7 Tips for Keeping Your Sensitive Data Secure

Cloud Storage, Data Backup, Data Security, Ophtek, Password Security, Security, Updates, USB Flash Drives, , ,
13
Aug 2019

Data will always be one of the cornerstones of your business. But keeping this data secure in the 21st century is a big ask. So, how do you protect it?

A staggering amount of data is created every single day and your business will contribute to this with each order placed, every service request logged and all the mailing lists you create. Data such as this is sensitive and needs to be protected. If personal details are compromised then they can be used for fraudulent purposes. Your customers need to trust your organization to handle and protect their data correctly. But in a world full of hackers, malware and social engineering it can feel like an uphill struggle.

However, you can make a significant difference to your data protection. And it doesn’t have to be difficult. In fact, you can elevate the security of your data quickly and effectively. All you have to do is follow our 7 tips for keeping your sensitive data secure.

  1. Use Cloud Storage

Individual PCs can become compromised by security breaches. And this means that the data stored on this hardware is up for grabs. But if this data is stored remotely it’s securer and less likely to be stolen. The perfect way to achieve this is by investing in remote cloud storage.

  1. Never Display Passwords

Passwords should never be displayed e.g. written on a Post-It note stuck to your monitor. Hackers don’t have to be external figures, they can easily be an internal threat. Therefore, create passwords which you can remember easily and don’t need to have visible reminders for.

  1. Make Sure Deleted Files are Overwritten

A deleted file isn’t necessarily deleted. And a hacker who knows what they’re doing can easily retrieve those files you thought were deleted for all eternity. But if these deleted files are overwritten enough times then you can make it impossible to retrieve them from your hard drive.

  1. Always Encrypt USB Sticks

USB sticks are useful for carrying around large amounts of data in a small space, but their small size means they’re easy to lose. Therefore, you should always ensure that data on these devices is encrypted and password protected.

  1. Install Anti-Malware Protection

You can never take enough precautions when it comes to data security, so anti-malware software should always form part of your strategy. Malware operates stealthily and can steal your data at a rapid pace. But with anti-malware protection in place you can reduce the risk of malware getting a foothold in your system.

  1. Always Install Updates

PC software and hardware is prone to security vulnerabilities. And these vulnerabilities give hackers the opportunity to access your systems and your data. Installing all updates at the earliest opportunity helps you to avoid having your systems and data compromised.

  1. Destroy Old Hard Drives

Technology advances at a rapid pace and PC hardware can soon become obsolete in the face of newer, faster technology. Hard drives are a case in point. But you need to make sure old hard drives are disposed of correctly. They contain a lot of data, so need to be thoroughly cleaned and then shredded to prevent any sensitive data being made available to external sources.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Understanding the Basics of Ransomware

Ophtek, Phishing, Ransomware, Secure Database, Secure Flashdrive, Secure Website, Security, Updates, , , , ,
07
May 2019

Ransomware has been causing trouble for businesses for many years, so it’s clearly a form of hacking which needs greater understanding to avoid its wrath.

The name ransomware sounds a little threatening and, as with all hacks, it’s hardly the friendliest of exchanges. However, whilst most forms of malware – which ransomware is a strain of – tend to disrupt day to day operations of your IT equipment by either stealing data or putting a strain on your network through DDoS attacks, ransomware is different. Not only does it disrupt your IT operations, but it also delivers a financial threat to your organization.

Due to the double whammy contained within ransomware, it’s crucial that you understand the basics of ransomware, so let’s take a quick look.

What is Ransomware?

Believe it or not, but the very first recorded ransomware attack dates back to 1989 when a hacker was able to hide the files of an infected PC on its hard drive and encrypt the file names. And, to be honest, modern day ransomware still operates in a similar, if not more sophisticated, manner.

Ransomware is a form of malware which, when executed on a user’s PC, is able to take over the victim’s system and encrypt their files. Naturally, files are essential for any organization to operate efficiently and to their maximum productivity, so this is clearly a very debilitating attack. However, to add insult to injury, the hackers then demand a ransom fee to release a key which can decrypt the files and return them to a usable state.

How is Ransomware Executed?

The most common method employed by hackers to execute ransomware on a user’s PC is through phishing emails. These emails, which appear to be genuine, are highly deceptive methods of communication which convince the recipients that they need to open an attachment bundled with the email. However, these attachments are far from genuine and the most likely result of clicking them is that malicious software such as ransomware will be executed.

