Triada Networks https://triadanet.com Wed, 01 Apr 2020 16:20:04 +0000 en-US hourly 1 Novel CoronaVirus (COVID-19) Small Business Resource Guide https://triadanet.com/coronavirus/?utm_source=rss&utm_medium=rss&utm_campaign=coronavirus Tue, 31 Mar 2020 02:21:33 +0000 https://triadanet.com/?p=1636 Dear Business owner, Mostly as a means to help us organize the different bits of information coming from government and industry sources, we put together this guide to help navigate some of the resources available to small business owners. Some of the resources here are on our own site, but mostly they are on third […]

The post Novel CoronaVirus (COVID-19) Small Business Resource Guide appeared first on Triada Networks.

]]>
Dear Business owner,

Mostly as a means to help us organize the different bits of information coming from government and industry sources, we put together this guide to help navigate some of the resources available to small business owners. Some of the resources here are on our own site, but mostly they are on third parties. As we come cross updated information or additional material, we will keep this page up to date.

If there is anything you found out there that is interesting, fill out our Contact US form and let us know. Small businesses are the backbone of the US economy. We know we will get thorough this together.

As always, if there is any way we can help you, let us know.

Regards and safety,

Raffi Jamgotchian
201-297-7778

Government Assistance Programs

Business Operations

The post Novel CoronaVirus (COVID-19) Small Business Resource Guide appeared first on Triada Networks.

]]>
New York SHIELD Act and Small Business Cybersecurity https://triadanet.com/new-york-shield-act-and-small-business-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=new-york-shield-act-and-small-business-cybersecurity Mon, 30 Mar 2020 13:29:12 +0000 https://triadanet.com/?p=1630 Even though the City that doesn’t sleep seems a little sleepy, compliance and regulation still don’t.  One of the newest laws to hit the books for New York businesses was the SHIELD (Stop Hacks and Improve Electronic Data-Security) Act.  This law went into affect on March 21, 2020, while we were all trying to get […]

The post New York SHIELD Act and Small Business Cybersecurity appeared first on Triada Networks.

]]>
Even though the City that doesn’t sleep seems a little sleepy, compliance and regulation still don’t.  One of the newest laws to hit the books for New York businesses was the SHIELD (Stop Hacks and Improve Electronic Data-Security) Act.  This law went into affect on March 21, 2020, while we were all trying to get our employees a way to work from home.

The SHIELD Act requires anyone (business or person) licensing information that includes private information of a resident of New York to implement and maintain “reasonable safeguards” to protect that information.  What is included in private information could be the username or email address in combination with a password that would gain access to an account or any personal information including social security number, drivers license number, other government ID number, credit or debit card information, other financial account numbers, biometric data, etc.

However, if this information is protected through encryption and the encryption key used to protect the information was not lost or leaked in the process, this data does not apply.  If this data is also available from a government record, it also is except.

Any small business (less than fifty employees, under $3m in Gross annual revenue, or less than $5m in assets) is compliant if it maintains reasonable administrative, technical and physical safeguards that are appropriate to the complexity and size of the business, the nature of its activities, and the sensitivity of the information it collects.  Also, if the business is already in compliance with GLBA, NYC RR 500, or any other data privacy rules/regulations administered by the State of New York or the Federal Government.

Businesses covered by this law may be liable for penalties up to $5,000 per violation.

The act sets out to assign some guidelines about what these safeguards should include:

Administrative Safeguards

The Act stipulates that one or more employees should be assigned to coordinate the security program, identify reasonably foreseeable internal and external risks, assess how sufficient the safeguards in place are to control these identified risks, train and manage employees in the security program’s practices and procedures, select appropriate service providers capable of maintaining these safeguards, and adjust the program as needed to business change.

What it doesn’t specify is if an outside third party can act as this coordinator. It specifically says employee. In other regulations, its common to allow a third party to be the data privacy officer or similar position.

Technical Safeguards

The SHIELD Act requires the business to assess the risks in the design of its network and the software it uses; how information is processed, transmitted and stored; detect, prevent and respond to attacks and system failures, and regularly test and monitor the effectiveness of key controls, systems and procedures.

Physical Safeguards

Businesses must assess the risks of information storage and disposal, detect, prevent, and respond to intrusions, protect against unauthorized access or use of private information during or after the collection, transportation and destruction, or disposal of the information, and dispose of private information within a “reasonable amount of time” after it is no longer needed for business purposes by erasing electronic media so that the information cannot be reconstructed.

Is your cybersecurity program following a framework?

