Why 2-Factor Authentication is Important

by

You hear about hacks all the time. The news covers major websites who have had data leaks containing your email and password. Computers get infected and capture your login details for bank accounts and credit cards. In the worst cases, identity theft occurs because it is an easy crime to commit with a high reward.

In 2020, the passwords you used to trust to keep the bad guys out of your accounts are not enough anymore. Cyber attackers now use methods such as phishing, pharming, and keylogging to steal your password. Some have the power to test billions of password combinations to brute-force their way into your accounts.

If you’re like the majority of people, you use the same password for several websites. That means anybody who has that password has access to everything you’ve logged into with it. In a time when it is extremely easy to look up what a person named their first pet or high school mascot, security questions aren’t much help.

Consider how a jewelry store operates. They don’t simply keep their valuables locked away with one key. There are alarms ready to be triggered, motion detectors, and sometimes even bars on the windows. Your data is valuable, just like jewelry. You need more than one line of defense to protect it.

In the computer world, your second line of defense (after your username and password combination) is called “2-factor authentication” (2FA). Sometimes it is also referred to as multiple-step or multi-factor verification (MFA), 2-factor authentication is a way to double check a person’s identity by proving you have something like a cell phone or fob. This can be enabled every time a person logs in or just under certain circumstances. For example, signing in from a new device or different country might trigger a 2-factor authentication prompt.

Many of the services you may already use, such as Facebook, Gmail, Xero Accounting, and more, have 2-factor authentication options available. If your bank has ever sent you a special code through text or email to enter before logging in, you’ve already used a type of 2-factor authentication. They can also be in the form of a smartphone app or a physical electronic dongle.

2-factor authentication is absolutely crucial for online banking, email, and online shopping such as Amazon or PayPal. It’s also a must-have for cloud storage accounts (like Dropbox or Sync), password managers, communications apps, and productivity apps. This is especially true if you frequently use the same passwords for different websites and apps.

Some may consider 2-factor authentication unnecessary for social networks, but these are actually very important to keep safe. For ease, a lot of websites and apps allow you to sign up through your Facebook or Twitter account. You need to keep these networks safe so that somebody with your password can’t suddenly get into every account you have linked.

The point of using 2-factor authentication is to make hackers’ lives harder and prevent them from getting into your accounts. If they have captured your login username and password, they still need a second device to get in, especially when the computer or phone they are using has never logged into your account before. This makes it significantly more difficult for anybody to breach your account.

Plus, if you receive a notification with a special code to enter for logging in, and you weren’t trying to log into that account, you have a good signal that somebody else was trying to get in. That means it’s time to change that password and be grateful you had 2-factor authentication.

It’s unfortunate that there is currently an abundance of skilled hackers ready to take advantage of those unprepared. Luckily, you can still stop them -even if they have your login information at hand. 2-factor authentication is one of the easiest methods to keep your accounts safe.

Give us a call at (515) 422-1995 to help secure your business and accounts.

It’s Official: Your Business NEEDS to Use HTTPS

by

You may have noticed many business websites now have a green padlock or lock symbol in the address bar next to the letters ‘https’. Until recently, you’d only see that on shopping or banking sites, but it’s now become the expected norm for all business websites – even if you don’t ask people to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent/received by the visitor is encrypted.

Clearly, it’s an essential feature for e-commerce sites, but why have all the info-only websites started using https too?

The New Google Rule

As of July 2018, Google started marking your page as insecure unless you’re using https. It’s a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, businesses have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That’s why eighty-one of the top 100 sites online have already switched to https and a strong majority of the web is following suit.

The Browser Bar Says It All

In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect non-https sites to be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate non-secure sites. The shift to plain sight markers will be most noticeable on Chrome, however it’s expected that other browser developers will follow suit. Visitors may then be alarmed by landing on your site and seeing that the connection isn’t secure.

The fact that you may not be asking them to log in, enter personal details or payment is irrelevant. You may not be asking them to enter anything at all, but perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on unsecure sites. As the common understanding is that a warning = bad, you may get more visitors bouncing away within seconds or even contacting you to report that your site has a problem.

Boosts for Secure Sites

Google is taking its commitment to safe web browsing further by favoring https. That means the search algorithm is taking your site security into account, preferring to display results that it knows will protect users from hackers. Since https status gets the nod, you may find yourself climbing in the ranking while other businesses scramble to catch up. It really is a win-win situation.