How Can You Combat Ransomware?

With the average ransom fee demanded by ransomware totaling around $12,000, it’s clearly an irritation that your organization can do without. Thankfully, there are a number of actions you can take to protect your business:

  • Regularly Backup Your Data: As long as your data is regularly backed up, there should be no need to pay the ransom fee. With a comprehensive backup route in place you will be able to easily retrieve your files from an earlier restore point when they weren’t encrypted. 
  • Work with Anti-Malware Software: Most ransomware can be detected by anti-malware software, so it stands to reason that installing this software should make a significant difference to your defenses. Updating this software as soon as any patches or upgrades become available, of course, should be made a priority as it could make a real difference to falling victim to newly released ransomware. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are Zero-Day Vulnerabilities?

Backup, Ophtek, PC Security, Updates, Windows vulnerability, zero-day, , , ,
05
Mar 2019

Zero-day vulnerabilities are frequently referenced in regards to PC security, but it’s also a term which most PC users will be completely unaware of.

Any vulnerability that is present in your organization’s IT network poses a significant danger to the security of your data and equipment. Educating yourself and your staff on the dangers posed by these vulnerabilities is an important security practice, so understanding what zero-day vulnerabilities are is a crucial step in securing your PCs.

To help you get started, we’ve put together a quick guide to provide you with a zero day introduction.

What Happens on Zero-Day?

The definition of a zero-day vulnerability is very simple; it’s any exploit or security bug that is present in software or hardware that isn’t patched as the software vendor isn’t aware of its existence. To be considered a true zero-day vulnerability it must also be known to hackers. And this is where it becomes a huge security concern.

With hackers aware of such an exploit (known as a zero-day exploit), they’re essentially granted free rein to continually exploit this vulnerability in the face of little opposition. Therefore, malware can be installed, data can be stolen and whole networks taken down without software vendors and customers being aware of how it’s happening.

Once the zero-day vulnerability has been confirmed and the software vendor made aware, Day Zero is established. Naturally, any period before Day Zero is highly problematic, but even the commencement of Day Zero provides little comfort. And this is because developing fixes and patches isn’t an instant process. Instead, time and effort needs to be invested in creating these patches and ensuring that customers install them as soon as possible.

What are Some Examples of Zero-Day Vulnerabilities?

Now that you understand a little more about the makeup of zero-day vulnerabilities, it’s time to consolidate that knowledge with some real life examples:

  • Microsoft Windows Vulnerability: Even the seasoned professionals at Microsoft are capable of falling foul to zero-day vulnerabilities with one recently being discovered in the system file Win32k.sys. The exploit can be launched by a specific malware installer and, without the relevant patch, can be considered very dangerous.
  • Adobe Flash Malware: Adobe have suffered numerous zero-day attacks and, in 2016, their users experienced a zero-day vulnerability packaged within an Office document. Activating this vulnerability allowed hackers to download malware to the affected PCs and begin exploiting data until Adobe hastily issued a patch.
  • Internet Explorer Loses Control: Microsoft was, again, victim of a zero-day vulnerability in December 2018 when their Internet Explorer app experienced a severe security risk. It’s believed that the vulnerability is exploited by directing victims to an infected website where the hackers can then assume control of the PC from a remote location.

Final Thoughts

Zero-day vulnerabilities are troubling security flaws as their very definition means that there is no immediate protection available. Accordingly, it’s important that your organization takes the following steps:

  • Always install all updates to ensure zero-day vulnerabilities are treated as soon as possible
  • Backup all data and store it correctly in the case of a zero-day vulnerability disrupting your network and productivity
  • Educate your staff on the dangers of zero-day vulnerabilities and ensure they’re aware of the telltale signs of infection

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Adobe Flash Remains a Security Liability

Adobe Flash, Security, Security Threats, Updates, , ,
15
Jan 2019

Adobe’s Flash Player has had a bad press in recent years due to the numerous security flaws in its design and these problems remain a major issue.

While we frequently worry about the dangers of malware and ransomware, we seem to have forgotten about the security vulnerabilities that are present in software we use every day. Flash has been exposed as having major security flaws in the last few years, so there’s been a tendency to migrate towards HTML5 code which is similar to Flash and much more secure. However, many people still use Flash online, so it’s likely that your organization will come into contact with it on a regular basis.

