Cyber security is a big deal – for everyone.
Cyber threats occur daily and should be taken very seriously.
Cyber attacks can happen to anyone – personally and in business.
This year, a new debilitating computer virus made news headlines. And as a result, you’ve most likely heard about it. It’s called “ransomware”.
Ransomware has become a very serious threat, and poses significant consequences to all businesses.
Ransomware is a type of malware that blocks access to your computer system until a sum of money is paid. Many businesses are currently being targeted by “crypto-ransomware”, which actually encrypts the files on your computers. The attackers will only provide a decryption key if you pay them.
The potential loss, however, is more than the cost of the ransom payment. The real damage comes from user downtime: when ransomware hits, your files may be locked and inaccessible for days, unless you have business continuity plans in place.
Even if you pay the ransom, you’re strongly advised to wipe infected computers. This suggests that you will likely suffer downtime no matter how you respond to the criminals’ demands.
Ransomware infections happen primarily through phishing emails. A user receives a seemingly innocent email and opens the attachment or clicks a link to download malware.
Let’s look at some basic best practices to stay safe online.
- Email – Although you’ve heard this before, don’t open email from unknown sources. And if you do for some reason, definitely DO NOT click on any links or attached files.
- Passwords – This is something else you’ve heard before, but it needs to be repeated. Keep your passwords strong, and use different passwords for different applications or sites. Consider using a phrase instead of a word. And use upper and lower case characters with different symbols. For voice mail, use a minimum of 6 to 8 digits to prevent a breach.
- Online phishing – This is where a seemingly reputable company requests information from you. Never provide personal or company sensitive info to an email request. Always be vigilant.
- Phishing over the phone – This is similar to online phishing, but it’s done over the phone. Never give (or be extremely careful about providing) personal or company sensitive info over the phone.
I realize this seems so obvious and basic. But unfortunately, cyber criminals are launching these and other types of cyber attacks every day. So it is important to be mindful of the danger and implement these best practices.
At IDeACOM, we rely on the professionals at Intermedia to help keep us safe. From their advanced email security and Office 365, to the highly regarded SecuriSync by Intermedia file share and backup solution.
Intermedia is one of the largest and most reliable cloud-based voice & data providers on the planet. And for that reason, Intermedia is our “go to” vendor-partner for all matters related to integrated cloud-based applications and cyber security.
Here’s what Intermedia has to say about protecting your business:
- Make sure you have file backups. If you don’t have file backup in place, I advise you to deploy a service immediately. I recommend SecuriSync by Intermedia as both a recovery solution and a business continuity solution, but any service can provide an alternative path to file restoration other than paying ransom.
- Educate your users about phishing. Good tips for helping your users recognize suspicious emails are contained in this Intermedia blog entry about phishing prevention.
- Educate your users about ransomware. Intermedia’s marketing team recently published a detailed report that provides a great overview of the ransomware threat. You can also watch this video playlist.
- Build a containment plan. Ransomware has been known to propagate from one user to another. This Intermedia blog entry interviews Intermedia’s own security team on how we would contain an outbreak.
- Deploy a business continuity solution. As a 2-in-1 file backup and sharing service, SecuriSync has a unique feature set that enables business continuity during a ransomware outbreak. Read more or watch this video.
One last suggestion I would make is to enable two-factor authentication whenever possible. Intermedia accomplishes this through AppID, which adds a second layer of security.
When you log onto the Intermedia password-protected site, you receive an alternate push notification, SMS text message, or voice call (based on your preference) to “allow” the application to load. This makes it virtually impossible for someone to gain access and log into your cloud-based applications without your knowledge.
We hope you found value in this post. If there is anything we can do to assist, please contact your IDeACOM representative for more information or details.