Every day we get questions from our clients about how to protect their data in a digital environment where cybersecurity is becoming increasingly more difficult to manage.
Below we put together a tech team Q&A with the most frequently asked technology questions that we receive. The responses below come from our very best technology advisers - Derek Wynegar (Client Account Manager) and Eric Hammond (Enterprise Account Manager). We hope it helps you practically navigate your technology!
What steps can I take to protect my business’s information from being compromised?
- Multi-Factor Authentication: Even with the hardest-to-crack passwords, they can still be stolen/hacked/obtained by the bad guys. With MFA, it adds another layer of security to ensure only authorized individuals are accessing your network, data and information.
- Firewall/UTM service: This provides an edge of network protection, built-in VPN services and is a common tool provided by MSP/IT providers.
- Security awareness training: This definitely helps your staff members be more cognizant of phishing emails, social engineering and other trouble lurking out in the wild trying to steal your data.
- Backups! Ensure your backups follow the CIA Triad – Confidentiality, Integrity and Availability. No one system is impervious to a compromise, and there is no silver bullet. However, the closest you can come is by having solid backups.
- Ensuring all applications are in support by the vendor: Using old, outdated apps can result in gaping holes hackers can exploit as the apps no longer receive security patches/updates.
What are the pros of an MSP vs. in-house IT?
Managed service providers can offer a more collaborative and holistic approach to IT. Here are a few of the benefits:
- Professionalism: The managed service provider is dedicated to a single purpose. They are not subject to internal changes or minor projects that creep up on the day-to-day. That is unless you want them to be.
- Scalability: Your managed service providers involvement can be scaled up or down at any time based on need or business.
- Innovation: A good MSP will innovate based on trends and state-of-the-art technology. They’ll do the research and development for your organization.
- Extensive Knowledge: A managed service provider specializes in security. At MIS, our team goes through constant training to ensure that we are up to date with the latest industry trends, so we can best protect our clients.
Should my business be worried about online privacy?
Yes, with the uptick in security compromises and data breaches, now more than ever, businesses should be focused on ramping up the security of their data and network. A new report from Fortinet Labs shows that the weekly average number of ransomware attacks detected in June of 2021 was more than 149,000. A year prior, it was only 14,000 – making an increase of 966%.
Your data is ultimately your business's greatest and most important asset. At MIS, we recommend at least quarterly training to ensure staff doesn’t put your company in jeopardy.
How do I know if an email is a phishing attack?
There are several ways to tell if an email is phishy:
- Who is the email from? Is this someone you know or someone you regularly communicate with? Are you expecting an email from this person? What about the domain – does it look suspicious? These are all red flags
- Examine the links carefully. When you hover over a link, check to see if the link-to address is for a different website. Look for links that are misspelled. For example www.micorsoft.com
- Attachments – did the sender include an attachment that you were not expecting or one that makes no sense? All attachments can contain malware, so it’s best not to open them unless you are certain the email and attachment are legitimate.
- Is there a sense of urgency to the email? Criminals try to trick you into acting quickly without pausing to think. “Your account will be deleted…”
- Bad grammar is not as common as it once was in phishing emails, but it’s still something to be aware of.
What are the most common cybersecurity mistakes to avoid?
- Falling for phishing emails or social engineering attempts. If it looks/smells/feels weird, trust your gut instinct and verify they are who they say they are.
- It sounds silly, but don’t leave your passwords or confidential documents sitting in plain view in your work area.
- When leaving your computer unattended, make sure to lock it.
- Never send money to the wrong people! All staff who have access to accounting functions, ie writing checks/sending money, should know they are the target. All companies, big and small, should implement sufficient administrative controls to verify changes related to payments.
- Lastly, one of the biggest mistakes is the lack of administrative controls and lack of security training. You can have the very best technology tools and solutions, but if your people don’t embrace their role as a “human firewall”, then they’re practically inviting criminals into your network. It’s like having the most advanced security features in your home but leaving the front door unlocked.
What is the Cloud? How does it work?
Cloud computing, in simplest terms, means having your data stored in an offsite location. There are public cloud platforms (like AWS and Azure) that have multi-tenant architecture. This means your data is co-mingled with other organizations’ data. Recent research has exposed possible vulnerabilities in multi-tenant platforms where malicious actors could access other customers’ information.
A private cloud platform, on the other hand, has a single-tenant structure. Meaning your data does not share server resources with other companies making it a more secure method of cloud computing.
What makes MIS Solutions IT unique?
We are a technology company, but we realize that it’s people who make the technology work. So, when we manage a client’s systems and networks, we’re not just managing their technology. We understand that their people need to understand the technology and how to use it most efficiently. We’re trying to cut out the noise and frustration of working with technology. We also offer education and guidance on areas of their business that impact security, productivity and profits (processes).
How can MIS Solutions help my business succeed?
Whether we fully manage your network or work with your internal IT team, our focus is to make technology work for you and your employees. Not having to worry about technology headaches frees you to focus on growing your business.
Ready to hand over the headache of technology? Our team would be happy to talk with you and establish the best plan to help grow your business! Reach out to us here.