Heartbleed Bug: What a Business Owner Should Know

The name Heartbleed OpenSSL Vulnerability (aka Heartbleed bug) is as scary as it sounds. Some reports say up to two thirds of all secure websites (e.g. those with a web address starting with a green https://) are using OpenSSL.  It has been reported that Google was first to discover the Heartbleed bug  that compromised sites including Yahoo, Tumblr, Flickr, Amazon, and other websites relying on OpenSSL for security.  This security breach may provide hackers access to accounts, passwords, and credit card information. Heartbleed and Your Systems Business owners using OpenSSL for their email, website, eCommerce applications, or other  web applications should take action to prevent data loss or theft.  The fix for the Heartbleed bug should be installed on your operating systems, network appliances, and other software to ensure that confidential information is protected.  Consider having your IT professional test your public web servers to determine if they are safe. Heartbleed and Your Employees Your employees may have used websites that were exposed to the Heartbleed bug.  This means their username and password combinations may have been compromised by hackers tapping into what was supposed to be encrypted communications.  Employees should be reminded to reset passwords within the guidelines established by your company.  There are plenty of resources on creating a secure password.  Microsoft offers tips for creating a strong password on their website. The Need for IT Security Because the Heartbleed bug is pervasive, most internet users need to change passwords on sites like Gmail, Yahoo, and Facebook.  The Heartbleed bug is a wake-up call to the importance of having an IT Security policy that includes strong password...

Mobile Security: Does Your SmartPhone need a Kill Switch?

Many Smartphones and Tablet computers have access to corporate applications and their data through Bring Your Own Device (BYOD) policies and corporate-sponsored mobility strategies.  Mobile Security has become a popular topic for good reason.  According to CIO Insights, mobile data traffic is expected to increase eleven-fold by 2018. Because of increasing data traffic on mobile devices, some government agencies are looking at legislation to require manufacturers to add a smartphone kill switch to remotely wipe a mobile device if it is lost or stolen. Keeping in mind that a four-digit iPhone passcode could be hacked in minutes, this begs the question: Does your Smartphone Need a Kill Switch? Having a smartphone Kill Switch may give a sense of false security.  Adding a kill switch to protect your privacy and corporate information is reactive, rather than proactive.  If not done properly, you could wipe your employees’ irreplaceable information, such as family photos.  A Kill Switch may also make the phone entirely unrecoverable.  This means you will surely need to replace the device once the remote kill switch is invoked. Proactive Mobile Security Before you hit the Kill Switch consider proactive mobile-security measures. Smartphones and Tablets are great innovations that allow your employees to stay in touch and work anywhere.  Access to email, operational data, financial information, and customer information through a mobile device can empower your employees and increase their productivity.  Access to this information should be password-protected at all times.  Additionally, any corporate data should be encrypted in transit and at rest. Only approved applications should be allowed on the mobile device and personal data should be stored in...

Why You Need a Bullet Proof Computer Network

Your Computer Network is the information pipeline of your business. But what if your network goes down?  If your computer network is not operating properly, you may lose access to critical applications and their data.  If you are using mobile applications, software as a service, or other types of Cloud Computing, your computer network needs to be highly reliable and readily available. While reading this article, you will learn about information technology trends that impact your Computer Network. Cloud Computing and Your Network With Cloud Computing, your employees require consistent and reliable bandwidth over the internet to connect with the most popular cloud applications.  As Cloud Computing is becoming more important in business, it is becoming increasingly necessary to protect your network. Cloud Computing is an undeniable trend.  Most industry analysts forecast strong growth for The Cloud.  From a September 2013 forecast from International Data Corp., worldwide spending on public IT cloud services is predicted to reach $107 billion by 2017, an increase from $47.4 billion in 2013.   This trend in cloud computing is driving mega deals, such as the acquisition of Time Warner Cable by Comcast, as cable is a popular option for business class internet. Is your Computer Network ready for Mobile? A WiFi network is a practical way to connect laptops, convertibles, tablet PCs, and smartphones to your business.  However, mobile devices can tax your computer network performance and security.  To ensure smooth and consistent network connectivity, your computer network needs to accommodate the additional bandwidth requirements of those mobile devices.  Additionally, mobile devices may be a source of virus, Malware, or phishing schemes on your...

Mobile Security: Why Should I Care?

Mobile security is top of mind when it comes to concerns for IT Managers.  According to the Computing Technology Industry Association (CompTIA) risk of loss is the number one concern related to Mobile security. For the first time last year, more smart phones and tablets shipped than PC desktops.   It is no surprise that mobile devices are the target of mobile security threats. Chances are most people in your company have a smartphone, tablet or both.  In some cases these devices connect to your company network using WiFi.  It is equally likely that these devices access company information via email, mobile applications or file synch to company data.  Now that these devices are universal, it is important to have a plan if they are lost or stolen. Keep in mind, your four digit password may be the only thing between an intruder and your data.  Here are some additional considerations for mobile security. Mobile Security Policy While you can remotely wipe a Mobile devices when it is lost or stolen, this may not be enough.  That four digit passcode can be easily hacked in minutes.  It is important that employees know how to report a lost or stolen device immediately.  Also consider, there may be personal information on the device that is property of your employee.  This data may not be backed up and could be impossible to recover. There may be local laws that prevent you from wiping this type of data from personal devices.  If your employees access your corporate systems, be sure they sign and acknowledge your company policy for acceptable use, including policy for reporting...

Target Privacy Data Breach: Part 2

Target Retailers were just involved in the second largest credit card data breach in United States history. Today Target announced the data breach that occurred over Thanksgiving weekend now exposes upwards of 70 million credit and debit cards. Target also disclosed the privacy data breach compromised names, addresses, phone numbers or email addresses, in addition to credit card information.  When businesses are victims of a security breach, loss of revenue is often highlighted in the news. What the media often overlooks is the internal costs of remediation, exposure to privacy breach laws and loss of reputation with their customers. Any Business can be the Target of a Privacy Data Breach While large companies make the news, many small business owners believe their company is too small to be targeted by cyber criminals resulting in privacy data breach.  According to Verizon Wireless’s 2012 Data Breach Investigation Study, 71% of data breaches occur in companies with fewer than 100 employees.  A privacy data breach can be devastating to a small business. Malware or software used to interrupt a computer’s processing, is a common way of perpetrating these attacks.  Small businesses are often unprepared when it comes to these attacks. What a Business Owner do to Avoid a Privacy Breach Action can be taken to protect your small business and your customer’s sensitive information.  First, audit your network regularly. Periodically scan your network for unauthorized computers and devices connected to your network directly or via Wi-Fi.  Also, update any antivirus or malware software regularly. Check your firewall and security settings.  Make sure all your defense mechanisms are up to date and working...
Page 7 of 10« First...56789...Last »