We’ve discussed the basics of Cyber Security and also how to avoid being scammed by email hackers. Both of these articles highlighted the need for your passwords to be strong. But what we haven’t explained is how you’re supposed to keep track of these passwords. Let us introduce you to the concept of a password manager.
In our current cyber environment, hacking and cyber-attacks are taking place much more often than many business owners realise. The Australian Competition and Consumer Commission (ACCC) found that business scams were up more than 30 percent in 2016. According to Kaspersky Lab Security Bulletin 2016, a company is hit with ransomware every 40 seconds. These statistics can seem frightening, but the best first-level defence against hacking is a strong password.
It is no longer good enough to use your birthday, a name, etc. If your passwords aren’t strong enough, hackers and the software they use will be able to “guess” them. You need to have a strong, unique password for each of your online accounts. (For tips on creating a strong password, check back to our post on email scams).
Password managers are not just a way to store your passwords in a secure place, they can also generate these unique and complex passwords for you. You do, however, have to create and remember one master password, which will be the key to all of your password manager created passwords.
How does it work?
Your typical password manager will install a browser plug-in which will handle your password capture and replay. This way, each time you log in to a secure site, it will ask you if you want to save your password.
Using your super-strong master password, you gain access to the browser password manager, and then every time you log in to a new site, the password manager will help you create, save and store your passwords.
The best password managers will save your account details when you create the account and will also recognize when you change your password and offer to update the stored information.
What password managers to use
There are so many options when it comes to password managers, and depending on the level of security you think you require, you can get one for free or for a small fee.
A couple of free password managers:
Last Pass https://www.lastpass.com/
Free to use, with features such as two-factor authentication and free syncing, with a premium plan you can upgrade to for a small cost.
Log me once is also free, and claims that by using their Single Sign-On system, you increase your security by 300%. Log me once also uses a passwordless system, with four authentication options to choose from.
For more options, PC Mag has created an in-depth list of the best Password Managers of 2017, including both a Paid and Free list.
Have more questions about Password Managers or Cyber Security? Give us a call and speak with one of our knowledgeable Technical Engineers on (08) 9228 4118, or send us an email at .
In the past, businesses approached IT management with a break-fix mentality- don’t think about it until it breaks, and then call someone in to fix it.
Today, technology is at the centre of almost every single business activity, application, and process. Now, if something in your system breaks, it could mean a breakdown of the entire structure and process of your business. And while you’re waiting for an outside technician to come in, learn your system, and attempt to fix it, can your business really afford to stop? What is the cost of this downtime to your bottom line?
Managed Service Providers offer a proactive approach to managing your business’ technology infrastructure. Instead of waiting for your technology to break, or for your system to be hacked, or for a backup to fail, your Managed Service Provider will identify any issues before they happen- and have a pro-active plan in place to ensure your systems continue to run smoothly in the background. This means you and your employees can focus on the company’s business, instead of handling IT problems.
Companies with an IT team already in place also find MSPs beneficial. They can work with and complement the IT team, taking away the management of day-to-day IT operations. A business invests in an IT Manager for their knowledge of the business and ability to develop strategic internal projects that will drive growth. The addition of an MSP will allow your IT manager to continue to drive that progress, while the MSP manages the system maintenance.
While cost is a concern for some, Managed Services will actually cost your business less than the old break-fix contracts- especially when you consider the cost of downtime. Budgeting for your IT will be easy and transparent. Managed Service agreements are based on a monthly fee that covers everything from remote monitoring and maintenance to prevention of major issues. This limits the opportunity for unforeseen emergency IT breakdowns and expenses.
There are a number of benefits to engaging a Managed Service Provider, including:
- Increased security
- Minimized downtime
- Increased overall operational efficiency
- Cost-effective access to enterprise-level support
- Proactive approach to IT solutions
- Peace of mind
At Scope Logic Group, we are proud of the wide range of skills our Technical Engineers can offer to our clients. The scope of our team’s knowledge means that we can efficiently service, maintain and manage all aspects of a business’ IT- from unified communication and collaboration solutions, to network security and cloud solutions. Whether you’re looking for support for your current IT team or to outsource all your IT problems to us, we are up for the challenge.
A Managed Service Provider is going to provide your business with preventative maintenance. No more waiting for your systems to fail before calling someone in. With the right Managed Service Provider, you’ll never have to think about your IT again. Which means you can focus on what matters to you- running a successful business.
Contact us on 08 9228 4118 or to speak with one of our Technical Engineers about how we can help you.