Understanding how to combat vulnerabilities in Flash is essential for your organization’s security, so let’s try and get a better understanding of Flash’s latest security crisis.

Flash Hits the Headlines Again

On the same day that Adobe released their latest patch for Flash, an independent security expert revealed that they had identified a glaring vulnerability in the software. This security flaw – given the unwieldy name of CVE-2018-15981 – is a curious software bug that has the potential to execute a malicious code through an instance of Flash hosted on a malicious website. Versions of Flash affected are all those up to version 31.0.0.148 and could affect the following browsers: Firefox, Chrome, Edge and Internet Explorer.

Combating Flash Vulnerabilities

The most recent version of Flash (31.0.0.153) is more than safe to use in terms of this recently discovered vulnerability, but the question remains as to whether more vulnerabilities are lurking within it. So, how do you combat the security flaws presented by Flash?

Many browsers, such as Chrome, Firefox and Edge, now insist that users have to manually activate Flash each and every time it’s encountered, but confidence tricks can easily be employed by hackers to disguise this. Flash, of course, is being discontinued at the end of 2020, so many people are simply disabling the software. With only a small minority of websites still using Flash, the loss of productivity from disabling it are considered minimal due to the alternative solutions on offer such as HTML5.

However, many organizations rely on Flash-based websites to complete essential tasks such as online customer portals etc. In these cases, the importance of monitoring crucial software updates and acting on these immediately should be a priority for all IT teams. Many businesses have been caught out on countless occasions due to a lack of care when it comes to installing patches and software updates. While this latest vulnerability does not appear to have been exploited by hackers, it could have easily led to severe data breaches and a drop in productivity for any organization affected.

Final Thoughts

Flash has been present within the landscape of the internet for over 20 years, but it almost feels as though Adobe have barely concentrated on it for the last few years. As a result, Flash has received nothing but negative feedback due to the security flaws present. Naturally, with just two years left in its lifespan, these issues will soon become irrelevant, but for now it’s vital that you regularly install updates or, where possible, disable it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Things to Consider When Upgrading Your Servers

PC Server, Tower, Updates, upgrade hardware, Windows Server, ,
04
Sep 2018

Your server is the backbone of your organization’s IT functionality, but what do you need to consider when it’s time to upgrade?

Purchasing and installing a new server is a massive move for any organization. Install the best server for your needs and your productivity should skyrocket. Choose one that doesn’t quite fit with your business and it will seriously harm the way you’re able to operate. Therefore, choosing the correct server is important if you value your organization’s future.

Moving forward, though, isn’t always straightforward due to the complexity of such an upgrade. To help simplify matters, we’re going to share five things to consider when upgrading your servers.

  1. The Right Performance

First and foremost, you have to make sure that any potential new server is able to meet the needs of your organization’s IT needs. The main reason that an organization looks to upgrade is because the current technology isn’t able to fulfill their existing needs. Consulting with various department heads and IT professionals is essential to gauge the necessary requirements, so start by compiling this information and work from there.

  1. Is Integration Possible?

You’ve more than likely got an existing server in place, but upgrading doesn’t mean that you need to chuck your old one out with the trash. In fact, it’s possible that you’ll be able to integrate vast sections of your existing server into your new server. Not only does this potentially save you costs on new technology, but it also provides a level of consistency in terms of staff knowledge on the existing technology.

  1. Costs?

Performance, of course, is paramount, but price is equally important as all organizations work to a strict budget. Once you understand your performance needs, the next step is to evaluate which available servers meet this most closely. Technology, after all, can be costly, so you shouldn’t be paying for any technology that won’t be of use to your organization’s output.

  1. Factor in Maintenance

A brand new server is fantastic, but even the most up to date technology needs to be maintained. Any length of downtime is disastrous for any organization which understands the basics of productivity, so the shrewdest move with servers is to ensure that some form of maintenance cover is put in place. Often, there will be a warranty included with new technology, but this will always have an expiry date, so make sure you start asking about extended warranty options from an early stage.

  1. Future Upgrades?

It may seem counter-intuitive to consider future scalability as you upgrade, but looking to the future is vital when it comes to working with IT technology. The rapid pace at which technology expands means that you may need to consider growing your server a lot sooner than you expected. Discussing expansion options is crucial to safeguard against being lumbered with huge costs in the future when your existing technology is unable to expand further to keep pace.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 5 6 7 8