Each year, cyber crime continues to grow, infiltrating business through methods like phishing, ransomware and social engineering. Cyber criminals have found the path of least resistance andthey are running with it. Cyber crime statistics in 2019 indicate that cyber crime has grown in leaps and bounds over the previous year.
According to zdnet.com, the average cost of cyber crime for an organization increased $1.4 million over the past year, to $13.0 million, and the average number of security breaches in the last year rose by 11 percent from 130 to 145. What does this mean?
Cyber crime taking more time to resolve
It is becoming more expensive to fix
Everyone is a target
For now anyway, this is our new normal and hackers have evolved, adapted and they realize the most effective method is to target humans, the weakest link in cyber security.
2019 Cyber Crime Statistics
Check out these startling statistics that paint a very clear picture of cyber crime today – and learn what to do to stop it from happening to you!
1) Ransomware Remains the Biggest Threat to Small Businesses
In 2019, 85% of MSPs report ransomware as the most common malware threat to SMBs. (Source: Datto)
2) Small Businesses Are the Primary Target
On average, 1 in 5 small businesses report that they’ve fallen victim to a ransomware attack. Small businesses who don’t outsource their IT services are more at risk. (Source: Strategy Analytics’ proprietary research of the North American SMB market.)
3) 91% of Cyber Attacks Begin with a Phishing Email
Cyber criminals have zeroed in on the #1 most effective type of cyber-attack: phishing emails. As the leading cause of cyber threats, spear phishing involves targeting an individual or group of users by masking the email as a legitimate source like a banking institution or software company like Microsoft.
Hackers use tactics like urgency to get you to open the email without thinking twice and before you know it, you’ve clicked on a cleverly disguised malicious attachment or a link to malware.
The average ransom requested by hackers is increasing. MSPs report the average requested ransom for SMBs is ~$5,900, up 37%, year-over-year.
Tip: If your business has become victim of a ransomware attack, DO NOT pay the ransom. There is no guarantee you will get your data back and you could be out thousands of dollars for nothing. The best defense against ransomware includes a multi-layered security approach. (Source: Datto)
5) In 2019, the Average Cost of Downtime is WAY Up
($141,000 in 2019 vs. $46,800 in 2018) Yep, you read that right.
Downtime costs are up by 200% year-over-year, and the cost of downtime is 23X greater than the average ransom requested in 2019. (Source: Datto)
6) Ransomware Attacks Occur Every 14 Seconds
Every 14 seconds is the frequency in which a business will fall victim to a ransomware attack this year. Estimates show that this number will INCREASE to every 11 seconds by 2021.
At the very least, it is critical that you have a reliable, regularly tested data backup solution in place so that if you do lose access to your data, a backup can quickly be restored, minimizing downtime and saving you a significant amount of time and money. (Source: Cybersecurity Ventures – 2019 Official Annual Cyber crime Report (ACR))
7) USA is the #1 Target
It’s great to be #1, but not so much when it comes to being the primary target of cyber security attacks. The United States is ranked #1 across all other countries targeted by cyber criminals. (Source: Norton Security)
8) Ransomware Attacks Predicted to Increase 5X by 2021
It is predicted that ransomware attacks against healthcare organizations will increase by 5X between 2017 and 2021.
And consider this – healthcare ranks 15th out of 18 industries when it comes to cybersecurity and research shows hospital employees fall victim to 1 out of every 7 phishing emails.
This creates a tremendous opportunity for security awareness training for healthcare organizations in order to close the gaps and strengthen security from within. (Source: The Cybersecurity Almanac 2019 from Cybersecurity Ventures)
9) Cyber Crime is More Profitable than the Global Illegal Drug Industry
So why do they do it? It’s simple. Although it sounds crazy, cyber crime is now more lucrative than dealing drugs. The illegal drug industry totals around $400 billion/year. In 2018, cyber criminals earned a total of around $600 billion. (Source: Cybersecurity Ventures)
10) You Can Purchase a Consumer Account for $1 on the Dark Market
With billions of personal records stolen over the years, this creates an excessive amount of credentials for sale on the dark web. This in turn has lowered the cost of consumer accounts. Bank accounts run hackers anywhere between $3-25 each. (Source: RSA)
The Best Defense is a Good Offense
A solid data backup and disaster recovery plan. A good plan includes a multi-layered security approach.