If your business is following a security framework such as the NIST Cybersecurity framework, CIS 20, or the meta-framework Secure Controls Framework, you are likely all set.  You can easily map the work you are already doing to this regulation and see that you mean all of the requirements.   These frameworks provide a blueprint of how a security program can be structured so that as new regulations come out (and they will) your business is ready while your competitors are scrambling to piece together policies to make a square peg go into a round whole.

More and more regulations are codifying the basic tenants that these frameworks stipulate.  The homage to the NIST Cybersecurity framework in the technical safeguards section of this Act, is a clear result of this. If you are looking for a way to jump start your security program, need help in deciding which framework to base your security on, give us a ring. We’d be happy to help guide your business to a more secure future.

The post New York SHIELD Act and Small Business Cybersecurity appeared first on Triada Networks.

]]>
Working from Home Strategies During COVID-19 https://triadanet.com/tips-for-your-team-to-work-from-home-during-covid-19-efficiently/?utm_source=rss&utm_medium=rss&utm_campaign=tips-for-your-team-to-work-from-home-during-covid-19-efficiently Tue, 24 Mar 2020 02:47:45 +0000 https://triadanet.com/?p=1589 During a time of uncertainties amidst the COVID-19, working remotely has become the answer to many businesses. Businesses have major decisions to make during this type of event which includes protecting their employees and their health but also keeping the business going. Many businesses have decided that it’s in their best interest to send their […]

The post Working from Home Strategies During COVID-19 appeared first on Triada Networks.

]]>
During a time of uncertainties amidst the COVID-19, working remotely has become the answer to many businesses. Businesses have major decisions to make during this type of event which includes protecting their employees and their health but also keeping the business going. Many businesses have decided that it’s in their best interest to send their employees to work remotely and this is actually recommended by the CDC as well. Working remotely can be beneficial during this time yet comes with a few steps so it works properly. Make sure you take all of these tips into consideration to allow for an easier transition to working from home during COVID-19 and so you can maintain business operations.

working from home

Photo by Dillon Shook on Unsplash

VPN

This is highly recommended for secure remote access while employees are working remotely. There are two types of VPNs. A traditional Virtual Private Network (VPN) creates a secure connection between your remote employee through the Internet back to your office, allowing them to securely access your internal applications and files. If you still have applications that are hosted from inside your office, this is needed. The second kind of VPN which just provides the employee anonymity will keep their connection private should they be on an insecure connection but doesn’t give them direct access to your office.  The latter would be necessary just to protect the privacy of the employee while they connect to cloud resources such as Office 365. This can be found in our blog, Things You Need to Know About Data Security When Traveling or Working Remotely. Both kinds of VPNs encrypt the data being sent through them, so hackers can’t access it. They also mask your IP address for additional security which is vital for working remotely.

Device Security

Make sure that your employees have the right security on their personal devices or the ones you provide them. This includes anti-virus software, changing wi-fi passwords before using it for work purposes, and setting up multi-factor authentication.

Access & Equipment

It’s important during this time of shifting to working remotely that all employees have all the needed access to data for their jobs. Make sure you have login information, files, access granted, etc. for when they move to remote work. Also, they need a set up at home to work properly. Such as a laptop or desktop, internet service, telephone, etc. for them to fully be able to complete their needed tasks. In order for the employees to keep doing their jobs efficiently at home, you’ll have to be sure they have the access and equipment prepared and set up.

Training

Make sure your team is aware of popular scams such as phishing emails. During this time there will also be an increase in impersonation phishing emails. Hackers will take advantage of people working from home and try to trick them into scams. Cybercriminals will create email accounts that look almost identical to the actual company and send emails out to employees or to impersonate the CEO or other management of the company. What they do is they trick accounting or human resources to transfer funds or send out confidential information. Be on the alert for emails starting something like this:

“Hey this is Mr. CEO. I don’t have access to my work email right now, can you do …..”

To read more about this type of email fraud click here for a recent blog we have on email security for your business.

To learn more about CEO Fraud click here for a blog on the timeline of CEO Fraud and how to not fall victim to this type of fraud.

Communication

Once you have the equipment, VPN, security, and access are taken care of then you need to decide on how you will communicate with the team. We highly suggest a real-time chat system like Microsoft Teams. There are also other options like Zoom or other video conferencing platforms.

Working Remotely

Photo by Manny Pantoja on Unsplash

Working from home is different for many people across the board and some can have a hard time with it at first but as long as you have these steps in place and continue managing and communicating it can work out great. Make sure you provide direction and schedule during this time as well as expectations. It requires everyone to participate and be responsible regardless if they are commuting to the office or not. These working from home strategies during the COVID-19 can also be used for other things that could arise whether it’s weather-related or sickness too.

Does your business need assistance with IT support or cybersecurity during this time? We offer solutions that can help you with security and protection during these times as well as support on any computer issues for your team. If you are interested in signing up for a free consultation, give us a call at 201-297-7778 or go online here and schedule today!

