With all the recent hacking scares all over the world, you know and understand that your cyber security and your business’s cyber security are extremely important. However, when it comes to authentication processes, you may not be sure what the real deal is. There are two seemingly similar types of authentication that are often confused. Those are, of course, two-step and two-factor authentication. Find out more about the differences between the two here to ensure your cyber security will always be top of the line.

If you are seeking out a way to improve your business’s cyber security, both for your business itself as well as for your customers, you are likely looking at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cyber security. And in current cyber security, many businesses use the terms two-step and two-factor authentication interchangeably.

There are, however, subtle differences between the two. A two-step authentication process requires a single-factor login (such as a memorized password or biometric reading) as well as another of the same type of login that is essentially sent to the user. For example, you may have a memorized password for your first step and then receive a one-time-use code on your cell phone as the second step.

Two-step authentication does function to add an extra step in the authentication process, making it more secure than a single-step authentication (i.e. just the password). However, if a person or business is hacked, it will do only a little to stop hackers from getting a hold of whatever they are looking for.

On the other hand, there is two-factor authentication (sometimes referred to as multi-factor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.
In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, you can be certain that you are using the right type of authentication in your business to keep your business and customer information as secure as possible.

Your network needs the best security technology has to offer. What type of authentication that results in is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with permission from TechAdvisory.org SOURCE

The internet is undoubtedly one of the most powerful tools for improving business productivity. But it’s also a magnet for procrastination. With unfettered access to the internet, it’s easy to stray away from your important work responsibilities. If done in moderation, five-to-ten minute breaks on Facebook, Twitter, and YouTube are harmless, but if employees spend several hours a day there, the internet is impeding office productivity. Fortunately, web monitoring can ensure your employees don’t overuse these sites.

Time-saving measures

At times, the internet can be very addictive. Internet monitoring software saves employees from the temptation of online videos and games by restricting access to time-wasting sites that you deem unnecessary for business. But internet monitoring software doesn’t even have to be as extreme as denying permission to harmless social media websites. Just letting your employees know that you’ll be randomly monitoring their internet activity discourages them from taking prolonged visits to their Instagram page.

Avoiding harmful websites

The internet hosts plenty of unsavory links and websites. Employees who haphazardly click phishing links or access malware-ridden pornography sites can put your business at risk. Working with infected machines can slow down the entire system and, in some cases, completely halt operations. But by using internet monitoring tools you can restrict access to dangerous websites, and identify reckless employees to remove their internet privileges, if necessary.

Controlling bandwidth usage

Even while using the internet for the right purposes, bandwidth can be used up quickly. Internet monitoring gives you up-to-the-minute reports on your bandwidth usage. Once you have a clear understanding of your company’s overall bandwidth usage, you can then control its expenditure. This feature allows you to prioritize bandwidth for critical business applications and reduce bandwidth for less necessary websites.

Increasing productivity on the internet

Internet monitoring software may be a powerful tool, but it should be used responsibly. As a business owner, you need to walk a fine line between over-surveillance and under-surveillance. What you should do is establish a clear internet policy. Then, explicitly define the disciplinary measures to be dispensed on anybody who goes against the requirements of the internet policy. And deal with time-wasting employees on a case-by-case basis. It’s unreasonable to remove everyone’s Facebook privileges because one or two abused theirs.

Employee productivity can be difficult to achieve, especially with the proliferation of what we would like to call, “procrastination software.” But with web monitoring software, you can truly get your business — and your employees — back on track. Looking for more ways to increase business productivity with technology? Give us a call. We’ll be happy to make suggestions.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with permission from TechAdvisory.org SOURCE

One of the biggest myths that I hear from our customers is that small businesses aren’t as susceptible to security breaches as large enterprises. The truth is, just because you’re small doesn’t mean you aren’t vulnerable. In fact, by 2019, the cost of cybercrime is expect to soar to $2 trillion.

Small businesses haven’t historically been the target of cybercrime, but that is changing: In the U.K. alone, nearly 75 percent of small businesses reported a security breach in 2015, an increase over the preceding two years. Why the change? Hackers prey on small businesses as opposed to larger ones because small businesses tend to have lower security defenses, which includes working on outdated software, often due to lack of financial and human resources.

This shift underscores how critical security is to businesses today. However, that small businesses aren’t at risk for security breaches is only one of the misconceptions I hear from our customers today.

Myth: The cloud isn’t secure

Chances are, if you’re a small business, you don’t have an in-house IT department. You might work with an external consultant, or you might just be doing it all yourself as many small business owners do. For this reason, many small businesses are moving their physical technology infrastructure to the cloud because of the many security benefits it provides. Cloud solutions give businesses peace of mind that their data is secure by providing automatic updates to ensure they are always benefiting from the latest security advances. And because business owners can rest easy knowing that they are always on the latest technology, they can spend their time doing what really matters – growing their business, acquiring new customers, etc.

