Madgig Logo

BYOD tips to improve security

Lax bring your own device (BYOD) policies are a growing concern for businesses. If you’re not managing your organization’s BYOD policy properly, it can pose a host of security risks to your company. Below are some of the inherent security risks of BYOD.

  • Loss or theft of devices – Employees often bring their personal devices wherever they go. This means there’s a higher chance of devices, as well as the data stored in them, being lost or stolen.
  • Man-in-the-middle (MITM) attacks – Cybercriminals can intercept information transmitted from employees’ devices if these are connected to poorly secured public Wi-Fi networks.
  • Jailbroken devices – Jailbreaking is the process of removing the restrictions imposed by the manufacturer of a device, typically to allow the installation of unauthorized third-party software. This increases the risk of an employee inadvertently installing malicious software on a personal device.
  • Security vulnerabilities – If employees have outdated operating systems and software on their devices, cybercriminals can exploit unpatched vulnerabilities to gain unfettered access to company systems
  • Malware – A personal device that has been infected with malware can spread that malware to other devices that are connected to the company network and cause data loss and downtime.

To mitigate these risks, you must devise a BYOD security policy that works for the needs of your business as well as the needs of your employees. Here’s what you need to do:

1. Set passwords on all BYOD devices

Prevent unauthorized access to company data by enforcing the use of passwords on all employee devices and accounts. Passwords should be unique; contain letters, numbers, and symbols; and are at least 12 characters long. It’s also a good idea to implement multifactor authentication to add another method of identity verification such as fingerprint scans or temporary passcodes sent via email.

2. Blacklist unsanctioned applications

Blacklisting involves prohibiting the installation of certain applications on BYOD devices that are used for work purposes. This includes applications like games, social networking apps, and third-party file sharing platforms. The simplest way to blacklist applications is through a mobile device management platform that enables IT administrators to secure and enforce policies on enrolled devices.

3. Restrict data access

Adopt the principle of least privilege on both BYOD and company devices. This means that a user is able to access only the data and software required to do their job. This can reduce the effects of certain types of malware and limit the fallout in the event of a data breach.

4. Invest in anti-malware software

Anti-malware software identifies and removes malware before they cause irreparable harm to a device. The best anti-malware programs are often backed by the latest threat intelligence databases and use behavior-based detection techniques to pick up any traces of malware.

5. Backing up device data

A well-thought-out BYOD policy can go a long way toward minimizing the risk of a security breach, but if something manages to slip past your defenses, you need to have backups prepared. Back up your data in off-site servers and in the cloud to ensure that any data stored locally on a device can be quickly recovered.

6. Educate your staff about security

The vast majority of BYOD-related security risks involve human error. This is why you should educate your employees about proper mobile safety. Train them on spotting apps that could contain malware, sharing security threat updates, and securing their devices beyond enabling default security settings.

You should also approach us if you need assistance with protecting your BYOD environment. As a professional managed IT services provider, we keep tabs on the latest trends and innovations related to BYOD and will recommend solutions that work for your company. Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

How ready is your business for hurricanes?

As hurricanes are a common event in many areas of the United States, business owners must take steps to secure their data. In this blog, we provide steps that will help you quickly recover your data and get back to business following a hurricane.

Determine recovery hierarchy

Certain parts of your IT system are more mission-critical than others. Ask yourself which systems and/or data must be recovered in minutes, hours, or days so your business can resume operations quickly

For example, you may find that recovering sensitive customer information and eCommerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.

Pay attention to location

First and foremost, your backup site should be in a hurricane-free zone. Ideally, your off-site facility should be located at least 100 miles away from your main location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 miles per hour (as fast as Category 5 storms) and is supported by backup generators and uninterruptible power supplies.

You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage in case of floods.

Use image-based backups

Unlike fragile tape backups, image-based backups take “snapshots” of your systems, creating a copy of the OS, software, and data stored in them. From there, you can easily boot the virtual image on any device, allowing you to back up and restore critical business systems in seconds.

Take advantage of the cloud

The cloud enables you to host applications and store data in high-availability, geo-redundant servers. This means your backups can be accessed via the internet, allowing authorized users to access critical files from any device. Expert technicians will also watch over and secure your backups, allowing you to enjoy the benefits of enterprise-level backup facilities and IT support.

Back up your data frequently

Back up your data as often as possible, especially during disaster season. If your latest backups were created on September 15th and a storm makes landfall in your area on the 28th, you could lose nearly two weeks of data.

Test your disaster recovery (DR) plan

After setting up your backups, check whether they are restoring your files accurately and on time. Your employees should be drilled on the recovery procedures and their responsibilities during and after a disaster. Your DR team should also be trained on how to failover to the backup site before the storm hits. Finally, providers, contractors, and customers need to be notified about how the hurricane will affect your operations.

As cell towers and internet connections may be affected during a hurricane, make sure your company forums are online and have your employees register with the Red Cross Safe and Well website so you can check their statuses.

It’s nearly impossible to experience disruptions during disasters like Harvey or Irma, but with the right support, you can minimize downtime. If you’re concerned about any natural disasters putting you out of business, call us today. We offer comprehensive business continuity services that every company should have.

Published with permission from TechAdvisory.org. Source.

Cybersecurity tips for working remotely

Remote work policies have become a necessity not just because of the current coronavirus crisis, but also for the ways they improve a company’s bottom line and efficiency. Yet despite remote work’s benefits, it leaves you and your company exposed to online scams and other cybersecurity threats. To defend your company and your remote workers, make sure to heed the following tips.