Triada Networks

Don’t forget to follow us on:

The post Working from Home Strategies During COVID-19 appeared first on Triada Networks.

]]>
The Best Password Management for Your Business https://triadanet.com/the-best-password-management-for-your-business/?utm_source=rss&utm_medium=rss&utm_campaign=the-best-password-management-for-your-business Mon, 16 Mar 2020 03:48:34 +0000 https://triadanet.com/?p=1575 The Best Password Management for Your Business Let’s talk passwords and how critical they are for your information whether that’s personal or business-related. Passwords serve to protect user accounts; however, a poorly constructed password may result in the compromise of individual systems, data, or network. Did you know what causes 81% of breaches? Passwords that […]

The post The Best Password Management for Your Business appeared first on Triada Networks.

]]>

The Best Password Management for Your Business

Let’s talk passwords and how critical they are for your information whether that’s personal or business-related. Passwords serve to protect user accounts; however, a poorly constructed password may result in the compromise of individual systems, data, or network.

Did you know what causes 81% of breaches? Passwords that are weak, stolen, or reused! Businesses need to make sure that they are using strong passwords and have zero gaps in their password management. Data breaches from poor password management can cost companies more than just the immediate cost of a fix to seal the leak. These type breaches can compromise your data or your clients’ data from all types of sources.

Avoid the risks of possible breach by taking precautions now! We are going to help you to get the most of your password security and to prevent harmful cyber-attacks for you and your business. Here are the best tips for password management for your business!

Create a unique password for each separate account to eliminate risks

Password Mangement

Google just surveyed some participants 16 and older and look at these shocking results! 51% admitted that they use one particular “favorite” password for the majority of their accounts. This can be super risky so make sure each password is different for any account you have to sign in to. It’s easier for hackers to hack your information if the passwords are the same for multiple accounts.

A great way to keep up with all of your passwords when creating a different one for each account is by using password managers. A password manager assists in generating and receiving complex passwords as well as storing passwords in an encrypted database. Some popular password managers are Lastpass, Dashlane, and MyKi.

Make sure each password is hard to guess

Wonder why account setups always have a certain requirement? That’s for a reason! They know what makes up a strong password and are trying to help you. Here are the best requirements for a strong password:

  • minimum of 12 characters at least we recommend over 20
  • Combination of letters, numbers, and special characters
  • Using both upper and lower-case letters
  • Incorporating uncommon words or phrases

Use two-factor/multiple authentications

In the same Google survey mentioned above, a third of respondents (31%) said they either don’t know whether they are using two-factor authentication (2FA) or intentionally choose not to use it.

There’s a need for it though and this can truly be a password’s best friend as you are more likely to keep the hackers out! Two-Factor/Multifactor authentication uses knowledge or possession factors to ensure the person trying to log in is authorized. A person has to successfully authenticate two or more pieces of evidence to show it’s them. Some of these include:

  • A physical object in your possession, like a bank card or smartphone
  • A secret known to the user, like a password or challenge question
  • A physical characteristic, like a fingerprint or eye iris
  • A location-based confirmation, like a connection to a specific network

Some of the most used and common ones to use for this is:

  • Google Authenticator
  • LastPass Authenticator
  • Microsoft Authenticator
  • Authy
  • Yubico Authenticator
  • Titan Security Key

See our blog post for more info on Login Best Practices: Why You Should Be Using Strong Password Management & Multifactor Authentication.

We hope these tips will help you and your business set up stronger passwords and manage your passwords properly to prevent breaches. Don’t be a part of that 81%!

Don’t Leave Yourself Open to a Data Breach

Why wonder when your company may get hit with a data breach? Instead, get a free Security Scorecard from Triada Networks. We’ll evaluate your current IT security, tell you where you stand and give you smart recommendations.

Take a moment today to schedule your free consultation or call 201-297-7778.

Resources:
Palfy, Sandor. “How Much Do Passwords Cost Your Business.” Infosecurity Magazine, 14 June 2018, www.infosecurity-magazine.com/opinions/how-much-passwords-cost/.
Zurkus, Kacy.  “Google Survey Finds Two in Three Users Reuse Passwords.” Infosecurity Magazine, 5 Feb. 2019, www.infosecurity-magazine.com/news/google-survey-finds-two-users/.

Don’t forget to follow us on:

The post The Best Password Management for Your Business appeared first on Triada Networks.

