title id=”cz_64849″ cz_title=””]All organizations must implement a very strong cybersecurity solution to protect their devices and data from cybercrimes, which have become increasingly common over the past decade.

A Security Operations Center is, as the name suggests, a crucial security solution for businesses. The Security Operations Center, or SOC, plays this role by preventing, monitoring, detecting, investigating, and responding to cyberthreats around the clock.

Here is what you can expect from a Security Operations Center:

Presence of experienced and expert team members who take care of all the security aspects of the organization
Protection of the organization’s assets including intellectual property, personnel data, business systems, and brand integrity.
Knowledge of how to protect the organization from all types of data bridges and cyber security threats.
Creation of a detailed and comprehensive strategy that can be used to defend against all types of cyber-attacks.

Now that you have some idea of the abilities of a Security Operations Center, it is time to understand the role that it performs. In this way, you will be able to better understand the significance of having a Security Operations Center assist with the protection of your organization’s assets against cyberattacks.

What Does a SOC Do?

An agency’s or organization’s centralized SOC effectively uses people, automation tools and software, and other technologies to constantly evaluate and detect the weak defense posture of the company while avoiding, recognizing, analyzing, and reacting to cybersecurity issues.

Note that different SOCs have different numbers of team members but all of them perform the same function. Let’s have a look at some of the major roles of the Security Operations Center.

● Prevention & Detection

The most preferred step in the cyber security strategy of the Security Operations Center is to prevent data breaches and cyber security attacks from happening. It is undoubtedly the most effective way to prevent the organization from experiencing any kind of cyber issue. However, in the case that a problem occurs, the team members will immediately detect the problem.

Remember that a SOC monitors the network constantly rather than reacting to risks as they arise. The SOC team is then able to identify unwanted activities and stop them before they have a chance to do any harm.

It is the core responsibility of the SOC members to keep an eye on all kinds of harmful activities that may be performed by cyber attackers. If they detect anything suspicious that can be harmful to the safety and security of the organization and its assets, they immediately try to gather as much information as they can. In this way, they can perform detailed investigations and find solutions.

● Investigation

Once suspicious activities have been detected, the SOC team will begin the investigation stage. During this stage, SOC analyzes the severity of the security problem, the extent to which it can affect the assets of the organization, its nature, and how it can affect the whole infrastructure.

By comprehending how attacks develop and how to react appropriately before they get out of control, the analyst may identify and assess many sorts of security issues. For a successful triage, the SOC analyst integrates knowledge of the network with the most recent global information security research, which includes insights on offender capabilities, strategies, and tendencies.

● Response

After the SOC team detects the issue and completes the investigation, they will move on to the response stage and devise a solution. A coordinated response is a practical step toward solving the problem. In this stage, the SOC performs various tasks to rectify the problem and bring the organization back to its previous safe condition. The SOC responds by addressing all the possible cybersecurity issues and performing actions that can solve them immediately.

By proceeding with endpoint isolation, malicious process termination, blocking execution, file deletion, and other measures, the SOC strives to enhance the security strength and retrieve any damaged or exposed information following an event. In the case of malware infections, this can entail restoring workable files to get around ransomware, erasing and resuming terminals, reorganizing infrastructure, or deleting and resetting access points.

Looking For the SOC For Your Organization? Choose Les Olson!

Les Olson IT operates a cutting-edge Network Operations Center (NOC), where its staff of IT experts supports the communications infrastructure. Their help desk has a group of qualified, highly skilled professionals who provide next-level customer service. With their Managed IT Services Help Desk and Remote Monitoring and Management, they can take care of all the details of your IT requirements, including the time-consuming and hectic repairing of network computers and other devices, giving your company a sense of security.

There’s a strong probability that when you seek out to resolve an issue, and are proactively trying to fix it.

