IT security policies are necessary in organizations as they define who has responsibility of what information within the company. Policies are the baseline of all procedures and should be maintained regularly. Why Do Organizations Need Security Policies? IT security policies outline rules for user and IT personnel behavior. These policies also identify consequences for not […]
read more »Tips for Creating a Strong Password Passwords can be an inconvenience to remember, especially when you have dozens of applications and accounts to log into everyday. However, with the increase in phishing and ransomware attacks, passwords can be the main line of defense when securing your data. Once an attacker knows your password, your personal […]
read more »What is a Phishing Attack? In recent news, several large companies including Microsoft and Facebook have been affected by phishing attacks. Phishing is a type of cybercrime that happens when an attacker poses as a legitimate company or website in order to divulge sensitive information from the victim. This can be the victim’s social security […]
read more »So what is a Ransomware attack? You may have read in the news lately about a new and growing threat to municipal computer networks, ransomware attacks. These attacks can be crippling, and can shut down entire cities for weeks or even months. They can have devastating consequences and can cost hundreds of thousands of dollars in ransom just to […]
read more »A Security Risk Assessment (or SRA) is an assessment that involves identifying the risks in your company, your technology and your processes to verify that controls are in place to safeguard against security threats. Security risk assessments are typically required by compliance standards, such as PCI-DSS standards for payment card security. They are required by […]
read more »Encrypting Laptops and Desktops Encrypting desktops and laptop computers is one of the easiest ways to prevent data loss as a result of lost or stolen computers. Modern operating systems such as Windows 10 Pro and MacOS High Sierra include full disk encryption features bundled with the operating system. Once a disk is encrypted, it […]
read more »Data Destruction and Disposal Companies often forget about data once they stop using it day-to-day. Leaving outdated data on sunsetted systems increases your potential exposure in the event of a data breach. Ensure that data no longer actively used is properly disposed of and devices that contain data, such as laptops, old hard drives and […]
read more »Shared or Weak WiFi Passwords Allowing employees or guests to share a single WiFi password prevents you from controlling who is accessing your company network. Once a person has your WiFi password, they can access your network at any time, even from outside your building’s locked doors, or potentially after you have terminated them, leaving […]
read more »Screen Locking Once a user logs into a computer, they potentially have access to sensitive company information. If they get distracted or leave their computer unattended, it leaves your company data open to potential theft or exploit. Ensure that all company computers are set to automatically lock the screen after a defined time interval, e.g. […]
read more »It is alleged the breach was discovered in December last year but was only disclosed to employees this week.
read more »