What to Do Next

In an ideal world, your site would have a secret switch on the back-end you could flick over and suddenly be https, but it’s a little more complicated than that. In fact, you may have already noticed some sites experiencing trouble with the migration. When the setup goes wrong, users don’t see your website with a little warning in the corner, they’re blocked by a full page error and offered a return to ‘safety’ (away from your site).

The easiest way to make the move to https is to contact your IT technician or web developer, as they’ll be able to make sure you’re keeping Google happy and rolling in the green.

We can migrate your site to https – call us today at 515-422-1995

Is A Slow Network Getting in The Way of Your Business?

by

Very few things in life are as intensely frustrating as slow network speeds. Whether accessing a shared database, sharing files between computers, or sending a file to print; waiting for transfers can seem to take an eternity. Worse still, these business breaks can keep both clients and staff waiting and get in the way of the productive business day.

Every time you save or retrieve files from another computer or network storage device, file transfers have to be made over the network. Depending on your IT setup files can pour over the network with the ferocity of a fire hose, or trickle between machines as if dripping through a drinking straw. Poor network speeds are often a critical bottleneck that slows down the entire IT system. If a slow, frustrating, and unreliable network sounds like your office setup then there are many available solutions we can use to help.

Often, offices maintain networking hardware that is as old as the premises they are in or the businesses themselves. Components can be left in place long after their suggested expiration date. If it isn’t broken, don’t fix it commonly rules as long as some working connection, however slow, still remains.

Yet, outdated hardware in key areas can often slow the entire system down. Even when the rest of the network is capable of ultra-high speeds, a single bad component can bring the entire network to a crawl. Sometimes if it isn’t broke, it still might not be working to its full potential. Even peripheral devices throughout the network can cause traffic to slow. A badly installed device may become lost from the network or send out an overwhelming number of messages that spoils network traffic. Defense against errors and vulnerabilities is more simple than many think. Often just one or two small upgrades is all that is needed to unlock the full speed potential of the network.

For some businesses adding a dedicated server is an ideal solution that can balance the IT workload. Access to centrally shared resources often benefits the entire organization by eliminating redundancy. A network server is built with efficiency and reliability in mind to keep your business running at full capacity. By pooling resources for everyone to use, work is evenly shared and centrally available to prevent bottlenecks in the system. Reduced network loads, improved efficiency, and faster transfer speeds mean that higher productivity becomes the new normal.

Moving resources outside of the office can work for many businesses too. Where high speed, low-cost internet services are available, moving your work into the cloud can be a highly cost-effective solution. Software packages such as Quickbooks offer finance and accounting packages for operating in the cloud. Similar Suites such as Microsoft Office offers services for creating and sharing documents with cloud resources. Both packages eliminate the need for many of the network operations that we use every day.

For many applications such as Quickbooks huge databases sometimes gigabytes in size are required. It is these types of applications where the advantage of the cloud becomes clear. To use this locally, huge database transfers keep the application up-to-date daily.

These transfers across a local network are time-consuming and clog up vital resources for the firm. Yet, the same application in the cloud requires only a simple web page for each user. Instantly, looking up finances and editing documents becomes as simple as checking your email. With services moved to the cloud purchase cost and maintenance of expensive network hardware are reduced too.

A complete network solution that works to make the most out of all the available resources is unique to every business. Only a tailored solution to address your network needs will increase your productivity.

If your IT is starting to get in the way of your business and your network is running too slow, give us call at 515-422-1995 and we’ll see what we can do.

Storage Struggles? How to Keep Up with the Data Explosion

by

The digital boom presents us with brand new problems too. By moving all our files into a digital space, the amount of storage we need to maintain has grown larger and larger just to keep up.

As digital technology has improved, the resolution, clarity, and size of the digital files we create has exploded. Items such as Xrays, which used to be printed on film are now digital files transferred by computer. As a result of the increase in both the number of digital files we use and their ever-growing size, the size of the data we need to store has exploded exponentially.

There are a number of ways in which we can tackle our ever-growing storage problem.

Local server or Network Attached Storage (NAS)

A local server is a machine physically located within your own office or building. These are typically designed to serve many files to multiple clients at one time from locally held storage.

The primary advantage that a local network server has is that all your vital data is available to all users in one central location. This means that employees across the network can access all the resources made available.

These machines can serve files at the speed of the local network, transferring large projects, files, and documents from a central position within the network with ease.

A NAS has many of the same network properties, typically packaged as a smaller profile, low powered computer. A NAS is specifically designed to enable network file sharing in a more compact package. These can be available in units small enough to fit in a cupboard nook and yet still provide staggering storage capacity on only a small amount of power.

Both a local server and NAS device allow for large amounts of storage space to be added to the local network. These units are often expanded with more and more storage over time. As an organization grows over time, so do its data storage requirements.

Cloud Storage

Sometimes the best option for storage is to move your ever-expanding data outside of the business completely. Often, offloading the costs of hardware and IT management can work out to be an intelligent business decision. One that provides freedom and flexibility in your data storage needs.

The major advantage of cloud storage comes from the ability to expand and contract your services as needed without the unnecessary overhead of adding and maintaining new hardware.

By moving storage to the cloud, data can be accessed from anywhere in the world. The flexibility provided by cloud storage allows limitless expansion to any number of devices, locations, and offices. Being able to access data from many locations at a single time can often provide a valuables boost to productivity that can help to speed projects along.

Some of the drawbacks of cloud storage come from factors that may be outside of the control of the business. Not all internet connections are found to be up to the task of handling large amounts of data to and from the cloud. In some cases, the infrastructure is quite simply not in place yet to support it.

IT security regulations can prove to be a barrier to enabling storage in the cloud too. Some regulations either prohibit the feature entirely or enable only certain specific types for use.

The Right Choice for your data

Both cloud and local storage can provide further benefits to enhance your business. Audit logs, central backups, and version control can all be used to secure the way your firm handles data.

Whatever your situation, whether a small NAS can boost your office productivity, a local server can provide the connectivity missing from your firm, or cloud storage can switch on new resources, we can advise on the best choices for your business.

Give us a call at (515)422-1995 to allow us to use our expertise to make the right chose for your data.

Stay Ahead of the Curve with an IT Lifecycle Plan

by

All appliances have an effective lifespan. Computers are no different. In some cases, parts physically fail after years of service, in others they simply become too slow and too ineffective to keep doing the job. Hardware failures and IT issues can cost big in productivity losses, urgent fixes, and unintended downtime.

Improving productivity and lowering costs are the primary driving factors in why many modern businesses choose to adopt IT life cycles.

IT Life Cycle

The IT life cycle aims to make IT budgets predictable, manageable, and reduce costs across the department.

This process starts with a thorough plan outlining the demands of the business. By looking at how and where equipment is deployed we can make the most out of the resources throughout the business. The first step is to reduce equipment duplicated and underused within the firm.

With a big picture approach, equipment can be scheduled for upgrade or replacement at predictable intervals based on use. With a plan in place, the focus of the life cycle can shift to resource procurement. As equipment approaches the end of its effective lifespan it can be brought in for replacement, repair, and recycling. Old hardware and components are often reused and recycled in new roles as they are decommissioned from their primary role.

By maintaining as many usable parts as possible we help lower costs of keeping efficient hardware in the front line business environment. This approach helps a huge number of businesses keep modern, up to date hardware in crucial roles where it can serve the biggest impact for the business.

Making the most of resources

Computers in a busy business environment will always need eventual replacement over time. It is important to plan and prepare for this end of service life to limit unplanned downtime, increasing costs and losses in productivity. Doing so helps to plan a regular, predictable IT budget, less prone to sudden financial spikes.

The IT life cycle additionally allows the business to stay on top of software licenses, upgrades and Operating System changes. By cycling old and out of date systems from the network, security vulnerabilities are dramatically reduced and easier to patch.

Additional financial security comes from manufacturer warranties for businesses that adopt the life cycle. As new equipment is purchased into the firm, manufacturer warranties provide guarantees about the handling of defects and hardware issues. This warranty may cover all, or most of the duration of the equipment’s intended life cycle.

The extra coverage provides an extra layer of financial protection from unpredictable IT issues.

In control with information

Tracking the life cycle of your own firm provides invaluable metrics about how equipment use and deployment within your own production environment. Armed with this unique knowledge, better purchasing decisions can be made to equip your business with the tools needed to succeed.

Budgets can be put to better use, getting the important high-value resources to the places in the businesses that need it most. The ones where they will generate the most value for the firm.

A key factor in getting the most from your firms IT is making sure the resources put into the company don’t sit idly on a shelf after purchase. The insight gained from metrics related to the life cycle ensure that management stay fully informed.

A complete picture puts your business back in control of its IT by allowing you to choose the best, most efficient, and most cost-effective time to replace critical IT. Firms can plan replacements and servicing outside of busy periods so they can operate without interruption and know their IT is fully serviced when they need it most.

Planning for the future

With a fully planned, fully prepared life cycle, IT budgets can be planned in detail for years to come. Everything from printers to operating systems can be prepared on a tightly controlled schedule.

Businesses worldwide have adopted IT life cycles as a way to eliminate unwanted surprises, lessen productivity losses, and make the most out of IT budgets. Implementing or redesigning your own IT life cycle can greatly improve the way your business operates.

Talk to us about how you currently do IT today and we’ll see if we can’t make the life cycle work for you. Give us a call at (515)422-1995.

How Losing a Mobile Device Puts Your Entire Business at Risk

by

Losing a mobile phone or laptop is an experience that everyone dreads. The expense and inconvenience of buying a new device is unpleasant, but only represents a fraction of the damage done when a device is misplaced. The cost of data contained within every device can add up to many times more than the total value of the device itself.

Chances are, you already use automatic login on a large variety of online services. Each of these services are vulnerable to an attacker having possession of your device.

Usernames and passwords – An obvious place for an attacker to start is the likely long list of usernames and passwords saved for future use by your browser. This is often done to save time when logging into sites that you visit often. Almost universally, people opt to save login information so that they don’t have to attempt to remember it every time they return.

In only a short amount of time, a browser is trained to log in to your Facebook, cloud storage, and bank details just by visiting the page using your regular device. These details, called up by the browser, are saved in a single list accessible to anyone with access to the device. For an unscrupulous stranger with a found device, this list represents a goldmine of information. Simply by finding a phone misplaced in public they may gain access to a huge array of services.

The problem can be made many times worse where a single password or a combination of similar passwords have been used across several accounts. In some instances, an attacker need only gain access to a single one and reuse the same stolen credentials across many sites and services.

Email – Email accounts are a key target for attackers looking for access to your personal information. It is a service that many take for granted, logging in once the first time they set up the device and using automatic login every time after. It is a service that also unlocks a great deal more than just private messages. Of course, an attacker having free access to read your personal emails is bad news, but with email access a malicious user can gain access to many of the most commonly used web services online.

Using the “forgotten password” button on many sites triggers a response that emails a password reset link to the email address registered on file. An attacker may use this feature to reset account passwords to one of their choosing. Doing this both grants themselves access to your account and denies you access to rescue it.

Contacts – One of the best features of instant messaging is that your contacts know the messages come from you. When a message is sent from your device to someone you know it displays along with your name, details, and likely a photograph too. This can lead to identity theft, one of the biggest concerns of a lost or stolen device.

With contact information already programmed in an attacker has an opportunity to impersonate you when speaking to anyone in your contacts list. Using your identity, an attacker may attempt to steal yet more details about you and your contacts.

Social Media – Your social media accounts are often the face of your brand. They can be a primary way to reach out and contact customers. They are almost always the first point of contact a client has with your business. They are also extremely vulnerable to being hijacked from a stolen device.

Fraudulent social media access can allow attackers to harvest both client and business data. Even without profiting directly, posting privileges can be used to cause irreversible damage to a business.

Protecting your business – Services, accounts, and entire businesses can be put in great danger by something as simple as misplacing an unsecured mobile phone or laptop computer.

We can help you to stay secure and remain in control even in the face of losing a device. Give us a call at (515)422-1995 and let us help secure your business.

The Top 5 IT Security Problems for Businesses

by

Companies that suffer security breaches nearly always have one of these IT security problems. Is your company guilty of any of them?

No Backups

A shocking number of businesses are not backing up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Not only should every business be fully backing up their data, but their backups should be regularly tested to work too. It’s a step that businesses miss surprisingly often. Many businesses don’t find out that their backup can’t be used until it’s already too late.

Reactive and not proactive

The world is constantly changing. The IT world doubly so. Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond. The result is higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don’t have to break or compromised before they are fixed. The result for your business is less downtime, fewer losses, and lower IT costs.

Weak Passwords

A surprising number of people will use the password “password” to secure some of their most important accounts. Even more still will write their own password on a post-it note next to their computer. In some cases, many will even use no password at all. Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too. When system changes are made it’s often essential that the account that made changes is secured to the right person.

With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.

Insufficient Staff Training

Humans in the system are commonly the weakest point in IT security. Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate. If staff aren’t trained to use the lock, it’s worth nothing at all.

Often times businesses can justify spending big on security for the latest and greatest IT defenses. The very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely.

Weak Data Controls

Some companies can take an ad-hoc, fast and loose approach to storing professional data. Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices. These are famously prone to being misplaced or stolen out in the field along with vital client and security data.

It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business. The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since the firm was first founded. Critical data is often held on single machines that haven’t been updated precisely because they hold critical data. Such machines are clearly vulnerable, outdated, and prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you need help securing your IT to protect your business, give us a call at (515)422-1995.

Business Tools to Take Your Business Out of The Office

by

Being engaged in business used to mean staying wired in at the office eight to twelve hours a day. In the modern day, this is completely untrue. Often the most efficient workplace is spread far and wide and always on the go.

Today you can completely unplug from your desk with just your laptop computer and 4G modem. The freedom to work out of the office and even on the move is a huge advantage gifted to modern business. A simple mobile phone tether is enough to work from anywhere in the world.

The Right Tools for the Job

The most important part of working on the go is ensuring you don’t lose touch with your team. Maintaining total collaboration between team members can be tricky. Luckily, there are tools that will help you to stay on top.

Microsoft Office 365 provides the traditional tools and support of Microsoft office, but adds remote team collaboration and cloud support too. Files can be saved into the cloud, worked on, and accessed anywhere for review. At one time, remote working meant taking a copy of a file somewhere else to work. Changes to the original weren’t reflected in the remote copy and at least one version was destined to be lost forever.

Software packages such as OneDrive allow the entire team to work on a single centralized file saved to the cloud. Whether you edit on a beach, plane, or train; your team in the office gets the same version you do, at the same time.

Collaborative Working

The key to remote working is the ability to collaborate in a digital space with everyone at once. Modern software such as Office 365 allows all team members to be working on a single document at the same time.

Whether the project calls for killer spreadsheets, expertly crafted documentation, or a knockout presentation; everyone can pull together and hit it out of the park.

Even when you’re not working out of the office or busy on the road, collaborative software can help to power your team working locally too.

Admin Done Remotely

Modern software has impacted the way in which we do bookkeeping and accounts too.

Similar to being tied to your desk in years gone past; accounting software was once stuck solidly in the desktop too. Previously, batch runs of calculations were required to provide reports on a weekly, bi-weekly, or monthly basis. Today, cloud computing has opened up ways to speed up business in ways we couldn’t have imagined.

Cloud-based accounting packages such as Xero or Quickbooks Online allow for your accounts to be done remotely. Moving the resource and strain out of your firm takes it out of sight and out of mind.

Security and maintenance of your accounts databases, for example, falls to cloud professionals instead of your business. Rather than waste company time on submitting documents and calculating taxes they are done in the cloud and submitted to you instead.

Make your Accounts Work for You

Maintaining your accounts is made as simple as logging into a single portal. This tool allows you to take both your admin and your work out of the office and keep it on the go.

By the time your accounts are due, your accountant simply has to log in remotely and pick up where you left off. By the time taxes are due the work is done and you can get on with the important things.

Getting work done out of the office and on the go is a huge boost to productivity. Modern technology enables you to keep team members up to speed, continue collaborating, and even stay on top of your accounts from anywhere in the world.

Give us a call today at (515)422-1995 to talk about how we can help you unwire from the office.

Protect Your Firm Against Zero-Day Attacks

by

Protecting your business against the latest IT threats should always be a top priority. Updating antivirus and patching your operating system is a great way to start. What happens, however, when a threat appears at your door before security firms have had a chance to catch it?

A security threat that exploits a previously undiscovered vulnerability in the computer is known as a zero-day threat. The name “zero-day” is designed to imply how long since the vulnerability was discovered. The term also indicates that system developers have had zero days to fix it.

A newly discovered attack might be packaged into a computer virus or worm. This will allow it to spread far and wide while inflicting the maximum amount of damage possible. When spread successfully, a new exploit has the potential to reach hundreds of thousands of computers before an operating system or anti-virus update can even be issued.

There are a number of ways we can protect your business or lessen the damage from a zero-day attack.

Preventative security

The number one way to mitigate the damage from any attack to your system is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date antivirus is the best step you can take to ensure the security of your system.

A firewall, monitoring traffic in and out of your network, reduces unauthorised entry over the network. Even without knowing the exact nature of the attack, suspicious activity travelling in and out of the system can be stopped.

The same is true of modern Antivirus. Even when it can not identify the specific zero-day threat from its virus database; it can often identify malicious intent from learned behaviour in the system.