Your organization’s smooth operation depends on the technology that you rely on. Your business is at risk when your infrastructure isn’t functioning properly. You can guarantee your infrastructure and assets are online and always running as effectively as possible with Managed IT Services from Les Olson Company. To reduce expensive downtime, their technical professionals are continually working in the background. They are your partner in using technologies to assist you in accomplishing your corporate objectives.

It’s time to let the security and functionality of your company’s network and devices be managed by Les Olson’s award-winning IT specialists. Their Managed IT Services offer a wide range of technological options, such as remote network assessment and tracking, user customer care assistance, and much more.

Reach Out To Les Olson SOC Experts Today[/cz_title]

[cz_image link_type=”custom” id=”cz_16225″ image=”7812″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||”][/cz_image]

[cz_title id=”cz_59995″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||”]

Get a FREE, Comprehensive Network Analysis

Let us provide a no-obligation health assessment of your computer network and business technology. We will analyze your network to identify vulnerabilities. Depending on what we uncover, we will also make suggestions on ways to augment security systems and get more out of your existing technology infrastructure.[/cz_title][cz_gap][cz_button title=”Request Your Free” btn_position=”cz_btn_block” text_effect=”cz_btn_txt_move_down” id=”cz_21447″ subtitle=”NETWORK ANALYSIS” link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||” sk_button=”font-size:18px;text-align:center;line-height:20px;background-color:#ba0230;padding-right:30px;padding-left:30px;border-radius:0px;” sk_hover=”color:#ffffff;background-color:#e8283b;” sk_subtitle=”font-size:17px;color:rgba(255,255,255,0.6);font-weight:400;” sk_icon=”border-radius:4px;padding:10px 10px 10px 10px;margin-left:-8px;margin-right:12px;background-color:#ffffff;”]

The post Security Operations Center appeared first on Les Olson IT.

How to Protect Yourself from CYBER ATTACKS

Brittany Monson — Mon, 28 Feb 2022 16:44:09 +0000

[cz_image id=”cz_52854″ image=”16576″][/cz_image]

[cz_gap height=”36px” height_tablet=”10px” height_mobile=”5px”][cz_title id=”cz_93457″]

An Unstable World

Unstable social and economic circumstances throughout the world are giving cyber criminals the ability to capitalize on fear, confusion, uncertainty and those who are unaware.

While there are many software and hardware solutions to help you combat these attacks, it’s important to remember that your online behavior is the most important defense against these threat actors.

It’s important to remember that our personal online behavior can affect our employer’s cyber security. Be cautious and watch out for anything that seems out of place or unusual.[/cz_title][cz_gap height=”36px” height_tablet=”10px” height_mobile=”5px”]

[cz_title id=”cz_50197″]

Your Defense

[/cz_title][cz_gap height=”15px” height_tablet=”5px” height_mobile=”3px”]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_59888″ image=”16582″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_55803″]

Don’t click suspicious links.

If you don’t know if a link is suspicious, don’t click on it. First ask the person who sent it to you, or who posted it online.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_97047″ image=”16589″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_110912″]

Don’t open unexpected email attachments.

If you think the attachment is fishy, it probably is.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_87578″ image=”16584″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_109284″]

Don’t install any software on your PC unless you’ve been directed by your employer or their IT staff.

If this is for a personal workstation, only install software from reputable companies.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_110979″ image=”16583″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_110884″]

Stay away from websites that seem untrustworthy.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_51479″ image=”16585″ css_width=”60%” sk_css=”padding:3px 20px 20px;”][/cz_image]

[cz_title id=”cz_29154″]

Avoid browser add-ons unless they are approved by your employer.

If this is for your personal device, research the add-on and make sure it’s reputable.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_40705″ image=”16587″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_106269″]

Don’t open text messages from unknown or unexpected senders.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_13197″ image=”16586″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_106585″]

Don’t approve Multi-factor Authentication requests if you didn’t initiate them.

This is important. Your email password may have been compromised. Change your email password and take steps to secure your account.

