Do you need an “incident response” plan?

by | IT Security Tips

An incident response plan is an organized approach to addressing the aftermath of a security breach or cyber-attack. Certain industries, like medical or financial institutions, absolutely should have one.

But even if you don’t have a lot of sensitive information, it’s best to have SOME idea of what you would do if a cyber-attack locked all your files or stole confidential information.

Things to consider when you’re planning:

  • Physical access to your building(s)
  • What to do with lost or stolen mobile devices
  • PCI (payment card industry) compliance requirements
  • Data-breach incident response
  • Threat monitoring

That’s where we are here to help! Give us a call and we’ll be glad to help you put together a cyber-response plan.

Would you like more tips like this delivered right to your inbox? Click Here

IT Security Tips

The on-screen keyboard: use it!

The on-screen keyboard: use it!

One of the most notorious spyware/malware targets is your keyboard – keylogger software has been around for ages. The longtime favorite of electronic crooks, keyloggers are made even easier for bad guys to distribute and for you to accidentally come in contact with by...

Privacy – it’s just smart business!

Privacy – it’s just smart business!

Privacy and security are important to your organization, but they’re even more important to those whom you serve. Nearly 75% of Americans feel it is “extremely” or “very” important that the companies they work with keep their information under lock and key and the...

Staying secure in a social media world

Staying secure in a social media world

The age of social media has let millions of people reconnect and stay up-to-date with family members, friends, ex-in-laws and acquaintances. It also continues to shape how we all communicate with each other. It’s important to keep a few things in mind before you check...

Did you know?

Did you know?

How important is computer and cyber security? Let’s take a look at some facts to put it in perspective. Did you know that, according to a 2014 National Small Business Association Report, 44% of US small businesses were the victim of a cyber-attack, with each attack...

Why do I need so many passwords???

Why do I need so many passwords???

Passwords and management of those passwords are a big pain – no two ways around it. One website requires a symbol, another requires 14 characters and your bank requires 10 characters, four PIN numbers and the answer to a secret question. It becomes easy to just use...

Two-factor what?

Two-factor what?

Two-factor authentication (2FA for short), sometimes called multi-factor authentication, is a system in which you must verify your identity in two separate ways to access an account – this may be a login password, an online account or an account to access an...

Set this up for your bank account to prevent fraud

Set this up for your bank account to prevent fraud

Did you know your COMPANY’S bank account doesn’t enjoy the same protections as a personal bank account when it comes to fraud? If a hacker takes money from your business account, the bank is NOT responsible for replacing your funds. (Don’t believe me? Go ask your bank...

Should your laptop be encrypted?

Should your laptop be encrypted?

It’s just another Tuesday on your way to work and you stopped by your favorite busy coffee shop to get your caffeine fix. You set your tablet down to add the cream and, when you turn back, your laptop is gone. It’s nowhere in sight, nor is the thief who stole it. If...

Should you allow guests to access your WiFi network?

Should you allow guests to access your WiFi network?

Do you have guest access on your company WiFi network? Or do you simply give out the same password that your employees use? If you give out your password, you’re practically opening the door for anyone to come in and steal private information, infect your private...

POP QUIZ: You’re hacked…what do you do?

POP QUIZ: You’re hacked…what do you do?

Think fast: what’s the first thing you do after realizing you just replied to the e-mail from the Nigerian prince wanting to give you a sum of $34 million? Okay, you most likely didn’t reply to that…but let’s suppose you suddenly realize your machine or device has...

Is this request really from the boss?

Is this request really from the boss?

Here’s a common scam: you get an e-mail from the boss (or your spouse, parents or other trusted person) asking you to send them a copy of employee pay stubs, tax information and files with confidential data such as social security numbers in them; or they’re asking...

Don’t just throw out that old computer

Don’t just throw out that old computer

Getting rid of old computers or servers? Did you know that the components used in technology equipment are not landfill-safe? On top of the environmental hazards, unprotected e-waste typically contains a lot of confidential and private information in the form of saved...

NEVER use the same password twice

NEVER use the same password twice

A complex password is a necessity, but hard to remember. And with so many websites requiring a password these days, users often reuse the same password again and again with different sites. BAD idea. When a big company gets hacked (like LinkedIn, for example), the...

Three sneaky ways to know your kids are up to no good online

Three sneaky ways to know your kids are up to no good online

Here are some little-known ways to see if your kid is doing things and visiting sites you don’t want them to: They’ve deleted their browsing history. What are they hiding? The ads showing up are questionable. Marketers use retargeting to get you to come back to their...

Your copier is spying on you…

Your copier is spying on you…

Modern business equipment has radically changed how we conduct everyday business. Do you realize that copiers and multifunction printers are also one of the leading causes of data breaches? They are the one device on the network that commonly does not ever have the...