- Have you ever had your network breached, or do you know what to do in the case that your network is compromised?
- Do you know which applications are being used within your network?
- Have you ever wondered just how effective your current firewall threat protection is?
Your business network is a complex system, made up of interactions between each of your applications, users and content. Today, a traditional network firewall is no longer enough to ensure that your system can block threats- you need stronger performance combined with better visibility of what exact threats your system is facing- such as APTs, botnets and advanced malware.
That’s where Scope Logic’s Cyber Risk Threat Assessment Program comes in. We can provide your business with a FortiGate network security platform, deployed as an internal segmentation firewall (ISFW) or next generation firewall (NGFW).
Scope Logic is able to help you determine what types of network security threats your network is facing every day. Once armed with this knowledge, Scope Logic will then be able to translate this information into recommendations on how to increase your network security platforms and decrease security threat concerns. They will be able to show you how you can run your business more efficiently and securely, using granular control over your applications, users and content.
Included as part of our CTAP is our Network Penetration Testing, this is designed to determine your exposure to a targeted attack, we do this by putting your network security systems through their paces, our Senior Security Engineers will use every tool and technique available to them to gain access to your systems and provide a detailed report on where risks are and what can be done to reduce them.
Our Network Penetration Testings starts at a point of zero knowledge about your network, our Security Engineers are given the domain name of your organisation only, from here they interrogate the publicly visible aspects of your technology and identify vulnerabilities.
The goals of our Network Penetration Testing are:
- Identify if a remote attacker can gain access to your systems
- Determine the impact of a network security breach on your company’s confidential information and the integrity of your Information and Communication Systems
Our detailed Network Penetration Testing Report will identify vulnerabilities and provide recommendations on how to remove these vulnerabilities from your network.
Have you read all this and you still think your network security is strong enough? Here’s what Fortinet says businesses can find after running Scope Logic’s CTAP:
Scope Logic Group is working closely with our clients to help them assess the security of their networks and recommend next steps to improve their security, increase productivity, and optimize network utilization.
For any questions around Scope Logic’s CTAP, or to get a member of our team in to run the Cyber Risk Threat Assessment Program on your business’ networks, give us a call on 08 9228 4118 or send us an email at .
With End of Financial Year fast approaching, business owners are likely to see an increase in the number of scam emails being sent to them, claiming to be from the Australian government or other agencies and promising to make life easier for them at tax time.
ASIC Email Scam
One example to be on the lookout for is an email claiming to be from the Australian Securities and Investments Commission.
However, clicking on the “Renewal letter” link brings you to a website where a file containing malware will be downloaded onto your computer. This is likely to be a virus, ransomware, or a keylogger used to steal your login information.
This is just one example of an email scam that is currently circulating in Australia. As tax time approaches it’s likely that business owners will receive more of these emails.
However, you can protect yourself from these types of scams:
- Use caution when downloading files. In the email above, the link brings you to a website which asks you to download a .zip file. Proceed with caution any time you are asked to download a .zip file. Make sure it comes from a trusted source and if it doesn’t, delete it right away. Unopened .zip files are harmless, it’s downloading the file that give the virus access to your files.
- Use complex passwords. Some hackers use brute force attacks in order to obtain a business’ information such as a user password. This is a trial-and-error method using automated software to generate a number of consecutive guesses of your passwords hoping to eventually guess correctly. The more complex your password, the less chance that the software will be able to guess it. Make sure your password contains a combination of capital letters, numbers and symbols throughout. A good rule to follow is to select 3 separate words, for example, bowl, grape, tree and combine these with the “complexity rule” to give you b@wlgraPetr33. This will make it nearly impossible for the software to be able to guess. You’ll be surprised how quickly you start to remember this, but if you do decide to write it down, make sure to keep it somewhere safe.
- Stay up to date on current email scams. On the Scope Logic Twitter page, we will be keeping an update of current issues including outages and scams. Follow us @ScopeLogic to make sure you always keep on top of everything tech and ICT. You can also follow @scamwatch_gov, which is an Australian government scam watch.
- Secure your office. Is your business doing everything possible to ensure that files and information are secure and protected? Sometimes it can seem overwhelming, however with a proper security setup in your business, including a backup system to protect files, a secure email gateway, advanced threat protection and a firewall, you can make sure your data is secure.
Need someone to do a health check on your company’s systems? Just want to hand over the problem to someone you know can help?
Visit our website at www.scopelogic.com.au, give us a call on 08 9228 4118 or email and one of our experienced security engineers will be able to come up with a solution for your business.