[/cz_title]

[cz_image css_position=”relative;float:right;margin:0 auto” id=”cz_35684″ image=”16588″ css_width=”60%” sk_css=”padding:1px 20px 20px;”][/cz_image]

[cz_title id=”cz_98971″]

Don’t share passwords.

[/cz_title]

Meet Our Partners

[cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_101257″ image=”16595″ sk_css=”padding-top:10px;padding-bottom:10px;”][/cz_image][cz_title id=”cz_43581″ sk_overall=”padding-right:20px;padding-bottom:15px;padding-left:20px;”]

Perch is a co-managed threat detection and response system that you can afford to deploy anywhere.

[/cz_title]

[cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_91521″ image=”16596″ sk_css=”padding-top:10px;padding-bottom:10px;”][/cz_image][cz_title id=”cz_31743″ sk_overall=”padding-right:20px;padding-bottom:15px;padding-left:20px;”]

Cybersecurity that prevents threats at faster speeds, greater scale, and higher accuracy than humanly possible.

[/cz_title]

[cz_gap height=”20px”]

[cz_image link_type=”custom” id=”cz_16362″ image=”7812″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||”][/cz_image]

[cz_title id=”cz_26333″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||” cz_title=””]

CONTACT US TODAY TO SEE HOW WE CAN HELP MEET YOUR CYBER SECURITY INITIATIVES

The post How to Protect Yourself from CYBER ATTACKS appeared first on Les Olson IT.

Multi-Factor Authentication

Brittany Monson — Wed, 26 Jan 2022 19:26:10 +0000

[cz_image id=”cz_79991″ image=”16338″][/cz_image][cz_gap height=”20px” height_tablet=”8px” height_mobile=”8px”]

[cz_image id=”cz_23358″ image=”16340″][/cz_image]

[cz_stylish_list id=”cz_93284″ items=”%5B%7B%22title%22%3A%22of%20account%20compromised%20attacks%20can%20be%20blocked%20by%20Multi-factor%20Authentication%22%2C%22icon_type%22%3A%22number%22%2C%22number%22%3A%2299%25%22%7D%2C%7B%22title%22%3A%22of%20Ransomware%20victims%20investigated%20did%20not%20use%20Multi-factor%20Authentication%22%2C%22icon_type%22%3A%22number%22%2C%22number%22%3A%2294%25%22%7D%5D” sk_icons=”font-size:40px;color:#ba0230;” cz_stylish_list=””]

[cz_title id=”cz_24508″ cz_title=””]

What is MFA

Multi-factor Authentication is a digital security method that utilizes additional sources of authentication, with the addition of a password, to verify that the user accessing an account is actually the user who is authorized to access it. MFA ( Multi-factor Authentication) becomes successfully enabled when at least two methods of identification are required in order to successfully verify a user’s identity prior to granting access to the account.[/cz_title]

[cz_gap height=”20px” height_tablet=”5px” height_mobile=”5px”][cz_stylish_list icon_type=”image” id=”cz_107476″ items=”%5B%7B%22title%22%3A%221.%20SOMETHING%20EASY%20TO%20REMEMBER%22%2C%22subtitle%22%3A%22A%20strong%20password%20should%20be%20easy%20to%20remember%2C%20so%20use%20a%20phrase%20you%20know%20and%20mix%20it%20up%20with%20symbols.%20%20For%20example%3A%20EyeLOv3ch0c0l%40te%20(I%20love%20chocolate).%22%2C%22icon_type%22%3A%22image%22%2C%22image%22%3A%2216343%22%7D%2C%7B%22title%22%3A%222.%20SOMETHING%20EASY%20TO%20USE%22%2C%22subtitle%22%3A%22A%20popular%20second%20source%20for%20MFA%20is%20your%20cell%20number.%20%20Getting%20a%20text%20to%20verify%20who%20you%20are%20is%20easy.%20%20People%20using%20MFA%20also%20like%20getting%20an%20email%20to%20verify%20who%20they%20are.%20%22%2C%22icon_type%22%3A%22image%22%2C%22image%22%3A%2216344%22%7D%2C%7B%22title%22%3A%223.%20SOMETHING%20THAT%20ONLY%20BELONGS%20TO%20YOU%22%2C%22subtitle%22%3A%22Biometric%20identification%2C%20through%20a%20fingerprint%20or%20retina%20scan%2C%20establishes%20who%20you%20are%20and%20is%20completely%20unique%20to%20you.%20%22%2C%22icon_type%22%3A%22image%22%2C%22image%22%3A%2216354%22%7D%5D” sk_lists=”font-size:21px;color:#323232;font-weight:500;” sk_subtitle=”font-size:14px;font-weight:300;”][cz_gap height=”20px” height_tablet=”8px” height_mobile=”8px”]