Set up a data backup and disaster recovery plan. Also mention security assessment and also security awareness training.
It’s only fitting that October is also National Cyber security month, a time to reflect on cyber threats and seek protection from security risks. So what is cyber security, and why is it so critical?
The Meaning of Cyber security
Cyber security can take many forms, from user training and ongoing employee education to assessment of potential vulnerabilities within a business network infrastructure. Technology and user education are complementary halves of a cyber security whole, and one is not effective without the other. A prominent part of network security is assessing network access and evaluating which areas are most deserving of your time and effort.
The Benefit of Security Assessments
At Ontech, we can provide your business with a thorough assessment of your cyber security, including an analysis of your network infrastructure, a deep dive into your security protocols, and a look at your vulnerability to both insider attacks and external threats.
Until you establish a baseline, it’s impossible to know where you are going and what you could be doing better. By having an assessment conducted, you can build on your previous efforts to create an even more robust online and physical infrastructure. If you have already had a vulnerability assessment completed in the past, we can provide a second opinion, so you know you are protected.
How Can You Be Cyber Secure?
One way to think of online security is like a pendulum, with security on one side and convenience on the other. Convenience is important, but easy access could also make it less secure. On the other hand, enhancing security can come at the cost of convenience, triggering complaints from employees and customers. Getting that balancing act right can be difficult, but it is essential if you want to keep your network and data safe.
Who Should Be Responsible for Cyber security?
There is an ongoing debate over cyber security and who is ultimately responsible. Should IT departments challenge upper management to enhance security? Should software companies and internet service providers take a larger role in security and data protection?
These are difficult questions with serious implications in the real world. In the wake of a recent ransomware attack, a governmental agency fired their IT technician, but the IT staffer fought back. He filed a lawsuit, and he is likely to prevail in that action.
In this particular case, the IT tech had an extensive paper trail, one that showed the lack of cyber security was largely the fault of management, and the agency shunned its responsibility for cyber security. As ransomware attacks grow more frequent, this situation is likely to recur, and businesses everywhere need to be ready.
Online Practices to Avoid
In the online world, it is critically important that you know and understand who you are giving information to and why. Hackers often target social media to influence buying habits, steal personal information, and compromise security. Understanding these tactics is the first line of defense when it comes to protection your data – both business and personal.
Knowing when to ask for help when you’re out of your element can save you a lot of heartache. For example, if your computer was infected with ransomware, it might be tempting to pay the ransom, but before you do anything, get professional help. Ontech is ready to be your partner.
Data protection has never been more important for businesses of all sizes. Hardly a day goes by without word of yet another data breach, another stolen laptop and yet another PR nightmare for the business involved.
If you want to protect yourself, your data and your business, you need to take security seriously, and that starts with enterprise-level encryption. Solid encryption is a must for mobile devices, including the laptops your sales staff uses while on the road. That’s where BitLocker comes in.
What is BitLocker?
This proprietary encryption program is designed for business use, and it is an essential tool in your IT security arsenal.
Designed to be used seamlessly with Windows-based computers, BitLocker can encrypt the entire hard drive, rendering the files on it useless to a thief while allowing legitimate users to fully access the data they need.
That protection is certainly vital in today’s dangerous cyber world, but BitLocker can do more than just encrypt files – this powerful program also provides protection against unauthorized changes to the operating system, including firmware changes. This is particularly valuable, since many recent malware infections work by surreptitiously updating the firmware on targeted devices.
A Versatile (and Free) Tool
BitLocker comes free with Windows 10, so business users will not incur any additional expenses when using it. And while the BitLocker tool is free, it is also extremely valuable and versatile.
With BitLocker, users can encrypt the hard drives on their desktops, laptops and servers. This device-level encryption is a powerful security tool, but it is arguably most useful for mobile devices, especially laptops.
If a thief steals one of your company laptops, they will no doubt try to access the files it contains. They may even remove the hard drive and try to read it on a third-party device, but with BitLocker in place that access will be blocked.
HIPAA and Banking Compliant
Certain businesses, including firms subject to HIPAA regulations and companies doing business in the banking sector, are required by law to encrypt their data. When used as part of an overall security strategy, BitLocker allows those businesses to stay compliant and avoid possible penalties.
BitLocker can also provide additional protection from ransomware, but businesses should not rely on this one program alone. Some strains of ransomware can work their way around BitLocker, so use it as a small part of a larger data protection strategy. Other parts of that strategy should include a robust backup plan, ongoing employee training and executive awareness.
BitLocker works by using a 200-digit key. That key is associated with a user on the network, and once it is enabled, the user does not have to worry about it again. The network administrator can track the keys and keep all relevant information. If a user needs to recover a particular key, they can do so through the administrator.
How to Manage BitLocker
BitLocker is a powerful tool for data protection and encryption, but it is only as effective as the processes you put in place. In order for BitLocker to do its job, all vulnerable devices, including mobile computers, must be fully encrypted.
Running ongoing scans for unencrypted mobile devices can help you manage BitLocker more effectively, so nothing slips through the cracks and no proprietary data leaks from your organization. If you need help developing a sound plan for hard drive encryption and mobile device protection, Ontech Systems is always just a phone call away at 262-522-8560.
Does BitLocker Affect Performance?
When used as intended, BitLocker should not negatively impact the performance of your laptops and other computers. It does take time for the BitLocker process to run, so it is important to schedule the installation accordingly.
If you do notice issues with performance on devices running BitLocker encryption, it is important to find the root cause. Preexisting malware infections, undetected problems with the operating system, and other issues could cause performance to deteriorate.
If you need help installing, maintaining or working with BitLocker, you do not have to go it alone. BitLocker is a powerful tool, but making the most of it is not always easy.
For help with all your BitLocker related issues, just give Ontech Systems a call or send us an email. We are happy to assist you, so you can enjoy secure hard drive encryption and the peace of mind that comes with it.
With the rapid technological advances in the last 20+ years, automation is becoming commonplace in business. Today, repetitive business tasks are often replaced with automated software solutions in an effort to streamline costs and focus man hours on tasks that require critical thinking.
One such example of automation in the IT industry is remote management and monitoring (RMM).
What is RMM?
Remote management and monitoring is a type of automation that uses the latest technological tools to keep computer systems up to date and business networks protected.
RMM makes it possible to automate the process of applying patches and updates, reducing the risk of human error. In the days before RMM, these tasks were handled manually. With the introduction of RMM, automated tools now handle these tasks more effectively, freeing up IT staff to focus on other projects.
One of the biggest benefits of remote management and monitoring is the ability to flag certain items. Servers are constantly producing logs, and those logs can provide valuable information for IT staff. In the past, server logs were reviewed manually and it was easy to miss even the most obvious red flags. RMM software searches for red flags, passing the most critical onto the IT team or service provider.
Remote Management and Monitoring – and Compliance
When all systems are connected to a central ticketing system, reporting is even easier and more effective. RMM provides a detailed audit trail, showing exactly what steps were taken to resolve an issue.
HIPAA, for example, requires proof that patches and updates are regularly completed. This audit trail can help you confirm your business is in compliance, and that you have taken steps to prevent a recurrence.
RMM vs. Hourly
Businesses require data to operate and that data needs to be protected. There are a variety of ways to do this, but one service isn’t necessarily ‘better’ than the other. It is more a matter of finding the best way to identify and apply fixes in a consistent manner.
