Posts

Apple security threats

The hearsay that Macs cannot be infected by viruses or malware couldn’t be further from the truth. There are plenty of cyberthreats that pose risks to Macs, so if you’re a Mac user, you should prioritize your device’s security. The good news is that protecting your Mac is simple and easy. Just follow these steps.

Check your privacy settings

Make sure that your Mac settings are set up properly to keep your data safe. Manage the information your Mac makes available across the internet or on a network by going to Apple menu System Preferences Security & Privacy Privacy. From there, you can choose which information to share and with whom. For example, you can specify which apps are allowed to see personal information, such as your location, contacts, photos, or music.

Take advantage of the firewall

A firewall protects your Mac from unwanted contact initiated by other computers on a network or the internet. It protects your computer by allowing only authorized services and apps to communicate with your Mac, so be sure to enable macOS’s built-in firewall.

To do so, just go to Apple menu System Preferences Security & Privacy Privacy then, click Firewall. If the padlock icon at the bottom left is locked, click it and key in your username and password. Enable the firewall by clicking Turn On Firewall.

To modify Firewall settings, click on Firewall Options… just below the “Turn Off Firewall” button. You will find a list of services and apps that are allowed to receive inbound connections. If you want to add an app or service to the list, just click the “+” button below the list itself. However, we recommend keeping this list as short as possible, as the apps listed can be exploited by cybercriminals.

Another useful feature to enable is stealth mode. This option will make your Mac more difficult to find, thus keeping hackers and malware at bay. For instance, if you are in a coffee shop and connected to its unsecured Wi-Fi, enabling stealth mode will make your Mac invisible on that public network. To turn on this feature, just tick the box next to “Enable stealth mode” in Firewall Options. A dialog box will pop up, and you can click on the “Enable Stealth Mode” button.

Set up a firmware password

Every new Mac today has the FileVault encryption automatically enabled. This means that your device already encrypts the hard drive by default, and the only way your data can be accessed is by logging in. Keep in mind, though, that this feature won’t necessarily save your account in case someone reinstalls the operating system or uses a memory stick to boot the Mac and remove all data from your hard disk.

To increase protection, set up a firmware password. Do this by restarting your computer, then pressing and holding down Cmd+R before the Apple logo shows up on the screen. You can let go of the keys once the progress bar pops up.

When the utilities window appears, click on Utilities in the menu bar, then choose Startup Security Utility or Firmware Password Utility. Click on Turn On Firmware Password… and simply follow the succeeding instructions.

Finally, quit the utilities window, then choose Apple menu Restart. Make sure to never forget or misplace your firmware password, because only Apple technicians can recover it.

Ensure that your confidential data remains private by performing minor tweaks on your Mac’s system settings. It takes only a few minutes to ensure lasting online protection. If setting up a firewall or firmware password sounds a little too advanced for you, or if you need to set up more advanced defenses, don’t hesitate to get in touch with our experts.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Remote work policies have become a necessity not just because of the current coronavirus crisis, but also for the ways they improve a company’s bottom line and efficiency. Yet despite remote work’s benefits, it leaves you and your company exposed to online scams and other cybersecurity threats. To defend your company and your remote workers, make sure to heed the following tips.

Fortify user accounts

When everyone is working remotely, user accounts must be properly secured. One way to achieve this is by setting at least 12-character long passwords with numbers and special characters mixed in to make them more difficult to guess. More importantly, these passwords must be unique to each account, to minimize the damage if hackers do manage to compromise one set of credentials. If you find it difficult to generate and remember login details for all your accounts, consider password managers like LastPassDashlane, and Keeper.

To further strengthen your accounts, however, you’ll also need to enable multifactor authentication (MFA). This adds another layer of identity verification — like fingerprint scans or one-time activation codes generated by SMS — to make it more difficult for cybercriminals to hijack your accounts.

Use a virtual private network (VPN)

VPNs are primarily known for circumventing geographic restrictions on location-specific websites and streaming services, but they’re also a crucial tool for remote workers. A reliable VPN creates secure connections between devices and networks by encrypting internet traffic. This hides web activity from prying eyes, protecting your employees’ online privacy, and mitigating the risk of hackers stealing company information.

Patch your software regularly

Although installing software updates can be a major nuisance, they cover critical weaknesses and protect your systems from the latest threats. Most apps now offer an automatic update feature so you don’t have to manually patch your software.

Another option for your business is patch management software. These track patches on employee devices and distribute the most recent updates on a company-wide scale.

