Business Solutions & Software Group Blog

Email is a crucial part of any modern business, but it’s not always the most fun topic to cover. It’s more of a necessity than something super exciting, like machine learning or automation. Still, this does not make it any less important, so why don’t we discuss some of the ways you can make sure your organization’s email server is as secure as possible?

The ransomware attack against Kaseya’s VSA servers for approximately 1,500 organizations was yet another major challenge for businesses to overcome, and while most of the affected companies did not give in to the hackers’ demands, others felt forced to pay the ransom. The problem, however, is that some of those who did pay the ransom are now having trouble decrypting their data, and with REvil MIA, they do not have the support needed to decrypt their data.

While there are plenty of ways for a business to secure its resources, there are just as many ways for your employees to undermine these protections… often without even realizing that they’re doing so. Let’s focus on some of the cognitive biases that you and your team members might experience when it comes to your security.

It seems like there is a new data breach every time we turn around, and in most cases, these breaches expose the personal data of many people. The most recent breach in this troubling trend is for the popular social media website LinkedIn. This breach exposed 700 million profiles, an event which led them to be sold on a popular hackers forum. The scary part? LinkedIn denies that there was any data breach.

The 2020 hack of SolarWinds saw a major disruption of the supply chain for many organizations around the world, including the U.S. government, but a recent survey shows that these organizations have felt varying degrees of effects from the hack itself. Furthermore, many have taken the hack as evidence that further information sharing must occur if we are to ever take the fight to cyberthreats.

Ransomware is a threat that has seen exponential growth in recent years. We have witnessed it grow from a minor annoyance to a considerable global threat. Even the U.S. Justice Department has issued a declaration that they would begin investigating ransomware in much the same way that they would terrorism cases. Let’s take a look at how this policy could change the way your business should respond to these threats.

Any organization that holds medical records or other healthcare-related sensitive data needs to consider legislation and organizations that govern the privacy of those records. In this case, we are referring to HIPAA, the Health Insurance Portability and Accountability Act, and HITRUST, the Health Information Trust Alliance. These two acronyms are incredibly important for healthcare providers in the United States to understand.

The recent hack of Colonial Pipeline has led to no shortage of problems, chief among them gasoline shortages all across the east coast of the United States. The pipeline’s operations may have been restored, but the question still remains: what could have been done to stop it, what can we learn from this incident, and what changes can we expect to see as a result?

Everyday life relies on software to keep going, a phenomenon that is perhaps most visible in the business environment. Unfortunately, it is this software that can prove to be the point of egress that attackers need to your network. Let’s consider a commonly overlooked aspect of IT maintenance—patch management—and why it is so crucial to a business’ operational success.

Data is one of—if not the—most essential resources a business has, which means it is essential that you take the steps to protect it in every way possible from every potential threat. This includes those that could originate from within your own organization. Let’s consider the case of Xiaorong You, who was recently convicted of conspiracy to commit trade secret theft by a federal jury.

One of the most terrifying situations your business can encounter is when it’s clear that you’ve been hacked. It can cause extreme anxiety regardless of what size of a business you run. The most important thing is to know how to react to mitigate the damage to your business’ network and reputation. Let’s go through a few steps you need to take if you’ve been hacked.

Running a business of any size comes with more than its fair share of risks, particularly if that business is on the smaller side. One major risk factor is the prospect of cybercrime and the impact it can have on a business. Let’s look at how this particular risk can influence the challenges that businesses must now contend with.

Ransomware attacks are notorious for their expense to the victim—largely because of the various costs that come along with successful ransomware infections, including many that might not be expected at first. Let’s review some of these costs, if only to reinforce the importance of avoiding ransomware as a rule.

For the small, but growing business, there are a lot of risks that could potentially harm their ability to stay in business. One of those risks comes in the form of cybercrime. Over the past several years, small and medium-sized businesses (SMBs) have improved the ways in which they combat cybercrime. Let’s take a look at some of the problems SMBs have to deal with.

If there is one kind of online scam that people need to be more cognizant about, it would be phishing—where a scammer tries to hack the user instead of the computer, tricking them into sharing sensitive information. Phishing can come in enough forms that it has splintered into a few different varieties to watch out for. Let’s go over what a basic phishing attack looks like, some of the different types you may encounter, and how to deal with such an attack appropriately.

When most of us think of cybercrime, we’re thinking about a lone hacker in a dimly lit room—or, at most, a few hackers hunched over their computers in a dimly lit room. However, to remain restricted to this impression would be inaccurate—particularly when you consider the very real threat that state-sponsored cyberattacks can just as easily pose.

Most businesses fall under some type of regulation that demands compliance. This will be especially true as data privacy concerns turn into further regulations. Most of today’s compliance standards are centered around data security, so you’d figure that if a company is compliant with the regulations their operations fall under, that would mean their business is secure. Unfortunately, the two terms aren’t always synonymous. Today, we will discuss the difference between security and compliance. 

Passwords are a crucial element of your online security in terms of keeping threats from being able to access your accounts and resources. Unfortunately, for fear of accidentally locking themselves out of their accounts, many users have gotten into the unfortunate habit of taking shortcuts when it comes to their use of passwords. Let’s try to fix this by going over a few ways to design a password that is both memorable and sufficiently secure.

Preserving cybersecurity requires the person responsible for doing so to consider every component and connection associated with their technology, down to the smallest minutiae. Let’s consider a sizable example that comes from a narrowly avoided disaster in the Democratic Republic of Congo, that could have potentially left millions of Internet users exposed to serious threats.

While many people seem to have little problem sharing their data with social media platforms, there is definite pushback against sharing the personal data generated by a messaging platform. This can be witnessed in WhatsApp, the cross-platform messaging application whose main selling point has been its end-to-end encryption, and its announcement that its users will soon be forced to share their personal data with Facebook (which acquired WhatsApp in 2014).