[cz_title id=”cz_104294″]

Best Practices for Multi-Factor Authentication

Online accounts are the norm, and their continued proliferation is inevitable. As you set up more online accounts you also create the possibility for a hack with each account. The simple step of adding MFA to your accounts and requiring it on all your business accounts will help protect your business, even if your employees are not as diligent as they should be at updating passwords regularly.

ID Credentials and passwords can be the weakest link in an organizations cybersecurity because they are frequently compromised and posted on the Dark Web. Adding MFA for your personal and business accounts is a good idea, and can be an important safeguard for your business, adding a strong layer of security to accounts employees manage for the business.[/cz_title]

[cz_gap height=”20px” height_tablet=”8px” height_mobile=”8px”][cz_title id=”cz_36577″]

What should be protected with MFA?

[/cz_title]

[cz_gap height=”85px”]

[cz_content_box type=”1″ id=”cz_103837″ sk_overall=”background-color:transparent;background-image:linear-gradient(315deg,#323232,#ba0230);padding-bottom:40px;margin-bottom:30px;border-width:1px 1px 3px;border-radius:100px 0 100px 0;” sk_hover=”border-radius:0 100px 0 100px;”][cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_50649″ image=”16362″ css_width=”100%” sk_css=”padding-top:20px;padding-bottom:3px;margin-top:10px;margin-left:10px;”][/cz_image][cz_gap height=”40px” id=”cz_74618″][cz_title id=”cz_43256″]

Remote Network Access

Today, more and more businesses allow authorized users (employees) to work from home and access their networks remotely. By implementing MFA for these remote users, businesses add a vigorous layer of protection that safeguards both the business and the employee.

[/cz_title][/cz_content_box]

[cz_content_box type=”1″ id=”cz_103837″ sk_overall=”background-color:transparent;background-image:linear-gradient(315deg,#323232,#ba0230);padding-bottom:40px;margin-bottom:30px;border-width:1px 1px 3px;border-radius:100px 0 100px 0;” sk_hover=”border-radius:0 100px 0 100px;”][cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_79941″ image=”16375″ css_width=”100%” sk_css=”padding-top:20px;padding-bottom:3px;margin-top:10px;margin-left:10px;”][/cz_image][cz_gap height=”40px” id=”cz_74618″][cz_title id=”cz_31808″ cz_title=””]

Privileged/Administrative
Access

Protecting your Privileged/Administrative Access with MFA will help prevent cyber criminals from accessing your network and launching ransomware attacks, stealing your important business data, or deploying malware.

Whether your employees access your accounts remotely, or while physically at your location, it’s a good idea to require MFA to protect against cyber attacks.

[/cz_title][/cz_content_box]

[cz_content_box type=”1″ id=”cz_103837″ sk_overall=”background-color:transparent;background-image:linear-gradient(315deg,#323232,#ba0230);padding-bottom:40px;margin-bottom:30px;border-width:1px 1px 3px;border-radius:100px 0 100px 0;” sk_hover=”border-radius:0 100px 0 100px;”][cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_96610″ image=”16379″ css_width=”100%” sk_css=”padding-top:20px;padding-bottom:3px;margin-top:10px;margin-left:10px;”][/cz_image][cz_gap height=”40px” id=”cz_74618″][cz_title id=”cz_26617″ cz_title=””]

Remote Access to Email

When accessing email through a website or cloud-based service on non-corporate devices, MFA can help reduce an intruder’s ability to gain access to a user’s corporate email account. Cybercriminals like to access emails to commit different cybercrime schemes against businesses, as well as the businesses’ customers.