This kind of always-on security is what drew Romax, one of the U.K.’s leading marketing communications businesses, to the cloud. The company moved to a combination of Microsoft Azure, Office 365 and on-premises solutions (a hybrid model) for enhanced security because it needed to be in compliance with tight information security policies regarding retaining client data. The company’s move to the cloud provided Romax owner Wesley Dowding with peace of mind knowing he could focus on his business. “I can go to sleep at night knowing that if the place went down, we’d still be able to serve our clients and our data is secured,” he said.

Myth: I’m not big enough to be susceptible to security risks

At Microsoft, our customers’ security is always top of mind. That’s why we invest more than a billion dollars per year in security-related research and development and build best-in-class security features into all of our cloud solutions that protect against security risks that small businesses may not realize they are susceptible to, such as:

  • Lost and/or stolen devices: With employees working across multiple devices from multiple locations, it’s not uncommon for devices to get lost or even stolen. Microsoft BitLocker, included in Windows 10, encrypts all data stored on the Windows operating system, ensuring that even if an employee leaves his mobile phone on the bus or has her laptop stolen from her car, the data stored on it remains secure.
  • Employee error: It takes something as simple as an employee opening the wrong mail or clicking on the wrong link to compromise your systems and data. To help thwart the risk of this kind of employee error, Microsoft Outlook comes with built-in anti-phishing detection to help prevent fraudulent email messages from even reaching your employees in the first place.
  • Outdated technology: Running outdated solutions has a significant impact on small businesses – data shows that small businesses that are running the latest technologies can increase their annual revenues 15 percentage points faster and create jobs twice as fast as businesses using outdated solutions. On top of that, a different study revealed that 91 percent of consumers said they would stop doing business with a company because of its outdated technology. With Office 365 and Windows 10, security updates happen automatically so you never have to worry about whether or not you are protected against the latest threats.
  • Weak passwords: Hackers are becoming more and more sophisticated, and if your passwords (and your employees’ passwords) aren’t becoming more sophisticated at the same time, you could be at risk for a breach. Fortunately, Windows 10 users benefit from the Windows Hello & Microsoft Passport features that enable them to replace passwords with biometric authentication such as face, iris or fingerprint identification for greater security.
  • Data backup: Backing up your files can help reduce losses in the event of a physical security breach – like a break-in at your office or stolen devices – and get you back up and running quickly. Microsoft OneDrive for Business – included in all Office 365 commercial plans – provides a secure place to store documents in the cloud so you can always access them from anywhere or any device – even when you’re offline.

Myth: If I haven’t been compromised yet, what I’m doing is probably enough

Security experts like to say that there are two kinds of businesses in the world today: Those that have been hacked and those that don’t know they have been hacked yet. Data from a recent cybercrime study proved this to be true: according to the Ponemon Institute, it takes – on average – 170 days to detect a malicious attack.

It was just such a situation Chelgrave Contracting, an Australian maintenance and labor hire company, found itself facing. The company’s General Manager, Greg Scott, discovered the company’s antivirus software had expired six weeks before without triggering an alert. The lapse prompted a minor virus attack, with only luck preventing the company’s PCs from develop a major virus outbreak, Scott says.

Chelgrave turned to Microsoft Intune, which includes endpoint protection built on Microsoft’s powerful Malware Protection Engine, enabling Scott to provide all Chelgrave PCs with real-time security updates. Remote and mobile employees now receive these updates simply by connecting to the Internet, ensuring their laptops retain the highest levels of protection.

This example underscrores the importance of not letting your security lapse – after all, security breaches can be devastating to small businesses – and making sure you are using the right technology, like Windows 10, Intune and Office 365, that protects you 24/7.

Truth: Security is vital to small business success

Security will continue to play an increasingly vital role in the success of SMBs, which are targeted by hackers now more than ever before. Taking basic steps will make your business safer, but using Microsoft technology allows a business and its employees the peace of mind that their data — their own and clients’ — is secured.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from Microsoft. SOURCE

New research suggests that SMBs have a long way to go before getting up to speed with today’s cyberthreats.
A third of small to medium-sized businesses (SMBs) have no idea what ransomware is or how devastating the malware can be, highlighting a series lack of understanding which could seriously harm today’s companies.

According to new research  released by antivirus firm AVG on Tuesday, too many businesses are unaware of how dangerous ransomware can be — and how easily it is to become the latest victim of the malware strain.

Ransomware is a type of malicious code that once executed on your system — usually through a malicious link or phishing email — locks your PC, encrypts either your files or hard drive, and demands a ransom payment in return for a decryption key which claims to give you your system back.

One of the latest strains to be detected, MarsJoke, threatens to wipe data if a ransom is not paid within 96 hours.Time-sensitive threats are a common tactic used by ransomware campaign operators to put pressure on victims to pay up, and ransom payments can range from small amounts to hundreds — or thousands — of dollars.