Fortify user accounts

When everyone is working remotely, user accounts must be properly secured. One way to achieve this is by setting at least 12-character long passwords with numbers and special characters mixed in to make them more difficult to guess. More importantly, these passwords must be unique to each account, to minimize the damage if hackers do manage to compromise one set of credentials. If you find it difficult to generate and remember login details for all your accounts, consider password managers like LastPass, Dashlane, and Keeper.

To further strengthen your accounts, however, you’ll also need to enable multifactor authentication (MFA). This adds another layer of identity verification — like fingerprint scans or one-time activation codes generated by SMS — to make it more difficult for cybercriminals to hijack your accounts.

Use a virtual private network (VPN)

VPNs are primarily known for circumventing geographic restrictions on location-specific websites and streaming services, but they’re also a crucial tool for remote workers. A reliable VPN creates secure connections between devices and networks by encrypting internet traffic. This hides web activity from prying eyes, protecting your employees’ online privacy, and mitigating the risk of hackers stealing company information.

Patch your software regularly

Although installing software updates can be a major nuisance, they cover critical weaknesses and protect your systems from the latest threats. Most apps now offer an automatic update feature so you don’t have to manually patch your software.

Another option for your business is patch management software. These track patches on employee devices and distribute the most recent updates on a company-wide scale.

Set up firewalls and antivirus software

Make sure to enable firewalls in your operating systems and hardware. These provide a strong layer of protection between your device and the internet, preventing malicious programs and other network threats from reaching your device. Your managed IT services provider (MSP) may also provide third-party firewalls in case your computers don’t have any built in by default.

In addition to firewalls, you’ll also want to implement antivirus software to detect and remove any malicious programs that do manage to find their way onto your device. Just remember to constantly update the software so it can effectively detect the newest malware.

Secure home routers

Home Wi-Fi routers are not as thoroughly secured as their business counterparts so take extra precautions to safeguard them. For starters, change your router password as soon as possible because hackers can easily break into them once they know the router model. You should also install the latest firmware updates to eliminate any security vulnerabilities.

Finally, check whether your router has Wi-Fi Protected Access 2 (WPA2) encryption settings to secure inbound and outbound traffic. If your router doesn’t have this setting, you’re overdue for an upgrade.

Back up your data

Important files must be backed up regularly in the cloud and your external hard drive. This way, you’ll always have a copy of your files in case of a major data loss incident like ransomware or a power outage.

Watch out for online scams

The biggest threat remote workers face is online scams. Phishing emails may entice you with free coronavirus test kits in exchange for personal information. Some cybercriminals may even masquerade as legitimate companies, CEOs, or friends to trick you into clicking on dangerous links and attachments.

To avoid these threats, you must be critical of everything you see online. Look for any suspicious links and attachments, grammatical errors in the email body, and misspelled email addresses. Plus, never give out sensitive information to an unsolicited email, text message, or phone call.

Working from home poses many cybersecurity challenges for businesses, but you don’t have to address them alone. If you need guidance with setting up firewalls, avoiding scams, and even enabling MFA, we can provide the IT support you need in this difficult time. Call us now.

Published with permission from TechAdvisory.org. Source.

Business continuity in the cloud

Are you weighing the pros and cons of the cloud for business continuity? Let’s take a closer look at why the cloud is best for this strategy.

Better uptime

Backing up to an internal drive or an external hard drive won’t completely secure data. If someone steals your device, you instantly lose the backup it contains. Natural disasters, cybercrime, or man-made errors will also likely destroy your backups. As a result, your company could face expensive downtime. 

With cloud-hosted backup, however, things are different. The entire purpose of a cloud backup is to make sure your data is available when you need it. Top cloud service providers will offer redundancy, which means they will make a backup of your backups. This increases uptime and ensures optimum levels of data availability.

Fast resource provisioning

When backups are being implemented, spikes in user activity or cloud environment accessibility can slow down a website or other running systems. This is where a cloud hosting provider comes in handy. By closely monitoring user activities, providers can see spikes either before or as they are happening. The provider will provision more resources and virtual machines to manage the influx of users. This type of flexibility is particularly useful when data backups are in process.

Backup frequency

Most companies work on files and update information throughout the day, so it’s important to have a real-time backup plan ready in case an unexpected disaster occurs. When you back up data in the cloud, you will no longer have to worry about managing the frequency of your backups. 

Most cloud-hosted providers offer round-the-clock or other fixed backup frequencies, while others let you set your own backup schedule. Some of the services offered by these providers will back up files as you make changes, so you’ll know that the very latest version of files and data are always backed up.

Distributed infrastructure

Cloud-hosted backup means the delivery of data backup to users all over the world. Selecting the right type of cloud hosting partner is equally as important as having a cloud backup plan in the first place. If international users are trying to access database or download applications through your business website, latency will become a factor — the closer the user is to the data, the faster they’ll be able to access information. 

A suitable cloud hosting partner will be able to provide backup servers at a location that best suits your company’s business continuity needs. Distributed infrastructure is beneficial if you’re looking to support a large number of worldwide users.

Businesses everywhere are utilizing cloud backup solutions, so don’t be the one left behind. If you’re looking for a managed cloud backup service to protect your business data, give us a call today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Guide For Managed WiFi For Multi-Tenant Units

WIFI IS REVOLUTIONIZING HEALTHCARE!

Wireless Connections For The Near
Future Whitepaper

This field is for validation purposes and should be left unchanged.

Professional Services To Grow Your
Business Whitepaper

This field is for validation purposes and should be left unchanged.

Experience Guide Hybrid Workforce United

Embrace Change 4 Ways To Prepare For Whats Next

This field is for validation purposes and should be left unchanged.

Madgig Embrace Change a 4-step Plan

This field is for validation purposes and should be left unchanged.