]]>
The Importance of Backups in Your Business Today https://triadanet.com/the-importance-of-backups-in-your-business-today/?utm_source=rss&utm_medium=rss&utm_campaign=the-importance-of-backups-in-your-business-today Mon, 02 Mar 2020 06:36:17 +0000 https://triadanet.com/?p=1490 As we continue our installment about services your business needs in regard to cybersecurity, we must cover Backups. Backups are used to create and store copies of data in other places to prevent data loss.  It’s essential for any business to back up their data as it’s one of these basic requirements in order to […]

The post The Importance of Backups in Your Business Today appeared first on Triada Networks.

]]>
As we continue our installment about services your business needs in regard to cybersecurity, we must cover Backups. Backups are used to create and store copies of data in other places to prevent data loss.  It’s essential for any business to back up their data as it’s one of these basic requirements in order to save important data that is needed and that keeps the business secure. Let’s talk about the importance of backups in your business today!

Backups and Recovery

Data Backup

Data should be in at least three places: where you access it, a local backup, and a cloud backup.  These should be as disconnected as possible from each other so that infections in one can’t spread to the other. For example, if your office gets ransomware, it should be easily jumping to your backups. if your backups are connected, then the ransomware can and will spread to it, making it unusable. Next, you should have at least one offsite version at a secure location. The local backup is for speed of recovery, the remote backup is in case your local office cannot be accessed.

Recovery

Backups are not really about backups; they are actually about recovery. You must test them for it to be sufficient. If you don’t test them, they are useless. Restores must be tested, both at the individual file level and a whole system level. Employees must be included during tests so that issues can be resolved during the tests. Better during a test, then a real event.  Practice also takes the stress out of the situation during a real incident.

My Takeaways

This was drilled into me when I worked for a mid-tier investment firm. After 9/11 we didn’t know what the next day would bring us, so we had to make sure our systems could be accessible from other locations in case communication systems continued to be down. Similarly, we had blackouts a few years later.  Our past business continuity tests gave us the confidence that not only were we able to bring up our systems offsite, but the team was able to do it while I happen to be on vacation at the time.

How Triada Can Help 

I brought those lessons to me as we work with small businesses. The technology available today to allow us to bring full systems online during an event was not achievable unless you had massive budgets. Now those capabilities are available to small businesses. So, when Hurricane Fred, Irene, and Sandy rolled through in successive years, we were prepared. Sandy was the one that knocked people out, but we had the tools to allowed clients to keep running.

We can help your business have the proper steps in place for backups and recovery too! To learn more about how we can help, schedule a free consultation here. We’d be happy to discuss the steps we take to ensure your data is protected and backed up properly.

Email Security

Don’t forget to follow us on:

The post The Importance of Backups in Your Business Today appeared first on Triada Networks.

]]>
Everything You Need to Know About 5G https://triadanet.com/everything-you-need-to-know-about-5g-as-it-approaches/?utm_source=rss&utm_medium=rss&utm_campaign=everything-you-need-to-know-about-5g-as-it-approaches Thu, 13 Feb 2020 12:15:11 +0000 https://triadanet.com/?p=1473 Everything You Need to Know About 5G The future of our network is here! 5G has arrived and is released now but not widespread. Although it’s exciting to hear of such ultra-fast feeds and massive capacity, 5G also comes with its increased exposure of attacks too. 5G comes with its own set of security risks […]

The post Everything You Need to Know About 5G appeared first on Triada Networks.

]]>
Everything You Need to Know About 5G

The future of our network is here! 5G has arrived and is released now but not widespread. Although it’s exciting to hear of such ultra-fast feeds and massive capacity, 5G also comes with its increased exposure of attacks too. 5G comes with its own set of security risks and it will entail many new vulnerabilities that we have to work through. We want to share with you the top security risks associated with 5G in your business. These will be important for you to look out for as 5G becomes more widespread.

Although the new 5G technology promises lower latency, greater stability, the ability to connect more devices at once, and move even more data in the process, it still comes with a cost too.

5G Security Risk with Your Business

  • It’s a bigger network so it will handle more than any network has had to in the past and with that, it can be harder to manage and monitor. Which would give an opportunity for some to find weaknesses in 5G and exploit them?
  • IoT “Internet of Things” will still be around with 5G and a lot of them are still vulnerable to hackers and with 5G they will just be able to move faster in compromising a device.
  • Another problem could be authentication overload. It will be responsible for authenticating billions of devices in such a small area. Just think of everything a household operates using Wi-Fi, not just cell phones and tablets.
  • 5G is still software so that means it still has the possibility of being vulnerable to malware. Mobile carriers won’t be able to manage 5G alone so that will mean contracting it out and having more people involved which could bring a security risk either purposely or accidentally.
  • Businesses will need to start screening everything before it is put on the network from devices to IoT, and third-party apps. And possibly investing in machine learning and monitoring to help gather information needed to identify and respond to threats that 5G speed will have.

5G is coming and as a business, you may see the impact of it within the year or next few years. It’s best now to start preparing for the exciting new features but also the security risks that are involved too.  With anything that is new, it will be important to stay informed and up to date on all the new information that comes out about 5G. One way you can do so and be prepared for what your business needs are by allowing Triada to partner with you for your cybersecurity needs. We’d be happy to set up some time to discuss further with you here.

References:

Goldberg, Lee. “Security Risks of 5G, and How to Fix Them”. Infosecurity Magazine. 7 February 2020. https://www.infosecurity-magazine.com/news/security-risks-5g-how-fix/

The post Everything You Need to Know About 5G appeared first on Triada Networks.

]]>
Importance Of Endpoint Protection In Your Business https://triadanet.com/importance-of-endpoint-protection-in-your-business/?utm_source=rss&utm_medium=rss&utm_campaign=importance-of-endpoint-protection-in-your-business Sun, 09 Feb 2020 18:29:52 +0000 https://triadanet.com/?p=1409   Our first installment was about email security but now it’s time to move on to endpoint protection. If we look at the technology that we interact with, the point that interaction takes place is the endpoint. The Endpoint can be your laptop, desktop or mobile device, running an application on the device or through […]

The post Importance Of Endpoint Protection In Your Business appeared first on Triada Networks.

]]>
 

Our first installment was about email security but now it’s time to move on to endpoint protection. If we look at the technology that we interact with, the point that interaction takes place is the endpoint. The Endpoint can be your laptop, desktop or mobile device, running an application on the device or through a website. As a result of this, the endpoint is a high-risk point. It’s where we download files, connect USB drives, and enter our private information.   Frequently these devices are used outside of the office’s four walls beyond the protection of your network defenses.  With cloud computing, Endpoint Protection is more important than ever.

Isn’t Antivirus all you need for endpoint protection?

The most commonly known system to use for endpoint protection is Antivirus software.  Typical Antivirus software is installed on your endpoint and tries to match the programs you are running and the files that you are downloading against an ever-growing database of known bad files.  If there is a match, the Antivirus program will stop the program from running and delete or quarantine it.  The problem is that this matching mechanism is very difficult to maintain because viruses and other malware are changing all the time, sometimes even hiding within the software that is considered “good.”

In the past, nations built standing armies that went to war with each other. The larger the army meant you had the greatest likelihood of success.  However, modern warfare has led to newer methods of both defense and offense.  Similarly, so are our cyber defenses. Traditional antivirus programs are no longer enough to defend us and a new breed of threats, requiring us to rethink how we defend our endpoints. These are sometimes called Next-Generation Antivirus (NGAV).

How does next-gen antivirus differ from traditional antivirus software?

NGAV was developed to bridge the gap left over from the traditional antivirus systems. Each vendor has their own flavor of what they do. NGAV would use machine learning and/or artificial intelligence to help prevent against new threats that have yet to be seen or threats that have changed enough to bypass traditional signature matching used by traditional AV.

In addition, these platforms will typically add detection and response capabilities to their solution collectively called Endpoint Detection, Protection and Response (EDPR).  This provides the defender a greater set of tools to determine what is malicious and act upon them including quarantining the device from the network to prevent spread and shutting down processes that are being hijacked.

Managed Detection & Response

Because EDPR is difficult and sometimes labor-intensive even with all of the Artificial Intelligence levers that it provides, Managed Detection & Response (MDR) adds the human analysis element. Managed Security Service Providers (MSSPs) will use these platforms for threat hunt and incident analysis to weed out the bad actors and applications hiding in our systems.

Application Whitelisting- Only Run What’s Good

While NGAV focuses on finding bad programs, application whitelisting (AWL) is the practice of only allowing what is a known good application from running.  In our constantly evolving application world, this is a very difficult task to keep up to date. Like the situation with traditional A/V the database of known good programs is too massive to maintain and be accurate. However, with newer cloud-based solutions, AWL has now a new breath of life, becoming something that doesn’t have to be too expensive to maintain.

Malicious actors, however, would use known-good programs to carry out their bad intentions, such as macros in word documents or scripts.  These are applications we need to carry out our business functions so we can’t just prevent them from running. However, we can limit what functions they are allowed to perform thus minimize their risk. For example, the Excel spreadsheet that you just received has no business connecting to a website in Russia.  By putting rules around what applications can and cannot do, we reduce our attack surface.

The Importance of End-Point Protection

Our endpoints are always under attack, whether its when we are browsing the web, running an app on our phone, connecting to a public WiFi, plugging in a USB drive, or opening an email attachment. These devices are what we as humans are interfacing with and they tend to contain huge computing power and extremely sensitive information.