Set up firewalls and antivirus software

Make sure to enable firewalls in your operating systems and hardware. These provide a strong layer of protection between your device and the internet, preventing malicious programs and other network threats from reaching your device. Your managed IT services provider (MSP) may also provide third-party firewalls in case your computers don’t have any built in by default.

In addition to firewalls, you’ll also want to implement antivirus software to detect and remove any malicious programs that do manage to find their way onto your device. Just remember to constantly update the software so it can effectively detect the newest malware.

Secure home routers

Home Wi-Fi routers are not as thoroughly secured as their business counterparts so take extra precautions to safeguard them. For starters, change your router password as soon as possible because hackers can easily break into them once they know the router model. You should also install the latest firmware updates to eliminate any security vulnerabilities.

Finally, check whether your router has Wi-Fi Protected Access 2 (WPA2) encryption settings to secure inbound and outbound traffic. If your router doesn’t have this setting, you’re overdue for an upgrade.

Back up your data

Important files must be backed up regularly in the cloud and your external hard drive. This way, you’ll always have a copy of your files in case of a major data loss incident like ransomware or a power outage.

Watch out for online scams

The biggest threat remote workers face is online scams. Phishing emails may entice you with free coronavirus test kits in exchange for personal information. Some cybercriminals may even masquerade as legitimate companies, CEOs, or friends to trick you into clicking on dangerous links and attachments.

To avoid these threats, you must be critical of everything you see online. Look for any suspicious links and attachments, grammatical errors in the email body, and misspelled email addresses. Plus, never give out sensitive information to an unsolicited email, text message, or phone call.

Working from home poses many cybersecurity challenges for businesses, but you don’t have to address them alone. If you need guidance with setting up firewalls, avoiding scams, and even enabling MFA, we can provide the IT support you need in this difficult time.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

As businesses have become more reliant on digital technology for day-to-day operations, they’ve also become a favorite target of internet threats. If you want to protect your organization from cyberattacks, make sure your security is clear of the following flaws.

Open wireless networks

With one main internet line and a couple of wireless routers, a whole office can go online. A wireless internet connection saves money, but there is an inherent risk that it’s an unsecure network.

If you need a secure network, plugging in a wireless router and creating a basic network is not enough. If you don’t set a password on your routers, then anyone within range can connect. With fairly simple tools and a bit of know-how, hackers and criminals can start capturing data that goes in and out of the network, and even attacking the network and computers attached.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with strong passwords. Many internet service providers that install hardware when setting up networks will often just use an easy password for the router, such as the company’s main phone number. These need to be changed.

Email is not secure

Most companies that have implemented a new email system in the past couple of years will most likely be secure. This is especially true if they use cloud-based options or well-known email systems like Exchange, which offer enhanced security and scanning.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as “clear passwords”’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and compromise your systems and data.

If you are using an older email system, it is advisable to upgrade to a newer one, especially if it doesn’t use encryption.

Mobile devices that aren’t secure enough

Mobile devices offer a great way to stay connected and productive while out of the office. However, if you use your tablet or phone to connect to office systems but don’t have security measures in place, you compromise your networks.

Imagine you have linked your work email to your tablet but don’t have a screen lock enabled, and you lose your device. Anyone who picks it up will have access to your email and all your sensitive information. The same goes if you install a mobile device app with malware on it. Your infected device will spread this malicious program to your entire network and cause major disruption to your business.

Take steps to ensure that employee devices have adequate security, such as passcodes, and that your company has sufficient security policies in place to govern their use. Lastly, mobile device management solutions are specifically designed to prevent your bring your own device (BYOD) policy from being a risk with employee devices causing havoc to your network.

Anti-malware software that isn’t maintained

These days, it is essential that you have anti-malware software installed on all devices in your company, and that you take the time to configure these properly.

It could be that scans are scheduled during business hours. If you install these solutions onto your systems and they start to scan during work time, most employees will just turn the scanner off, leaving your systems vulnerable.

The same goes for not properly ensuring that these systems are updated. Updates are important for software, especially anti-malware applications, because they implement new databases that contain recently discovered threats and the fixes for them.

Therefore, anti-malware software needs to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

Lack of firewalls

A firewall is a network security tool that can be configured to block data traffic from entering and leaving the network. For instance, it can protect data from being accessed from outside the network. While many modems or routers include firewalls, they are often not robust enough for business use.

What you need is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like a managed services provider (MSP), in order for them to be most effective.

How do I ensure proper business security?

The best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you set up proper security measures in place and that they are managed properly. Tech peace of mind means your focus can be on creating a successful company instead.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE