Failure is Not an Option: Getting Rid of Single Points of Failure

by

You might think that your business is going to be OK even if a single device goes down. After all, there are other devices your people can use. It’s not as if the entire system is going to fall like dominoes. Or is it? Get rid of single points of failure to make one vulnerability doesn’t take down your network.

A single point of failure (SPOF) can be a design, implementation, or configuration weakness. Star Wars fans will already be thinking of the Death Star’s ill-designed thermal exhaust port. That was the SPOF Luke Skywalker exploited.

Yet, cybercriminals don’t need the Force to target IT fatal weaknesses. SPOFs for technology include:

  • Having only one server that runs an essential application. Without that server, your employees can’t use that particular business tool.
    • Solution: Plan for the worst with built-in server redundancy. Have multiples of any hardware that is business critical. Migrate to the cloud so you can continue accessing applications, software, and storage.
  • Power outages can wreak havoc on computers and devices operating your network.
    • Solution: An Uninterruptible Power Supply (UPS) device can help prevent intermittent power interruptions to your computers, switches, and modems. Cloud solutions reduce the risk of this problem too. Employees can continue to access data and software working at different locations.
  • Your physical location could also be the SPOF. What if road closures, fire, floods, or a violent storm prevent you from being able to get to the office? Without a backup, you’ll struggle for business continuity.
    • Solution: Pool computer resources in the cloud (servers, storage, applications, and voice services). This provides continued access anywhere, anytime, and often from any device.
  • Sorry to say it, but your people could also be your fatal weakness. Perhaps you have one or even two in-house IT experts who know everything about your technology. But, what do you do if they both quit? Or one is sick and the other is on vacation when something goes wrong?
    • Solution: You can’t have every person become a subject matter expert on all aspects of IT. So consider outsourced IT.
  • You can’t get online without an internet connection. Yet you’re reliant on an external provider for that access. Planned downtime for maintenance is easier to plan around. Still, unexpected issues can cause the internet to go out.
    • Solution: Have a backup solution to pick up the slack if the main connection goes down. A router that supports having a 4G modem, for instance, could be a good failover.

Having one device out of commission is frustrating, but not necessarily the end of the world. But, when the damage wrought by a single weakness spreads business-wide, you could face serious consequences.

Downtime for systems failure or data breaches can be:

  • Expensive – In addition to potential overtime for IT staff remedying the situation and possible revenue losses, your company may also face fines.
  • Time consuming – your people must adapt to a new reality while IT resources are spent trying to get back to business as usual.
  • Reputation damaging – any disruption to business as usual could undermine customer trust and prompt churn.

IT professionals understand the danger of SPOF. Avoid weaknesses that can lead to system wide failures or loss of business information. Partner with computer specialists who can identify and eliminate these vulnerabilities at your business. Contact us today at (515)422-1995!

Security Patches – The Better Way to Update

by

Updates often come at the worst moment. You go to shut down your laptop to rush to a meeting, and you get a “Windows is updating. Do not power off” message. Argh!

Or you leave your desktop to go to a meeting and come back to find your computer has restarted in your absence. Those unexpected bug fixes and performance improvements lost you all your unsaved work.

You know updates are important. They help patch security flaws. These are the vulnerabilities that hackers love to exploit. Updating helps you keep business documents and data safe. Software updates can also add new, useful features and remove outdated ones. Plus, keeping software and systems up to date is good cyber citizenship. Security patches protect from attacks that could also impact employees, customers, and partners.

Updating is a pain but oh so important

The WannaCry ransomware attacked hundreds of thousands of computers in more than 150 countries. Among those infected were the UK National Health Service, FedEx, Telefonica, the Russian Interior Ministry, and more, all because people (and companies) weren’t keeping their computers updated. The later Petya ransomware preyed on the same vulnerabilities, despite the publicity around WannaCry and Microsoft having already released a patch.

Still, people don’t bother updating. According to a Skype survey, 40% of respondents didn’t update their machines when prompted, almost 25% required a second prompt. Nearly 45% worried that installing the update would weaken their computer’s security.