Without a comprehensive solution to protect our endpoints, we are running through a field of broken glass without shoes. Don’t get caught running like that, reach out to us here at Triada so we can help you get the protection you need for your business. You can give us a call at 201-297-7778 or schedule a free consultation here.

Want to keep up with on social? Check out our following platforms:

Resources:

“What Is Endpoint Protection? Data Protection 101.” Digital Guardian, 10 Sept. 2018, digitalguardian.com/blog/what-endpoint-protection-data-protection-101.

Frankenfield, Jake. “How Artificial Intelligence Works.” Investopedia, Investopedia, 22 Jan. 2020, www.investopedia.com/terms/a/artificial-intelligence-ai.asp.

 

The post Importance Of Endpoint Protection In Your Business appeared first on Triada Networks.

]]>
Email Security For Your Business https://triadanet.com/email-security-for-your-business/?utm_source=rss&utm_medium=rss&utm_campaign=email-security-for-your-business Sun, 09 Feb 2020 18:28:43 +0000 https://triadanet.com/?p=1407 Did you know that email is one of the top ways that criminals use to exploit businesses? You can’t take this topic lightly in your business. When it comes to email-borne threats there are ways to reduce the likelihood and prevent most issues rather than spending time (and money!) cleaning up after an attack. Here […]

The post Email Security For Your Business appeared first on Triada Networks.

]]>

Did you know that email is one of the top ways that criminals use to exploit businesses? You can’t take this topic lightly in your business. When it comes to email-borne threats there are ways to reduce the likelihood and prevent most issues rather than spending time (and money!) cleaning up after an attack.

Here are the top threats coming into your inbox that you need to be aware of:

Email Viruses

*Macro virus: this is a virus that is written in macro language that is used by other software programs. Most often seen in Microsoft Word and Excel macros. This virus is spread through phishing emails containing attachments with malicious content which will them compromise the macros.

*Spambot programs: this is a virus that has been designed by cybercriminals for harvesting email addresses in order to build email lists for sending spam. This a way that the cybercriminals can collect email addresses and then use them to send email viruses.

*Email spam: a term that you may have heard before and it’s just that. These are unwanted emails that can spread malware via links or attachments that lead to malicious websites where the cybercriminal can steal your information.

*Virus hoax email messages: another term that is common. This is when emails contain a false warning about a threat that does not exist to trick the individual into clicking on the email or responding to which contains a virus. A lot of times the cybercriminals threaten the person to take some type of action which can also include forwarding the warning to others which can be a widespread virus.

Phishing

Still the #1 cause of data breaches! This type of email threat is a way that cybercriminals trick victims into logging in or sharing sensitive information. Then once they have the information, they use it, or they sell it for others to use it for a monetary gain. Phishing emails can be tricky to decipher as the cybercriminals make them look almost identical to a real company’s email. For more information on phishing emails, we have a section of our services you can view here.

Business Email Compromise

This type of email attack is one that has become popular these days which is where cybercriminals are attacking employees directly. What happens is cybercriminals will create email accounts that look almost identical to the actual company and send emails to impersonate the CEO or other executives to trick accounting or human resources to transfer funds or send out confidential information. We have a blog dedicated to just this type of email scam, “Newest Fraud Attacking CEOs: All You Need to Know About CEO Fraud“.

Cyber BEC (business email compromise) scams are not going anywhere either unfortunately either. A statistic that was alarming that I found stated that between October 2013 and May 2019, more than $12 billion in domestic and international losses were attributed by the FBI to business email compromise scams (Symantec 2019).

Personal Emails

Like using social media, leveraging an executive’s personal email account is commonly used as a way to gather information or to use as a more convincing business email compromise threat.

Solutions

As you can see there are many types of email threats that can affect your business so you may be wondering what are the solutions? In order to properly inform you of all the email risks and security practices, I have to include some solutions to prevent these types of cyberattacks.

Top 3 Email Solutions are:

Spam Filtering

This is one of the main ways of applying a filtering system to your emails. There are many sets of protocols that are put in place to determine which of the incoming emails are spam and which are not. Some of the filters include content filters, header filters, rules-based filters, and permission filters.

Spam filtering is very helpful and can prevent many spam emails that have infected email attachments that can have viruses to reach your inbox. This type of filtering is an extra layer of protection for your inbox essentially.

User and Awareness Training/Testing

A big part of threats from email and other cyber attacks usually has something tricking employees on clicking on (Infosec 2020). This is why user and awareness training/testing is necessary for all businesses. These types of attacks can cost so much to the business and can be reduced by proper training.

Certain training is necessary so that employees are familiar with what phishing emails look like and other things to look for in case of a potential threat. Training can be in forms of test emails (where they do not know that it’s a test), live training, training videos, and procedures.

