Better Cybersecurity for Your Company
The following post offers recommendations for better cybersecurity and was written by John Miller, President of Passport Software. We hope you find it useful.
It is important to inspect and possibly even fact-check claims about products or services before you spend your money. Remember sayings like, “there is no such thing as a free lunch” and “if it looks too good to be true…”?
If we’ve been taken in by such an offer and regretted it later, we may become a bit suspicious when an offer looks too good to be true. No less important in this internet age of ransomware and malware is the new saying: “WARNING: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.”
Unfortunately, all it takes is one moment of an employee letting their guard down to unleash a catastrophe on not only their computer, but the entire network it is connected to, servers, and client PCs. Email is still the most common vehicle for ransomware and malware of many varieties to spread, and the unsuspecting employee in today’s businesses cannot risk the unthinkable, and literally needs training and reminders on precautions to take.
What do you do to prevent Armageddon? First and foremost, BACKUP, BACKUP, BACKUP! Having a series of backups of the entire system, including all data files – that includes father, grandfather, and great-grandfather versions, securely stored off site and away from the network is critical. If it is attached to the network, it is accessible to malware. This is the most basic and important preventative measure to implement. Testing the functionality of these backups is critical as well.
Second, install high-quality software that employs software agents to watch programs writing out data to your storage devices and to quarantine suspicious programs prior to damage occurring. No legitimate business application does what ransomware does, which is to read whole files and re-write them, changing the name of the file, usually by adding a suffix. There are many software products that will detect this behavior and arrest it in its tracks.
Also, ensure you have updated your corporate email to use the latest security protocols to authenticate your email. Yes, it is a pain to go through this, but it will protect you from those very clever criminals who are able to make you think an email is safe, when it is not.
Lastly, please consult with your IT expert advisors and listen to their recommendations. You are not too small a fish for cyber criminals to fry. They will bother with you, and it will cost you bitcoin to even have a chance of possibly getting your data back. Newer gateway routers, cloud-based malware prevention, and other solutions are available as well as affordable, especially compared to the alternative.
Let me ask, “What would it cost your business if, in one instant, your computers all stopped working, all of your programs and data were toasted and you could not get them back?” In some companies, the answer to this question is “we would be devastated” or “we would be out of business.” Your answer will determine how much it is worth to take active responsibility for preventing such a catastrophe.
Exercise caution at all times! Send emails to all staff regularly reminding them of the potential disaster that one inadvertent click could cost the company; much more than they can imagine. If they wonder about an email attachment or link, please train them with this mantra: DO NOT CLICK ON IT! Have them personally call the person they think sent it and ask if it is a legitimate email. I have done this many times, and it saved me more than once from a potentially huge mistake.
Software as a Service (SaaS) Applications
Other areas of vulnerability for your company can include hosted cloud-based software applications. Cloud-based technology is usually available as SaaS and is hosted on remote servers. The subscription fee covers monitoring and managing of network servers.
According to makeuseof.com, “SaaS applications are no exception to this threat…48 percent of enterprises fell prey to a ransomware attack; data stored in different cloud locations, including public clouds, AWS servers, on-prem data centers, and many others, were specifically targeted.”
The SaaS platform itself is usually not attacked, but hackers target the data that stored on the platform. For example, the 2017 Equifax data breach exposed the confidential information of 147 million people. Data stored in a SaaS platform can be attacked via end user phishing, malware, and API key leaks. An application programming interface (API) key is a code used to identify and authenticate an application or user.
Stolen data recovery is usually difficult, time-consuming, and often incomplete. Hackers can use the platform’s API overwrite and encrypt stolen data, and then demand a ransom to obtain the decryption key to recover stolen data.
On-premise Software Benefits
With on-premise software, you manage your own server and have more complete control of access and security measures. Your company is responsible for setting user access policies, installing firewalls, antivirus software, and installing security patches promptly. A security patch is a software update that resolves a bug or security vulnerability in your software.
With appropriate IT support, on-premise software can better ensure that your company’s servers are protected. You don’t need to rely on an outside company to host and manage security for your private data. In addition to controlling security measures, companies are returning to on-premise software to minimize costs, and secure critical data ownership.
Passport Business Solutions™ (PBS™) is on-premise, professional-level software with a one-time licensing fee and a nominal fee for annual updates. With PBS™ desktop software, you own your data, control security measures, and our expert consultants can tailor a solution to meet your unique needs.
There are very few on-premise accounting software solutions on the market with a perpetual license, and PBS™ Accounting is designed to meet the needs of small to mid-sized companies. Our on-premise accounting software includes optional in-house payroll that can provide ongoing ROI due to cost savings versus an outside payroll service.
Passport Software provides an array of on-premise business software solutions designed to help your company streamline and improve profitability.
Call 800-969-7900 to learn more about how PBS™ Accounting, PBS™ Manufacturing, PBS™ Distribution, and other business solutions can help your company streamline and grow. Or, contact us – we are here to help.