And keeping Windows up to date isn’t enough. Cybercriminals aren’t stopping there, so you can’t either. You also need to be patching third-party applications such as Java or your Adobe suite. More employees are also bringing their own devices to the workplace. Overlooking security updates for these entry points is like leaving a window wide open and expecting criminals to walk by.

Equifax’s failure to update a Java virtual machine proved costly. Hackers accessed over 145 million credit reports in 2017. The company lost more than $5 billion in market cap, and the CEO lost his job.

Businesses need a better way to keep your software security patches current. Here’s help.

Keeping security patches current, conveniently

Avoid the inconvenience of the “Update Now” interruption by setting up automated patching. Patching all your computers or different device types can be time consuming.

Determine when downtime won’t be as disruptive, and schedule patches for that timeframe. This lets you update an entire department when they aren’t there, or patch individual computers around the employee’s schedule. For instance, if your accountant comes in only on Tuesdays, you wouldn’t patch that computer that day.

This approach also creates a consistency your employees can plan around, which allows them to manage all security updates without you having to lift a finger.

To do this, you can outsource the patching to a managed service provider (MSP). The MSP installs remote monitoring and management (RMM) software to manage all security updates without you having to lift a finger.

The RMM software gives your IT partner visibility into your business technology. They’ll track your hardware, software, and network environments to keep ahead of issues. This sets your business up to respond faster to any events.

Using the RMM, the MSP can automate software patching and OS updates to reduce the hassle. The RMM can be cloud-based or on-premises (requires onsite hardware investment).

Conclusion

Automating or outsourcing software updates can improve your security and compliance. Your employees enjoy new features, extended support, and access to the latest technology. A reliable, secure system can improve stability, speed processes, and drive increased productivity.

Get expert help determining patching priorities, or partner with an MSP to install RMM and monitor and resolve issues remotely. Give us a call at (515)422-1995!

The Dark Web and Its Impact on Your Business

by

Business owners today know the internet is not only a force for good. Some people exploit the Web for ill intent. They congregate on the Dark Web, and small businesses need to understand the risks.

What is the Dark Web?

You and your employees spend time daily on the Web. They’re researching clients, checking out competitors, and searching for information. They are not accessing the Dark Web. The Dark Web houses dangerous, often illegal activity. This includes black-market drug sales, illegal firearm sales, and illicit pornography.

The Dark Web’s collection of websites is inaccessible using standard search engines or browsers. Users employ a Tor or I2P encryption tool to hide their identity and activity, and they spoof IP addresses.

To go into the Dark Web, you also need to be using the Tor or I2P service. Plus, you’d need to know where to find the site you are looking for. There are Dark Web directories, but they are unreliable. The people on the Dark Web don’t want their victims to find them. Ultimately, it’s not somewhere you or your employees need to be.

So, why do you need to know about it? Because Dark Web users can buy:

  • usernames and passwords
  • counterfeit money
  • stolen credit card numbers or subscription credentials
  • software to break into people’s computers
  • operational, financial, or customer data
  • intellectual property or trade secrets

The Dark Web is also where someone can hire a hacker to attack your computers.

The Dark Web business risk

The Dark Web itself isn’t illegal, and not all its traffic is criminal. It is also visited by journalists and law enforcement agencies, and it’s used in countries prohibiting open communication.

Yet the number of Dark Web listings that could harm your business is growing. A 2019 research study found that 60% of all listings could harm enterprises, and the number of those Dark Web listings has risen by 20% since 2016.

Business risks from these Dark Web listings include:

  • undermining brand reputation
  • loss of competitive advantage
  • denial-of-service attack or malware disruption
  • IP theft
  • fraudulent activity

With media attention on data breaches impacting millions, it’s easy to think a small business is not at risk. However, bad actors don’t target a business for its size – they look for ease of access.

Dark Web information is up to twenty times more likely to come from an unreported breach. Privacy specialists told a Federal Trade Commission Conference victims included medical practices, retailers, school districts, restaurant chains, and other small businesses.

Reduce your risk

If your information ends up on the Dark Web, there’s little you can do about it. The bright side, at least, is that you would know that your business security has been compromised. Be proactive instead. Keep your security protections current, and install security patches regularly.

Consider a unified threat management (UTM) device, or UTM appliance. The UTM plugs into your network to serve as a gateway and protect your business from malware, illicit access, and other security risks.

Your UTM security appliance can provide:

  • application control
  • anti-malware scanning
  • URL and content filtering
  • data loss prevention
  • email security
  • wireless and remote access management

Or let a managed services provider (MSP) take care of all aspects of protecting your business. Pay a consistent monthly fee for an MSP to handle all your technology, patching, monitoring, and assessment needs.

Stay on top of the latest cybersecurity threats with an MSP, or learn more about installing a UTM. We can help protect you from the dangers of the Dark Web. Call us today at (515)422-1995!

Adding Accountability to Remote Work

by

Today, businesses are embracing digital technology to enable productivity anywhere, any time. Yet ensuring accountability is a stumbling block to widespread acceptance of remote work.

Recently, COVID-19 has forced many businesses to transition quickly to working from home. Even bosses concerned about lack of control over absent employees had to make the change. Former opponents to remote work may have discovered the benefits of this approach. Employees certainly may have enjoyed the opportunity and want to keep doing it.

The good news is that technology and products are even better today for managing remote teams.

Top Tools for Remote Work Accountability

Overall, employers need to trust their people. This is true whether they’re working on-site or from home. Still, for some supervisors, trust is easier with remote monitoring abilities.

Joint calendars are a common starting point. Microsoft 365, Google’s G Suite, and other tools allow staff to share calendars. People can still schedule personal appointments and keep those private, but the joint professional calendar lets everyone on a team stay in the know. Managers can go online to track sales meetings, client presentations, or team sessions.

Project management software is another way to see what co-workers are doing. Teamwork, Basecamp, and Trello offer a central location to see a project come together. Employees can access secure software from any location to share files and interact. Individuals can set deadlines and create tasks to improve accountability and responsibility sharing.

Business-based internal messaging software also keeps everyone on the same page. These communication tools typically provide one-on-one messaging and group chat. It’s easy to send a quick note asking someone for a status update, or just check in. Some tools also allow individual and team audio calls as well as video conferencing. Top contenders are Slack, WhatsApp, Skype for Business, or the Facebook and Google Hangout work chat apps.

Go big enabling collaboration among employees with cloud-based office software. Microsoft 365 and G Suite enable many users to go online and work on the same things at the same time. This solution also lets managers easily view shared documents and verify progress. It’s even possible to invite clients or other external partners in to view folders. For security reasons, you may want to limit their access to “view only.”

Securing Remote Work

Security is another point of friction for businesses allowing remote work, but the technology is keeping pace there also. Even so, you’ll want to educate employees about cybersecurity best practices. Requiring antivirus and malware upgrades, limiting external sharing and enabling multifactor access will help make remote work viable, reliable, safe, and secure.

Need help installing or implementing remote work tools? A managed service provider can help. Or, our IT experts can put in place the administrative controls you need to help secure work from home. Let us provide the IT help you need. Contact us today at (515)422-1995!

Protecting Shared Computers for Work from Home

by

Many families today have a shared home computer to help with day-to-day activities. A teen can search for a job and stream shows. A parent can check work emails, pay household bills, and shop online. A youngster can play an educational game to buy Mom or Dad a few minutes of peace. Yet with COVID-19 sending so many people home to work, the shared computer is getting a lot more use.

Not every employee was lucky enough to get sent home with a business laptop. Some employers ask you to use your own computer. At the same time, you may also be accommodating kids doing online learning, and those little ones still want to go online and point and click to help Elmo plan a birthday party.

But sharing the computer can now present a security risk. You may have important work documents on the home computer. You could log in to the business network unaware of malware downloaded onto your home device, and, of course, that malicious software isn’t doing your home computer any favors either.

With so many people using the computer, make sure to set up virus protection on your home device. Additionally, you may set security patching and software upgrades to happen automatically. One of your young users could be seeing the message requiring an update and ignoring it. That leaves you unaware the software is vulnerable to bugs or threats.

Setting Up Personal Profiles

With everyone sharing the desktop, your work is at risk. You could have downloaded a spreadsheet containing employee personal identification information. That represents a compliance risk if another user inadvertently accesses the document.

Or you could lose hours of work. Someone else might drag that project you’ve been working on to the trash with a school assignment rubric.

Our IT experts can set up different account profiles for each user. Doing this not only helps to secure your work from home, but can also add protection for your kids.

The immediate appeal is personalizing the desktop for the individual user. Your kids can pick their own home screen backdrops and menu bars. You might not need access to TikTok, but your teen is thrilled to have it right there on the desktop. For smaller children, you can make icons and text bigger. Set up narration to give yourself a break from the umpteenth reading of Goodnight Moon.

For parents, security advantages of the profiles include being able to set up the following:

  • Web filtering enables you to set rules to screen incoming Web pages. This can help avoid children seeing explicit content or accessing a malicious site. You might also limit Web browsing to particular sites.
  • App limitations can ban kids from buying and downloading certain apps or making in-app purchases. For older kids you could require parental permission first.
  • You can set up Screentime limits for particular sites (e.g. Netflix or YouTube) or allow young people to access online content only at certain hours of the day.
  • Age restrictions allow you to filter mature content from search results. These also filter what apps, games, and media the young user can view or buy.

Individual profiles also make it easier for parents to track online activity and computer use. We can even set it up for you to receive reports on Web browsing and application use.

Secure your work from home and protect your family of users. Get help setting up the right controls for your home computer needs. Contact us today at (515)422-1995!

Why Your Business Needs Managed Services Security

by

Locking your front door after a burglar has already ransacked your house doesn’t do much, and the same is true of cybersecurity. With the help of a managed service provider, you can stay ahead of security threats with well-tested, leading-edge technologies.

Ransomware, Trojans, crypto mining, and more make the news regularly these days. Businesses and consumers are both aware of the threats. Yet there is no single vaccine that can keep you safe. The volume of threats is growing. Cybercriminals are mixing up their tactics to outwit their targets, and the result is increasingly sophisticated cyberattacks.

Password theft and password-based breaches remain a daily occurrence in 2019. But that’s only one area of concern. Cybersecurity experts warn that, “the worst is yet to come.”

Managed services help you to stay on top of evolving threats. For a small, fixed monthly cost, you add a team of experts to your arsenal. Instead of reacting after the fact, they work to identify any vulnerabilities. Instead of reacting, they work to identify vulnerabilities and prevent attacks.

When security is internal, a single person or small, overworked team tries to stay current. Working with a managed service provider (MSP), in-house IT teams focus instead on business tasks. They can trust the MSP to know the latest, greatest technologies. The MSP’s experts do the necessary training and attend the security conferences, and your business benefits without having to spend finite resources.

Managed Services Make a Security Difference

An early order of business for your MSP is learning your system, network, and applications. These IT experts get to know your business and its workflow needs. Then, they recommend the best tools for you to use. They make suggestions that prioritize productivity, ease of use, cost, and security. You don’t have to deal directly with a vendor salesperson. You gain an objective perspective on what technology truly suits your needs.

Regrettably, your technology users remain a weak link, but you can boost your employee cyber education and awareness (and you should). A managed services provider partner adds levels of precaution. They will test and track staff cyber behavior on-site and off-premises.

An MSP partner understands your entire technology ecosystem. They determine how your business solutions operate together to keep your business protected.

The MSP’s proactive approach can save you data breach devastation. Financial damages can be large. In a 2018 Cisco study, 54% of all cyberattacks resulted in damages of more than $500,000 USD.

Those costs aren’t the only risk of a data breach, though. Your business also risks:

  • theft of international property;
  • loss of competitive advantage;
  • damage to brand reputation;
  • customer churn;
  • regulatory fines.

No matter your business size or industry, you are at risk. It’s that simple. Cisco found 40% of companies with 250-499 employees had experienced a severe security breach in 2018. Larger organizations were similarly impacted but tended to be more resilient. Meanwhile, when a small business is breached the damage is usually even greater. Their core systems are likely interconnected, which sees the attack spread easily.

Key Takeaway

The threat landscape is always shifting. You might be at risk from targeted attacks against your employees (e.g. faked business email communications), ransomware (holding your data hostage), or other advanced threats.

Managed services ensure you have the people, processes, and technology to prevent attack. Plus, if the worst happens, they have the skills to mitigate the damage and get you back up and running quickly.

Managed services provide the best security, proactively, and on an ongoing basis. Want to learn more? Give us a call today at (515)422-1995!

You’re Never Too Small to Outsource

by

Small business owners are proud of getting everything done with few people. Every team member wears many hats. They are part of a family, devoted to the firm’s success. But that doesn’t make them qualified to handle IT. Really, you’re never too small to outsource your technology needs.

A small business may only have a few computers for its handful of employees. Having an in-house person dedicated to IT support would be overkill. But just because the technology is working fine today doesn’t mean your IT is performing at its best. That’s why it can be beneficial to outsource IT.

Having someone who knows technology working for your team can pay huge dividends. Your outsourcing partner will add value by:

  • helping you avoid bad tech purchases or buying software you don’t need;
  • identifying where you can be more efficient with tools you already have, which can save money;
  • providing knowledgeable support and IT help;
  • learning business needs and making recommendations about the best IT for your goals;
  • protecting your business technology and ensuring computers are up to date with security patches.

Small Business Breaches

Cybercriminals don’t care about business size. In fact, according to Accenture, 43% of cyberattacks were aimed at small businesses, and only 14% of the SMBs were prepared for defending their networks and sensitive data.

In fact, a small business can be a particularly appealing target. Hackers will exploit a small business as part of a campaign to attack a larger business. They know the SMB is less likely to have the same level of security as the bigger target in their sights.

Accenture’s 2019 study found that more than half of all small businesses had suffered a breach in the last year. These attacks can be crippling for SMBs. According to insurance carrier Hiscox, the average cyberattack costs a business $200,000. That figure can be a killer blow for a small business. Some 60% of SMBs hacked go out of business within six months of the attack. Even if they can survive the financial hit, damage to brand reputation and customer goodwill is devastating.

Advantages of Outsourcing

You may not have a clear picture of your cybersecurity status right now, but by working with a managed services provider (MSP) you’ll get one. Your partner will conduct an informal audit of your current technology and learn your short- and long-term goals.

Your small business, for instance, may not have a data protection procedure. You might be thinking you don’t have a lot to backup and store. But the quantity may not be the primary concern. Can you recover if your business loses an email chain it was keeping for legal or compliance reasons? What would happen if the computer holding your accounting database died? An MSP can identify where tech changes can better ensure business continuity.

When you outsource, your partner will also inventory all your tech assets. They’ll need to know everything about your infrastructure and your business’s technology capabilities. Your current team may recognize the importance of securing the business’s intellectual property, but are they also protecting customer data and employee records? Your business needs to be intentional about confidentiality, availability, and safety. An MSP can help.

The cost of outsourcing is often a stumbling block for the budget-conscious SMB. Managed IT services can often lower costs for clients by streamlining processes, managing vendor relationships, and ensuring that the business technology is best suited to current needs. And you’ll pay a fixed regular fee for a technology team member who will help you avoid big, costly tech surprises.

No business is too small to outsource IT. Having access to a full-time IT professional via a managed service provider can improve your operations, enhance productivity, and lower cybersecurity risk.

Find out more about what we can do for you! Call us at (515)422-1995!

Steer Clear of Coronavirus Scams

by

With the world grappling with a health pandemic, scams are shocking. Regrettably, bad actors are everywhere, always looking for opportunities, and they’re seeing one in the coronavirus. This article outlines what you need to watch out for and how to stay cyber safe.

The last thing you want to read right now is that there’s another threat out there – sorry, but it’s true. Cybercriminals take advantage of fear. They take timely concerns and use them to target victims. Using the anxiety and upheaval around coronavirus is their mission.

So far, several coronavirus-related attempts to cyberscam people have been reported. There are examples of:

  • emails that appear to come from government health departments;
  • offering a tax refund to get people to click on malicious links;
  • memos to staff that appear to come from large employers;
  • COVID-19 test offerings from private companies;
  • fake websites promising to sell face masks or hand sanitizer;
  • soliciting donations to help fund a vaccine.

What to Watch Out For

Another concern is the number of bogus websites registered with names relating to COVID-19. The site can look legit but is set up to steal information or infect the victim’s computer with malware.

You may get an email promising the attached information offers coronavirus safety measures, or information shared by the World Health Organization (WHO) if you click on the link, or a similar email pretending to be from a reputable news source, such as the Wall Street Journal (WSJ).

In another example, an email impersonating a healthcare company’s IT team asked people to register for a seminar “about this deadly virus.” Anyone who didn’t question why IT was organizing the meeting clicked to register. By filling out the form, they gave their details to hackers.

What to Do

Be cautious. It’s understandable that you’re anxious, but don’t let that stop you from taking cyber precautions. You should still:

  • be wary of anything that tries to play on your emotions and urges immediate action;
  • question where emails are coming from – remain vigilant even if the communication appears to come from a reliable source;
  • hover over links before clicking them to see where they will take you – for example, in the WSJ example, the Web address was for the “worldstreetjournal”;
  • avoid downloading anything you didn’t ask for;
  • doubt any deals that sound too good to be true (“a mask that stops the virus 99.7% of the time!”);
  • ignore any communications requesting your personal information;
  • don’t be suckered by fraudulent pleas for charity.

Global health organizations generally do not send out emails with advice. Instead, navigate directly to that reputable health institution for real news.

If you’re still not sure about the validity of the communication, check it out. Do so by calling or using another medium to get in touch with the “source” of the received message.

While there is not yet a vaccine for COVID-19, you can put anti-virus protection on your computer. Also, make sure that you’ve applied all available security updates to keep your software safe.

We hope you’ll take care and stay healthy both physically and online in these tough times.

Need help installing security software and keeping your technology safe? Our cybersecurity experts can give your home a tech immunization. Contact us today at (515)422-1995!

What Is a VPN and Why Do I Need One?

by

Ever seen a thriller in which someone asks, “is this a secure line?” The good guys or villains want to be sure their conversations can’t be overhead. When you get a VPN to connect to the Internet, you’re signing up for the online equivalent of a secure line.

VPN stands for virtual private network. Put simply, a VPN connects your computer, smartphone, or tablet to a shared or public network as if you’re connecting to a private network. Banks, governments, and companies use VPNs to connect to their networks remotely. Now, it’s becoming more common for the general public to use VPNs. After all, we’re doing online shopping or banking and exchanging sensitive data. We don’t want others to be able to access or track what we do online.

A VPN is an encrypted connection to the internet. It’s your own secure and private internet connection that you can take with you outside of your home.

Benefits of a VPN

There are many advantages to having a VPN. For instance, your VPN also encrypts your online activity. Every internet user has a unique IP address assigned by their internet provider. It’s sort of the technological equivalent of your fingerprint.

When you connect to the internet using a VPN, your IP address is masked. The address used is that of your VPN provider. So, you look like them rather than your home connection. You might think of the VPN as wearing gloves that prevent you from leaving fingerprints when you move around online.

Your search history isn’t logged. You don’t have to worry about bad actors or advertisers tracking your activity. If you want to check social media at work or on a school campus that blocks certain sites, your VPN lets you do so.

You can use the VPN to access a business network securely, too. So, you can use the technology to be more efficient when working remotely.

A VPN can also help you avoid geo-blocking. What’s geo-blocking? It’s a technology that restricts your access to services based on your location. For example, if you were trying to stream a Netflix show from your home country from overseas, you would be geo-blocked. But if Netflix can’t see you’re out of the country, it will let you in to catch up on your favorites.

You could also save money. When your location isn’t known, you can benefit from price disparities – the cost for the same product varies in different regions. The wealthier areas are charged more because sellers can get away with the price markup.

Who can use a VPN?

Anyone can connect to a VPN. You can connect your computers, phones, or tablets to a VPN. It’s a flexible solution that doesn’t need you to switch internet provider or buy any new equipment.

You can also work with a VPN provider. Some are free, but paid VPN providers tend to offer proven security and greater networking speeds.

Make sure your online traffic is secure. We can set up a safe VPN for you. Give our experts a call at (515)422-1995.

LetMeIn101: How the Bad Guys Get Your Password

by

Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.

Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.

Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.

Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.

Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.

If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.

Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.

The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.

Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.

Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.

Tip: Be cautious about your online activity on computers or networks you don’t trust.

Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.

Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.

These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?

Contact our experts today! Call us at (515)422-1995

Click to see our BBB Report

FOLLOW US

VISIT US