As ransomware can be a very lucrative prospect for cybercriminals looking to cash in, unsurprisingly, infections are on the rise. Locky, Cerber and Virlock are only some of the ransomware variants which are being used in active campaigns against entities including hospitals, governments and gamers.

One UK university has reported  21 attacks in the past 12 months alone.

Last year, the FBI received 2,453 complaints about ransomware hold-ups, and out of these cases that were actually reported, the damage cost victims more than $24 million.

“The true scale of the problem is somewhat hard to define though because, understandably, many businesses and organisations are reluctant to reveal they’ve been held to ransom because of fears about being targeted again, or losing existing or new customers,” AVG notes.

In June, the security firm asked almost 400 SMB customers in the US and the UK whether they knew about ransomware. In total, 68 percent of respondents had heard of the term ‘ransomware,’ but it is the 32 percent — just over a third — that had no knowledge which is the concerning factor.

Considering the first recorded attack took place in 2005, which came in the now-common form factor of a fake antivirus message which required payment, 11 years on is a long time to not know about such a dangerous threat to business operations.

To make matters worse, out of the 68 percent of respondents which said they knew what ransomware was, 36 percent gave the wrong answer — and actually didn’t really know what the malware was, or its implications.

If you find yourself a victim of such malware, the first thing to do is research the infection to see if security companies have come up with free decryption tools, including AVG andKaspersky.

While some tools are available, it takes time to crack updated versions and so you may be out of luck. If none are available, you may have to resort to backups of your data. You might be tempted to pay up; however — if you do so, you are funding the criminal enterprise, and there is no guarantee you will be given a working key to retrieve your files after paying the ransom.

Curious to learn about other common malware that can cause trouble for business owners? Want to upgrade your existing network security system? Give us a call today, we’re sure we can help.

Published with consideration from ZDNet. SOURCE

With a Category 3 storm aiming squarely at the East Coast of the United States, how well have you prepared yourself and your data? David Gewirtz shares some tips and cautions you may not have considered.
I live on the Space Coast of Florida, and as I write this, Hurricane Matthew is aiming right at us. You never really know where hurricanes will hit. This Category 3 nightmare (which models show may strengthen back to Category 4) could land down near Miami or move north towards Jacksonville or the Carolinas. Right now, models are showing it might even loop around and hit us again next week.

It’s not pretty. Even if the main storm stays offshore, hurricane-force winds and flooding could have a pretty devastating result. I won’t lie to you. We’re worried. We’ve locked in our hurricane shutters and done basic hurricane prep, but if the power goes out or worse, we’ll be off the grid for an indeterminate amount of time.

That brings me to the issue of protecting your data and some things that those of you in the track of forces of nature may not have considered.

Let’s start with the cloud. Storing data in the cloud may have some disadvantages, but when it comes to a storm like Matthew, it’s nice knowing that Google, Evernote, Dropbox, and CrashPlan are safely preserving our data out of harm’s way.

But think about this: what happens if you’ve knocked offline and can’t get to your data?

Do you have local copies (printouts, even) of critically important information like family and emergency contact numbers, insurance policies, repair manuals, and health records?

If you’re without power for a few days to a week (the prospect of this freaks me the heck out, honestly), you’ll need to have important documentation available to you and you won’t be able to rely on the cloud to get it. Make sure you have some paper records of the most important documents and protect them well away from the elements.

Next, let’s turn it around. What about the data you do have stored locally? I have a number of redundant NAS devices that protect my data in case a drive fails. I even have a backup NAS array to back up the original NAS. Both of those, however, are here in my home office.

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

From a disaster management perspective, that’s okay — but only because it’s part of a larger backup strategy. I also have two arrays off-site, with relatively up-to-date backups, that are powered down. Unfortunately, that off-site location is also in the track of the storm, so it’s not necessarily secure. To back that up, I have the cloud backup services and it’s that triumvirate of protective measures that will, I hope, secure my data.

If you have local data, make sure to keep multiple copies. You might not have time to squirt everything up to the cloud, but at least be sure to move the most critical documents and files.

As the storms approach, be sure to power down your gear and unplug the boxes from the wall. If you’re in a data center, you’ll have to look at your appropriate surge and lightning mitigation precautions, but in a big storm like Matthew, it might be necessary to implement power isolation procedures, if you’ve set them up ahead of time.

Another thing you might want to consider doing is making a dump of your most important data to a spare drive, like the portable external drives I reviewed recently. That way, if you have to evacuate with nothing but the cloths on your back and your laptop, you can grab the small drive and bring it along, and you’ll have most of your most important data.

I won’t lie to you. Big hurricanes are crazy scary. But with some smart preparation, at least you have a chance of making it through as best as possible.

Email archiving—5 reasons why this is the best email feature you never use

Published with consideration from . SOURCE