[/cz_title][/cz_content_box]

[cz_gap height=”100px”]

[cz_title id=”cz_95909″ cz_title=””]

How does a business start to implement MFA?

Whichever method you choose to enable, MFA should be based on your organization’s needs and something simple for your team to use. The extra layer of security MFA provides is important, but each company is unique and it can seem a bit daunting to to set up. If you would like assistance or advice, please reach out to us.

Our IT experts are excited to work with you!

[/cz_title]

[cz_gap height=”100px”]

[cz_title bline=”cz_line_left_side” text_center=”true” id=”cz_15924″ sk_lines=”background-color:#323232;width:25px;height:25px;top:-5px;left:1px;” sk_lines_con=”height:4px;top:5px;”]

GET SAFEGUARD ENCRYPTIONQUOTE

[/cz_title][cz_gap height=”35px”]

[cz_gap][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_75498″ sk_overall=”background-repeat:no-repeat;background-position:left bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/10/artArtboard-1encryptionimplementationguide.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-right:50px;padding-bottom:35px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection” link=”url:%2Fwp-content%2Fuploads%2F2019%2F10%2Fsophos-encryption-implementation-wpna.pdf|||”][cz_title title_pos=”cz_title_pos_right” id=”cz_61180″ sk_overall=”background-color:rgba(255,255,255,0.9);” link=”url:%2Fwp-content%2Fuploads%2F2019%2F10%2Fsophos-encryption-implementation-wpna.pdf|||”]

DOWNLOAD THE

ENCRYPTION

IMPLEMENTATION

GUIDE

[/cz_title][cz_social_icons position=”tar” fx=”cz_social_fx_10″ id=”cz_96002″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-down%22%2C%22title%22%3A%22Download%22%2C%22link%22%3A%22%2Fwp-content%2Fuploads%2F2019%2F10%2Fsophos-encryption-implementation-wpna.pdf%22%7D%5D” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-bottom:0px;margin-top:0px;margin-bottom:0px;”][/cz_content_box][cz_gap][cz_button title=”800-365-8804″ btn_position=”cz_btn_block” btn_effect=”cz_btn_fill_right” sk_button=”font-size:20px;color:#ffffff;font-family:Assistant;letter-spacing:2px;background-color:#323232;border-style:solid;” id=”cz_20761″ sk_hover=”background-color:#ba0230;” icon=”fa fa-volume-control-phone” sk_icon=”font-size:20px;” link=”url:tel%3A%201-800-365-8804|||”][cz_gap][cz_button title=”VIEW LOCATIONS” btn_position=”cz_btn_block” btn_effect=”cz_btn_fill_right” sk_button=”font-size:18px;color:#ffffff;font-family:Assistant;letter-spacing:2px;background-color:#323232;border-style:solid;” id=”cz_104330″ sk_hover=”background-color:#ba0230;” icon=”fa czico-016-map-localization” sk_icon=”font-size:19px;” link=”url:%2Fcontact%2Flocations|||”][cz_gap][cz_social_icons fx=”cz_social_fx_10″ hide_on_t=”true” hide_on_m=”true” id=”cz_87306″ social=”%5B%7B%22icon%22%3A%22fa%20fa-facebook%22%2C%22title%22%3A%22Facebook%22%2C%22link%22%3A%22https%3A%2F%2Fwww.facebook.com%2FLesOlsonCompany%22%7D%2C%7B%22icon%22%3A%22fa%20fa-twitter%22%2C%22title%22%3A%22Twitter%22%2C%22link%22%3A%22https%3A%2F%2Ftwitter.com%2FLesOlsonCompany%22%7D%2C%7B%22icon%22%3A%22fa%20fa-instagram%22%2C%22title%22%3A%22Instagram%22%2C%22link%22%3A%22https%3A%2F%2Fwww.instagram.com%2Flesolsoncompany%2F%22%7D%2C%7B%22icon%22%3A%22fa%20fa-linkedin%22%2C%22title%22%3A%22LinkedIn%22%2C%22link%22%3A%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fles-olson-company%2F%22%7D%5D” sk_icons=”font-size:30px;color:#f70743;” sk_hover=”color:#323232;”]