The Benefits of RMM?
RMM has a number of advantages over the hourly model, including its proactive nature. With RMM, services are proactive, offering real-time alerts and ongoing monitoring. This allows for faster response times and reduces the risk of serious damage to the network or its data.
With the hourly model, a user will report that something is wrong, or IT will find the issue. Action is only taken once the issue is identified, which results in a reactive process that is susceptible to human error. If an issue is missed, it could remain unresolved for days, weeks or even months. In this way, resolution speed is more efficient through RMM compared to hourly.
Remote management and monitoring provides a more consistent, predictable cost, making budgeting easier, eliminating expensive surprises. With RMM, you have a set cost based on the number of computers, firewalls, servers and other equipment you have in place.
With the hourly model, costs fluctuate, sometimes in unpredictable ways. Windows updates for example may take more time one month over another, resulting in sometimes drastic cost fluctuations.
A Hybrid Approach
A popular approach and growing trend is to use RMM for critical network infrastructure and hourly IT support on projects. RMM can handle basic maintenance and monitoring tasks while IT staff tackles projects like server migrations, application setup or user training. This approach offers the best of both worlds, combining the predictability of RMM with the custom aspect of project work.
Remote Monitoring and Maintenance Trends
The biggest shift in RMM is the number of tasks these automated tools can tackle. Modern RMM tools include sophisticated scripting models, i.e. if this happens, do that.
You can take alerts that are already in place and automate that process response over time. And while it takes time to build out the automation, once it is in place, you can enjoy lower and more consistent IT costs.
If you want to streamline your IT costs through RMM, contact Ontech Systems at 262-522-8560. We can help you develop a RMM plan so you can protect your business, stay compliant with all applicable regulations and build a better and more robust network.
Ready to get started?
Call us at 262-522-8560 for a quick 10-minute chat to see if we’re a good fit or submit a request online and let us know how we can help.
From ransomware attacks to spear phishing designed to target decision makers and compromise intellectual property, security threats are multiplying faster than many businesses can adapt to.
If you want to avoid becoming the next cautionary tale, it’s important to understand the risks and know how to protect yourself. The more you know about these established threats, the easier it will be to prevent them. Here are some steps you can take to enhance your security and protect your business in an increasingly unsafe online world.
1) Enable Two-Factor Authentication
If you’re relying on passwords alone to secure your network and protect sensitive data, you are one step away from truly securing that information. With so many widely known data breaches, there’s a good chance some of the passwords you use are already in the wild.
This is why two-factor authentication is such a vital part of any comprehensive security program. With two-factor authentication, you can create an extra layer of security that builds redundancy and offers peace of mind.
It is important to note that most, if not all online and business accounts use two-factor authentication, and implementing this strategy is not as complicated as you might think. Since most systems already have two-factor authentication built in, adding extra security is simply a matter of turning it on.
2) Close Any Accounts You’re Not Using
From the secondary email account you thought you needed to the app that looked great but wasn’t, you probably have a lot of extraneous programs running on your personal devices and business network. Each one of those unused accounts is a security risk, and closing them can lower this risk.
Start by taking inventory of all programs and accounts on your network. With this list, you can close accounts you no longer need. By removing this unnecessary data, you can reduce the risk posed by those old and frequently unsecured accounts.
3) Have Strong (and Unique) Passwords
A solid password strategy is key to online security and identity protection, but long and complicated credentials are not enough. If you want to protect yourself and your data, you need to make sure your passwords are unique as well as complex.
Repeating passwords across multiple accounts and websites is a dangerous practice that is all too common in the business world. You can start by setting a good example, then implement policies that require employees to establish unique passwords for every account they create and every password-protected website they visit.
4) Password Protect Your Phone
The smartphone in your pocket is much more than a communication device – it is a tiny computer vulnerable to attack. As such, your phone deserves its own protection, starting with a strong password.