A Locked Down Network

Should a zero-day threat make it into your network, our next goal should be to limit its effects. By restricting user access to only essential files and systems we can limit the damage done to the smallest number of systems. Good security policy dictates that each account should only have full access to the systems needed to complete the user’s job. For example, users from the accounts department shouldn’t have access to sales department databases.

In this way, the damage of a single compromised account is limited to only the network area it operates in. Such limited impact should be easy to control and can be reversed with regular backups.

Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are your protection against major lasting damage. Having a good backup means having the procedures in place to both create regular backup copies and make sure they can be restored at a later date.

Reliable and well-tested backups are worth their weight in gold. Knowing your data is safe and your system can be recovered is peace of mind against even the most highly destructive zero-day attacks.

Intrusion Protection

While the precise methods of a zero-day exploit can’t be known in advance, a network intrusion protection system (NIPS) can monitor the firms’ network for unusual activity.

The advantage of NIPS over a traditional antivirus only system is it does not rely on checking software against a known database of threats. This means it does not need updates or patches to learn about the latest attacks. NIPS works by monitoring the day-to-day patterns of network activity across the network.

When traffic or events far out of the ordinary are detected action can be taken to alert system administrators and lock down the firewall. Devices such as USB drives and mobile devices can all introduce threats to the network. They can often make it past the firewall because they are physically introduced to the system.

NIPS protects against threats introduced to the network from both external and internal sources.

Full Cover Protection

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms haven’t patched yet. We think it’s important to keep your firm secure whatever it might come up against in the future.

If you could use help protect your business against online threats, give us a call today at (515)422-1995.

Protecting A Business from Internal Threats

by

When considering IT threats to your business many articles focus on hackers, viruses, and attacks from external threats. These dangers are real, constant, and easily identifiable. In many cases, however, the largest threat to a firm comes from inside the business itself.

People inside the firm often pose the largest single threat to systems and security. These individuals often have trusted access and a detailed working knowledge of the organization from the inside. Employees therefore deserve the largest security consideration when designing a safe business system.

It is important to first distinguish the type of dangerous employee we want to defend against. We’re not talking about an otherwise model employee accidentally opening a malicious email or attachment. Rather, a disgruntled employee seeking to do damage to your business. An employee who may wish to destroy services or steal clients and files from your firm.

Security Policy

Some firms, particularly young businesses, grant employees system-wide permissions from day one. This can make administration appear simple, preventing further IT requests in future. Granting system-wide access is an inherently risky strategy.

Private information relating to the business should be restricted access information. Many types of files need to remain confidential, often as a legal requirement. Human resource files, salary information, and employee documents should be limited to only a select few employees. Yet, businesses often keep confidential information in public places on the network.

Granting system-wide read and write access can appear to save time short term. It is, however, a security policy which only serves to cause security, administration, and potentially legal troubles in the future.

The Principle of Least Privilege

The principle of least privilege is a vital tool, helping you to handle internal IT security. It defines a security policy which ensures staff can access only the resources, systems and data they require to carry out their job.

The policy protects the business from many different types of threat in day-to-day operations. Even where malicious attachments have been opened by accident, the damage is limited only to the work area of a single employee. This results in contained damage, less time needed to restore from backup, and drastically reduced downtime for the firm.

Along with limiting accidental damage, malicious employees looking to destroy or steal data are limited too. With restricted access, an employee with a grudge or profit motivation can only damage or steal from their own area of operation. This helps to ensure that no single employee can damage the entire firm’s operations.

Security Policy In Practice

A member of staff within Human Resources, for example, may have read and write access to the employee database. This will likely include payroll information and sensitive data. This same member of staff would have no need to access sensitive client data, such as sales information, in normal working conditions.

Likewise, a staff member from the sales department should have no need for accessing sensitive HR records.

Using the principle of least privilege, each employee may only have full access to systems that are directly related to their role. Similarly, some systems may be visible to a wider group of staff members even if they can only be edited or removed by one or two people.

In some cases, a security policy may be defined by even finer details than a person’s role within the organization. An HR employee should not be able to edit their own file to change salary information for example. An employee file might only be edited by their superiors in such a case.

Additional parameters can be used to assign privileges to enable the business hierarchy to work within the IT network. Seniority, physical location, and time are all examples of factors that can restrict access to critical systems and secure data.

We can tailor your network to your business, locking down your data to ensure data is only accessed on an “as needed” basis. Call us at (515)422-1995 now.

Click to see our BBB Report

VISIT US