Be VERY careful of what you put in any e-mail

Be VERY careful of what you put in any e-mail

Never forget that e-mail constitutes a legal record and can be admissible in legal actions, not only in the courtroom, but in the court of public opinion. People sue people for all kinds of silly reasons. Family members get into disputes, couples get divorced,...

What the heck is an AUP…and why do you want it?

What the heck is an AUP…and why do you want it?

With so many access points, from cell phones to laptop and home computers, how can anyone hope to keep their network safe from hackers, viruses and other unintentional security breaches? The answer is not “one thing” but a series of things you have to implement and...

The Top 10 list for keeping your mobile phone secure

The Top 10 list for keeping your mobile phone secure

This week, 10 easy tips to mobile phone security: Lock your device with a PIN or password, and never leave it unattended in public Uninstall apps you don’t use ONLY download apps from trusted sources Keep your phone’s operating system updated Install antivirus...

Lie, lie, lie!

Lie, lie, lie!

Social engineering is big business. What is it? Figuring out who you are and then using that information to make money off of it. People list password challenge and identity verification publicly on their Instagram, Twitter and Facebook pages and feeds without giving...

Are you backing up your WEBSITE?

Are you backing up your WEBSITE?

While most businesses understand the importance of backing up their server and files, many forget to back up their website! Most sites are hosted on a third-party platform like HostGater or WordPress. However, these hosts have limits on what they back up, and the...

Keep sensitive and important data off DEVICES and in the cloud

Keep sensitive and important data off DEVICES and in the cloud

If a laptop is stolen or lost, and the data is not backed up, you just lost it all. Worst of all, even if you had it locked with a strong password, it’s very likely to get cracked. Once the thief succeeds, any private data that is unencrypted is free for the taking....

How even a STRONG password can work against you

How even a STRONG password can work against you

There are two mistakes we see with usernames and passwords, even if they are GOOD strong ones. The first is using the SAME password across multiple sites. The second is using the same e-mail usernames and prefixes across multiple free e-mail services. For example:...

Why you might want to cover up your webcam with a sticker

Why you might want to cover up your webcam with a sticker

Here’s a disturbing, but very real, tactic for hackers: spying on you via your device’s camera. Some simply watch you for fun. Others attempt to catch incriminating photos and then blackmail you by threatening to release the photos or video (which they have) to all...

Don’t download ANYTHING you’re not authorized to download

Don’t download ANYTHING you’re not authorized to download

So you have a big file you need to get over to your printer YESTERDAY and you can’t get it to “send” via e-mail because the file is too big. What should you do? The right thing to do is contact your IT department (us!) so we can assist by installing a secure,...

Bank online? Do this ONE thing…

Bank online? Do this ONE thing…

If you do online banking, NEVER access your online account with a PC or device that you use to log in to social media sites or free e-mail accounts (like Hotmail) or to surf the web. Since these are all highly hackable, keeping one PC dedicated to online banking...

This can happen at work OR at your home

This can happen at work OR at your home

In a recent incident reported in US news, an office secretary unknowingly gave some of her law firm’s most private data to a gentleman who had bought a Comcast Cable polo shirt off eBay. He dressed in khakis with a tool belt, and told the secretary he was there to...

If you’ve ever said this, you’re ASKING to be hacked!

If you’ve ever said this, you’re ASKING to be hacked!

Want to know what every hacker hopes you believe? “We’re small…nobody wants to hack us.” This is the #1 reason why people (companies) get hacked. They dismiss the importance of IT security because they’re only a “small business.” This is a lazy, irresponsible excuse....

The #1 threat to your security is…

The #1 threat to your security is…

YOU! And your employees. Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online. In most cases, this is done without malicious intent – but...

Three essential rules for all cloud applications

Three essential rules for all cloud applications

If you’re using any kind of cloud application (and these days, who isn’t?), you are right to be concerned about data privacy and security. The company hosting your data is ultimately responsible for keeping hackers out of THEIR network, but most cloud breaches are due...

You’ve been HACKED! What’s the first thing you should do?

You’ve been HACKED! What’s the first thing you should do?

No matter how diligent you are about security, there’s always a chance you can get hacked. That’s why you need to put a plan in place NOW to protect yourself and your CLIENTS, so damage is minimized. But what should you do if you find out you’ve been hacked? First,...

A WARNING if you handle, process or store client credit cards

A WARNING if you handle, process or store client credit cards

If you handle, process or store credit cards in any manner, you are required to comply with PCI DSS, or Payment Card Industry Data Security Standards. This is a set of LEGAL requirements you must abide by to maintain a secure environment. If you violate them, you will...

Your firewall is USELESS unless…

Your firewall is USELESS unless…

A firewall is a device that acts like a security cop watching over your computer network to detect unauthorized access and activity – and EVERY business and individual needs one. However, your firewall is completely useless if it’s not set up or maintained properly....

Don’t just close your browser!

Don’t just close your browser!

When online accessing a banking site or any other application containing sensitive data, make sure you log out of the site and THEN close your browser. If you simply close your browser, some of the session information that a hacker can use to gain entry is still...

Make THIS password different from everything else

Make THIS password different from everything else

You know you’re guilty of it: using the same password for everything. Believe me, I understand how annoying it is to try and remember all those passwords; and if you’re using the same password for sites that don’t share sensitive information, like a login to a news...

Set up bank alerts – NOW!

Set up bank alerts – NOW!

Here’s a tip that just might save your bacon: Set up withdrawal alerts on your bank accounts. Many banks will send you an e-mail alert whenever money is withdrawn from your account via check, debit card or transfer. Setting up those alerts will allow you to spot and...

Don’t do THIS on your work laptop or PC

Don’t do THIS on your work laptop or PC

The ONLY thing you should use your company’s workstation or PC for is…WORK! Never mix personal web surfing and social media with company devices. If you want to check your Hotmail account or Facebook page, do it during your lunch break and on YOUR personal device....

DON’T use public WiFi until you read this

DON’T use public WiFi until you read this

We’re all guilty of it: connecting to free public WiFi. Whether it’s at the coffee shop, hotel or airport, the temptation to check e-mail and surf the web is just too strong to resist. So BEFORE you connect to any free, public WiFi, make sure the connection is...

The DANGERS of Dropbox and other file sync apps

The DANGERS of Dropbox and other file sync apps

If you’re using Dropbox, OneDrive, Google Drive or other consumer-grade file sync and sharing cloud applications, listen up! These applications pose a huge threat to your company because company data can be spread far and wide without central oversight of what...

What to do BEFORE you go to Starbucks

What to do BEFORE you go to Starbucks

So you’re in the car on the way home from Starbucks, basking in the glow of consuming your triple-shot, low-foam, extra-hot pumpkin-spice latte when you suddenly realize your laptop has gone missing. You drive back like the caffeinated lunatic you are, only to...

REMOVE these from your laptop, tablet or smartphone

REMOVE these from your laptop, tablet or smartphone

Like it or not, device manufacturers LOVE to stuff your brand-new PC, tablet or phone full of “free” applications (they get paid to do it, so you’ve got a slim chance of getting one without a side of spamware). But clutter is the enemy of a speedy PC, and outdated...

If you installed it, you must update it!

If you installed it, you must update it!

There are thousands of hackers who get up every morning with ONE goal in mind: to find a new vulnerability in a commonly installed software (like Adobe, Flash or QuickTime) to access your computer. That’s why these companies frequently issue patches and updates for...

Bookmark the LEGITIMATE websites you frequently visit

Bookmark the LEGITIMATE websites you frequently visit

Here’s a sneaky trick used by many hackers: they purchase and set up a fraudulent website that is a close misspelling of a legitimate one. Example: www.faceboook.com (extra “o”) or www.dropbox.net (instead of .com). All you have to do is accidentally fat-finger ONE...

What is the “Dark Web” anyway?

What is the “Dark Web” anyway?

The “Dark Web” or “Deep Web” is a part of the World Wide Web we know and love that is ONLY accessible via a special software that allows users and website operators to remain completely anonymous and untraceable. That’s why it’s the playground for hackers and...

How to spot a phishing e-mail

How to spot a phishing e-mail

A phishing e-mail is a bogus e-mail that is carefully designed to look like a legitimate request (or attached file) from a site you trust in an effort to get you to willingly give up your login information to a particular website or to click and download a virus....

How to avoid being a victim of ransomware

How to avoid being a victim of ransomware

Not too long ago, the WannaCry ransomware attack was all over the news, infecting over 400,000 computers. The threat was fairly straightforward: Pay us or we’ll erase your files. Ransomware, like the WannaCry attack, works by encrypting your files to prevent you from...

If this type of alert pops up, DON’T click on it!

If this type of alert pops up, DON’T click on it!

You’re working at your computer when all of the sudden – BAM! – you get a pop-up notification that your PC is infected with a virus and you must “click here” to run a scan or install antivirus software. This is a common scareware tactic used by hackers to get you to...

The #1 way a hacker will get you is…

The #1 way a hacker will get you is…

A weak password is still one of the most common ways hackers break in. Thanks to sophisticated brute-force-attack software readily available online, hackers can try tens of millions of possible password combinations per second. For example, hacking software can guess...

Working from home? DON’T DO THIS!

Working from home? DON’T DO THIS!

If you plan on catching up on some work from home AND you’re using a personal device such as a smartphone or personal laptop to log in to cloud applications – DON’T! Unless your personal device is covered under one of our managed services plans, you could accidentally...

The shocking truth about bank fraud

The shocking truth about bank fraud

Did you know your COMPANY’S bank account doesn’t enjoy the same protections as a personal bank account when it comes to fraud? If a hacker takes money from your business account, the bank is NOT responsible for replacing your funds. (Don’t believe me? Go ask your bank...