If you are not protecting your mobile devices with strong passwords, you could be handing hackers the keys to the kingdom. If just one of your mobile devices is compromised, cyber criminals could use that access to roam the rest of your network, taking control of the system, stealing proprietary information and even implementing a ransomware attack.
If your organization is bring your own device (BYOD) friendly, it is critical to have a solid mobile device management plan in place. Allowing employees to use their personal devices makes sense from a business and cost standpoint, but only if those workers understand their responsibilities and take security risks seriously.
5) Be Mindful of What You Publish About Yourself and Your Business
It’s great to have a presence on social media, but sharing too much information could put your security at risk. Be mindful about what you publish online.
Hackers view social media as a rich source of information, and they routinely harvest that data. An resourceful hacker could use the digital clues you leave behind to guess your passwords, and if they guess correctly they could soon be roaming through your network undetected.
6) Watch What Others Are Saying
It is not just what you say about yourself that puts your security at risk. Information shared by others, including customers and your own employees, could also give hackers a back door into the company network.
It often starts innocently enough. A business, proud of an employee’s achievement, might post about it online, but that proud moment could have negative consequences depending on who is watching.
The threat posed by third-party information is all too real. This very thing happened to one of Ontech’s clients, and within a week hackers were already spoofing the individual who was promoted by the business.
7) Integrate AI Defense for Mailboxes
Artificial intelligence can be used to protect company email accounts. Once that AI defense is fully integrated, it can monitor company email for unusual activity and suspiciously heavy traffic. If a problem is detected, the AI can notify an administrator, allowing them to take action and head off an attack. Want to implement AI into your email defense? Contact us online or call 262-522-8560 for more information.
8) Be Mindful of Your Internet Connection
Not all internet connections are the same – some are riskier than others. Never log into accounts containing sensitive information via public Wi-Fi, and pay close attention to the type of connection you are using.
9) Do Not Use Free Emails for Business
Free email may be fine for personal use, but these accounts are inappropriate and dangerous for businesses. It may be tempting to use a free email address as a secondary address but this creates a major risk for the business, so stick to business accounts while at work.
10) Watch Out for Phishing Emails
Phishing attacks take many forms, and they have become increasingly sophisticated in recent years. You can never be too careful. At Ontech Systems, we’ve recently seen an uptick in phishing emails targeting QuickBooks and other accounting software.
Ultimately, the greater the level of adoption, the more likely hackers will target users of the software program. Pay close attention to the software you use, and always be suspicious when you receive an email requesting personal or proprietary information.
If you have questions about how to secure your online identity or protect your business, just contact Ontech Systems. We can help you develop a comprehensive security plan for your business to lock down your systems and reduce the risks posed by hackers and cyber criminals.
Ready to get started?
Call us at 262-522-8560 for a quick 10-minute chat to see if we’re a good fit or submit a request online and let us know how we can help.
The millennial generation is different in many ways, from its reluctance to invest in the stock market in the wake of the Great Recession to its preference for experience over material goods. But for businesses, there are other, more important differences to consider.
In the next few years, the millennial generation are expected to make up half the workforce, and their influence is growing daily. Millennials, it seems, do everything differently, and that includes the way they work.
If you want to manage the members of this incoming generation effectively, you need to think the way they think, and that can mean changing the way you manage and secure your corporate network. Follow these five simple steps and you’ll be well on your way to a millennial-friendly network.
1) Embrace the Bring Your Own Device (BYOD) Trend
Millennials love their devices, and more than 7 in 10 say the way an organization views technology influences whether they want to work there.
With businesses competing for millennial talent, a robust BYOD policy could prove essential to retaining members of this massive generation. Aside from keeping them happy, BYOD is great for productivity. There is compelling evidence that a well thought out BYOD policy increases productivity.
A BYOD policy also settles the endless debate over Apple vs. Android. Millennials have strong feelings on these matters, and allowing them to bring their own devices is a great way to avoid feuds over competing platforms and technologies.
2) Implement a Mobile Device Management (MDM) Plan
For millennial employees, access to mobile devices is not optional – it’s essential. If you want to create a millennial-friendly workforce and at the same time, keep your data safe, you need to have a mobile device management (MDM) plan in place.
Some millennials may be skeptical over the amount of privacy they will have on their devices, so it’s important to create an MDM policy that stresses security and privacy.
Educating your workforce on what your MDM policy is, what it covers, and how it works can set millennial minds at ease. For example; when Ontech implemented BYOD and MDM, we brought each employee in the manager’s office separately and showed them the portal and exactly what Ontech can and can’t see.
In addition to a MDM plan, it’s also a good idea to lock down your network with a secure VPN. A mobile workforce is convenient, but you can’t afford to sacrifice security for convenience. Millennials don’t want to be chained to their desks or trapped in their cubicles – a secure and robust VPN gives them the freedom they need, whether they’re working from home or grabbing a bite at the local coffee shop.
3) Put a Solid Data Backup and Business Continuity Solution in Place
According to the Federal Emergency Management Agency (FEMA), 40% of businesses that suffer a major data disaster never reopen. The loss of network data could be an existential threat. A business continuity plan to restore critical files is not only your first line of protection, it’s also the path to a more productive millennial workforce.
Ontech crafted these steps by going ‘straight to the horse’s mouth’ and asking millennials exactly what they do and don’t like about their place of work.
One millennial worker expressed how her paperless office suffered mightily from network outages – network-stored blueprints were often unavailable, and work ground to a halt until connectivity had been restored.
But it’s not just millennials who feel the pain, younger workers in general are more attuned to these problems. If you want to keep your millennials happy and productive, a reliable wireless network, robust data backup and business continuity plan is an absolute must.
4) Make Company Tech EASY
As digital natives, most members of the millennial generation have never known a time before computers, cell phones and other tech devices. They’ve grown up with these devices in their pocket, and they are used to fast response times, intuitive designs and simple operation.
If your own tech is not easy, your millennial workers could move on to greener, more tech-friendly pastures. If you want to attract the best millennial talent and convince them to not only stay, but grow with your business, focus on ease of operation.
There are many ways to make your network easier to operate such as cloud-based software and storage systems used in conjunction with mobile apps.
Millennials prefer clear, step-by-step processes from employers. Microsoft Sharepoint allows those processes to be easily documented and shared between appropriate team members. Microsoft Sharepoint also allows your management team to lock down those specific documents to not be edited without the proper user permissions in place.
Dual monitors are another must for the millennial-friendly workplace, allowing employees of all ages the flexibility and freedom they need to stay happy and productive on the job.
Strong support is another key to ease of use. If your business operates in multiple shifts, a 24/7 help desk could be a lifesaver. Nothing is more frustrating to a millennial than needing help and not being able to perform their job due to lack of support.
For some companies, a millennial friendly network might extend beyond making things easy. A well-known pioneer of healthy workplace culture is Google who offers a wide variety of perks for employees. But at a smaller scale, this might mean opening up the firewall between 11:30am – 1pm for millennials to stream content or browse social media over lunch. After all, a healthy work/life balance is key to keeping millennials happy.
5) Create a Collaborative Environment
This generation is increasingly looking for a collaborative work environment that encourages the sharing of information and free exchange of ideas.
Nearly two thirds of workers ages 18 to 34 say they are motivated by video meetings and team messaging apps. Microsoft Teams is one of the most valuable tools for collaboration in the modern workforce, and adopting it can give your organization a powerful edge when attracting and retaining talented millennials.
Members of the millennial generation are already having a profound impact on the modern workplace, and their influence is only expected to grow. If you would like more information on any of the steps described, just contact Ontech’s support team by phone at 262-522-8560 or send us a message online.
We will work with you to create a powerful, secure, and stable network – one that will enhance the productivity and job satisfaction for all of your millennial staff.