Crowdsourced Anti-Phishing

A new type of email security that is gaining traction these days is crowdsourced anti-phishing. Basically, businesses share threat information among themselves and are usually able to uncover advanced threats. If employees are trained properly they can also spot and report anything that looks suspicious. You can read more about our solution here.

I hope this blog covering all about email viruses and security practices for your business has opened your eyes to the importance of email security. It’s not fading away and is crucial for any business during these times. Can you imagine not having to worry about an email scam hitting your office again? Wouldn’t that be nice? Well, we know how to help you get to that point. Here at Triada Networks Team, we can give you an in-depth look at what we can offer your business for email security and address any questions you may have.  Sign up for your free consultation today by contacting us online or calling 201-297-7778.

Resources:

Infosec Resources. (2020). Security Awareness and Malware. [online] Available at: https://resources.infosecinstitute.com/category/enterprise/securityawareness/employee-security-threats/security-awareness-and-malware/#gref [Accessed 4 Jan. 2020].

The post Email Security For Your Business appeared first on Triada Networks.

]]>
Top 5 Cybersecurity Threats for 2020 https://triadanet.com/top-5-cybersecurity-threats-for-2020/?utm_source=rss&utm_medium=rss&utm_campaign=top-5-cybersecurity-threats-for-2020 Sun, 09 Feb 2020 18:27:43 +0000 https://triadanet.com/?p=1405 It’s almost time to make it into another year and another decade at that! I want it to be the best year for your business and keeping your assets safe. When it comes to cybersecurity, it’s important for your business to stay ahead of the possible threats. You want to prevent the threats as much […]

The post Top 5 Cybersecurity Threats for 2020 appeared first on Triada Networks.

]]>
It’s almost time to make it into another year and another decade at that! I want it to be the best year for your business and keeping your assets safe. When it comes to cybersecurity, it’s important for your business to stay ahead of the possible threats. You want to prevent the threats as much as possible! With a new year coming up, there are new and existing cybersecurity threats that could take the year by storm. I have put together 5 cybersecurity threats that will be dominant in 2020 and what you can do to ensure your business stays ahead of the possible threats.

Data Rights Compliance

Things are gearing up for more data-protection safeguards thanks to two regulations/acts: General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA). It’s good news for cybersecurity in general but it also brings some panic amongst businesses. This means that many businesses must decide whether or not to meet the strictest requirements and figure out how to prepare for these new changes.

The GDPR was created to protect the privacy of individuals within the European Union. The CCPA was created to focus on the rights of California residents and protect data privacy and help individuals understand their data- how it’s collected, sold, or disclosed. California businesses have to comply with this act starting January 1, 2020.

Internal Attacks and Vulnerabilities

This type of cybersecurity threat could be caused in house and can be one of the most dangerous threats yet! Businesses have to set up processes in house to protect their assets because internal attacks can be extremely dangerous. Have you heard of the Twitter incident recently where 2 former employees were charged with spying for Saudi Arabia by leaking private account information? There are many examples that happen all the time within businesses themselves just like the Twitter incident. This is probably one of the scariest cyber-attacks because it all depends on how the internal employees are feeling and what their motivations are. No matter how much you try to build defenses in this situation, it’s all based on how the employees will hold up their end of the deal.

Another problem internally can be vulnerabilities. Businesses and organizations can get practices in place that may be the latest and greatest but may not know how to use it. Another problem is they may have certain cybersecurity processes in place but they do not know how to educate their employees on how and why to use them. In turn, this can cause careless mistakes that can leak information to people that do not need it in their possession.

Phishing Attacks

This attack is going to continue gaining momentum into 2020 as its one of the most widely used attacks where the attacker steals the user’s data such as credentials and credit card numbers. The attacker will impersonate a business or organization and convince the victim to open an email, direct message, or even a text message. Many attackers have gotten pretty clever too where they have the same layout and looks of the real trusted business so you have to be on the lookout even more. If you’d like to learn more about phishing emails specifically, read our blog, Hackers are Lurking in Your Inbox! How to Keep Your Business Email & Network from Being Compromised.

A specific phishing attack to be on the lookout especially in 2020 is the Business Email Compromise (BEC) that is targeting CEOs of businesses and organizations. This type of fraud has cost businesses over $12 billion in the last few years and has also been reported in all 50 states. To read more about CEO Fraud, read our blog here.

Ransomware

This threat doesn’t seem to be disappearing and it’s probably because of how successful it has been with hackers (unfortunately!) Hackers are constantly trying to find new ways to lock and encrypt a victim’s computer or device and demand a ransom (payment) to restore the access. What’s so bad is that often time these attacks are often done by cyber thieves so even if the ransom is paid they typically won’t restore access.