[cz_gap height=”35px” height_tablet=”10px” height_mobile=”10px”]

The post Multi-Factor Authentication appeared first on Les Olson IT.

Prioritizing Cybersecurity in a Hybrid Workplace

Brittany Monson — Fri, 22 Oct 2021 14:56:16 +0000

[cz_image id=”cz_39726″ image=”16175″][/cz_image][cz_gap height=”28px”]

[cz_title id=”cz_95491″]

Week 4: Prioritizing Cybersecurity in a Hybrid Workplace

Currently, employees are more connected than ever. The hybrid workplace is here to stay, and for employees, this means relying on connected devices from their home office setups. According to recent data , smart home systems are set to rise to a market value of $157 billion by 2023, and the number of installed connected devices in the home is expected to rise by a staggering 70% by 2025. In this new normal where smart devices and consequently online safety are a must, here are some tips for securing those devices.

Remember Smart Devices Need Smart Security

Make cybersecurity a priority when purchasing a connected device. When setting up a new device, be sure to set up the privacy and security settings on web services and devices, bearing in mind, that you can limit who you are sharing information with. Once your device is set up, remember to keep tabs on how secure the information is that you store on it, and to actively manage location services so as not to unwittingly expose your location.

Put Cybersecurity First in Your Job

Make cybersecurity a priority when you are brought into a new role. Good online hygiene should be part of any organizations onboarding process, but if it is not, then take it upon yourself to exercise best practices to keep your company safe. Some precautions include performing regular software updates, and enabling multi-factor authentication.

Make Passwords and Passphrases Long and Strong

Whether or not the website you are on requires it, be sure to combine capital and lowercase letters with numbers and symbols to create the most secure password. Generic passwords are easy to hack. If you need help remembering and storing your passwords, don’t hesitate to turn to a password manager for assistance.

Never Use Public Computers to Log in to Any Accounts

While working from home, you may be tempted to change scenery and work from a coffee shop or another type of public space. While this is a great way to keep the day from becoming monotonous, caution must be exercised to protect yourself and your company from harm’s way. Make sure that security is top-of-mind always, and especially while working in a public setting, by keeping activities as generic and anonymous as possible.

Turn off Wi-Fi and Bluetooth When Idle

The uncomfortable truth is, when Wi-Fi and Bluetooth are on, they can connect and track your whereabouts. To stay as safe as possible, if you do not need them, switch them off. It’s a simple step that can help alleviate tracking concerns and incidents.

These are just a few simple steps towards achieving the best online safety possible. Staying safe online is an active process that requires constant overseeing at every stage – from purchasing and setting up a device, to making sure that your day-to-day activities are not putting anyone at risk. By following these steps, you are doing your part to keep yourself and your company safe from malicious online activity.

[/cz_title][cz_gap height=”41px”][cz_image css_position=”relative;display: table;margin:0 auto” id=”cz_78734″ image=”16120″ css_width=”50%”][/cz_image][cz_gap height=”41px”]

[cz_image link_type=”custom” id=”cz_16225″ image=”7812″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||”][/cz_image]

[cz_title id=”cz_59995″ link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||”]

Get a FREE, Comprehensive Network Analysis

The post Prioritizing Cybersecurity in a Hybrid Workplace appeared first on Les Olson IT.