Recent ransomware attacks such as the ones that occurred in Baltimore and Atlanta have become highly publicized and more well known. These types of attacks are making the news more and people are starting to see how big of a problem ransomware is for businesses and even organizations. We even have a blog on Resilience Action Against Ransomware Attacks if you want to learn more.

Third-Party Vulnerabilities Such as the Cloud

One of the most common attacks include vulnerabilities such as attackers targeting cloud technology. Over the last few years, cloud technology and the adoption of the cloud have skyrocketed so it’s not too shocking to hear that vulnerabilities have risen too.

The best way to prevent these types of cybersecurity threats that are likely to be common in 2020 is to make sure you have covered all your bases. Make sure every topic I’ve covered is being handled appropriately. Make sure you are being vigilant with all of your systems and processes to be the safest business or organization possible. Another way you can make sure you are utilizing the appropriate systems and processes is by partnering with an IT/Cybersecurity provider such as Triada Networks. We have over 20 years of experience helping businesses with their cybersecurity as well as IT support to make sure they are prepared for what is to come. If you are interested in setting up a free consultation where you will receive a free security review, click here.

The post Top 5 Cybersecurity Threats for 2020 appeared first on Triada Networks.

]]>
5 Reasons Your Business Is Ready To Partner With An IT Provider https://triadanet.com/5-reasons-your-business-is-ready-to-partner-with-an-it-provider/?utm_source=rss&utm_medium=rss&utm_campaign=5-reasons-your-business-is-ready-to-partner-with-an-it-provider Sun, 09 Feb 2020 18:27:00 +0000 https://triadanet.com/?p=1403 When it comes to your business there may be times where you need to examine your current processes and see if shifting some would help make the business work better and more efficiently. Every business goes through this at some point as one person or one team is not able to handle every single aspect. This […]

The post 5 Reasons Your Business Is Ready To Partner With An IT Provider appeared first on Triada Networks.

]]>

Raffi working on a server for a client who partners with Triada

When it comes to your business there may be times where you need to examine your current processes and see if shifting some would help make the business work better and more efficiently. Every business goes through this at some point as one person or one team is not able to handle every single aspect. This is especially true when it comes to a company’s IT department. If you are struggling with keeping up with your current IT and things are not working properly, it could be time for you to partner with an IT provider! I’d like to share with you the 5 reasons your business is ready to partner with an IT provider!

5 Reasons Your Business Is Ready To Partner With An IT Provider

  • Do Not Have a Dedicated IT Staff

Any company that is under 100 employees typically won’t have a dedicated IT/cybersecurity team/staff to help. Smaller companies usually have to make do with what they have and then other areas of the business are not being attended to. This can cause problems especially as they arise for your IT staff.

  • You are Exposed to a lot of Businesses and See What Works and What Doesn’t Work 
If a small business has one of their employees that splits time between IT and their job, they aren’t exposed to nor are communicating with the larger IT community within their vertical. A Technology Services Provider has exposure to lots of different technologies and businesses and can bring their cumulative experiences to your company.
  • Your Current Technology is Holding You Back
If your business is using obsolete software and hardware systems then this can really hurt your business and slow down processes. Technology is constantly changing with the latest and greatest and it’s important to have someone that is knowledgeable in these areas to suggest what updates you may need in order to keep up.
  • The Person Responsible for IT is Being Taken Away from Doing His/Her Day Job
This is such a common problem amongst smaller companies as a person or several people become the “IT person” and are being taken away from their normal jobs. If this is something you are currently partaking in this can actually hurt your relationships with your employees. This can typically cause burnout in a position as they are not doing what they were originally hired to do. You can establish a better relationship with your employees if you have them do what they were hired to do and what they do best.
  • Loss of Productivity Due to Systems Issues or Frequent Downtime
Many businesses deal with database, hardware, and software downtime which can cause loss of productivity in the organization. These incidents can last for a few minutes to several days which can cause major problems and even losses. Without the proper IT team ready to take care of these types of issues, you could face major setbacks including major financial impacts.

Poulos, technician here at Triada helping a client get their phones and computers set up for a new employee

If your business is suffering from any of the top 5 reasons then your business is ready to partner with a technology services provider. It can benefit your business in many ways such as access to the latest and greatest in technology, cost savings, gives back hours, higher productivity, higher quality of staff, flexibility, 24/7 help, and keeping your regular employees on track and happy! If you are looking for an IT provider to give you these amazing benefits, then contact us at Triada Networks. You can go here to schedule a free consultation today! We look forward to assisting you with all of your IT & cybersecurity needs.
Want to keep up with on social? Check out our following platforms:

The post 5 Reasons Your Business Is Ready To Partner With An IT Provider appeared first on Triada Networks.

]]>