Keep Your Data Safe From Phishing Attacks!
Cybercrime is on the rise, and hackers are using any opportunity to take advantage of an unknowing victim to gain access to personal information for financial gain. One commonly used tactic is phishing. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing a person’s sensitive data and can result in wire transfer fraud, credential phishing, malware attachments, and URLs leading to malware spraying websites. Phishing scams are getting more sophisticated on a daily basis, thus harder to detect and avoid. Here are five different types of phishing attacks to avoid: 1. Spear Phishing Attackers pass themselves off as someone the target knows well or an organization that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is used to exploit the victim. 2. Whaling Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organization, to boost credibility. This approach also targets other high-level employees within an organization as the potential victims and includes an attempt to gain access to company platforms or financial information. 3. Mass Campaigns Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated. 4. Ambulance Chasing Phishing Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic. 5. Pretexting Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail) to set an expectation that they’ll be sending something seemingly legitimate in the near future only to send an email that contains malicious links. What to do if you think you’ve received a phishing email? First, to help identify it as a phishing email, check to see if the signed-by field was generated by a DomainKeys Identified Mail (DKIM) or a service. For example, if you received an email from name@datto.com, you would see a DKIM in the signature that looks like this: datto-com.20150623.gappssmtp.com. This is how all emails through a domain are processed. Emails shared through a service (e.g., Drive, Calendar, Dropbox, Box, etc.) do not have a DKIM. Instead, you would see the signature of the provided service (i.e., signed-by dropbox.com). If you receive a file, and it is not signed by google.com, gmail.com, dropbox.com, it is likely phishing – delete it immediately. It’s important to remain vigilant and proceed with caution in these circumstances. Source: https://www.datto.com/resources/phishing-attacks-how-to-recognize-them-and-keep-business-data-safe
Common Cybersecurity Threats for Small to Medium Sized Businesses
October marks the beginning of Cybersecurity Awareness Month, a month-long campaign to raise awareness of the need for a collective and proactive approach to cybersecurity. The campaign comes when the threat to businesses is greater than ever. According to the FBI, since the beginning of the pandemic, there has been a 300% increase in reported cybercrimes, with a majority targeted at small-to-medium-sized businesses (SMBs). This increase is likely due to the global shift to remote work, with employees accessing company infrastructure from their home network and IT teams maintaining it remotely. Common Threat Vectors for SMBs A threat vector is a pathway or method used by an attacker to access the target system. These attackers can then steal data, information, or money from individuals or businesses by exploiting these vulnerabilities and gaining access to the system, such as the company’s IT infrastructure or employee’s email). Once they gain access, they are able to remotely control the IT infrastructure, install malware or ransomware, or steal data and other resources. Weak or Compromised Credentials Bad actors obtaining access to user credentials is one of the most common ways for cybercriminals to access target systems. There are several ways for them to obtain these credentials, such as when users fall victim to phishing attempts and provide their usernames and passwords to authentic-looking websites or use common/weak passwords that can be easily guessed. However, it is not only users who can have their passwords compromised. Network devices and servers also have credentials that can be compromised, where one compromised server can allow machine-machine movement throughout the network. To help avoid this risk, make sure that effective password policies are in place to avoid weak/common passwords and usernames, and enable multi-factor authentication (MFA) to reduce the possibility of breaches. Malicious Insiders A malicious insider is usually an unhappy employee who aims to sabotage or damage the organization that they work for. This type of threat is particularly difficult to protect against as employees need access to critical systems and sensitive data in order to operate the business. An employee with bad intentions can potentially disrupt business operations with actions such as deleting critical data or backup or providing secret information to a competitor. To try to mitigate this threat, limit access to critical systems to a minimum number of employees, monitor data and network access, and keep frequent backups of critical infrastructure Phishing Emails & Ransomware Phishing is a tactic used by cybercriminals to gain access to users’ credentials, banking details or to convince users to download potentially malicious malware or ransomware onto their machines. Many phishing emails share common features, such as attention-grabbing offers and statements, portraying a sense of urgency, and unexpected attachments. Even attachments with familiar file types should not be clicked on unless the authenticity of the sender is known, as it may contain viruses like ransomware. Ransomware is a growing concern for SMBs. Not only is ransomware becoming more and more prevalent, but the ransom to be paid is increasing as well. There are numerous ways ransomware can infect a system, from phishing attacks that depend on user error to more targeted attacks that depend on exploiting vulnerabilities in a business’s network. In the fight against ransomware, it is important to keep operating systems and applications patched and up-to-date to minimize vulnerabilities—install proper antivirus software and implement a solution for business continuity to quickly failover in case of a ransomware attack. Focusing on Cyber Resilience It is almost impossible to eliminate these attack vectors completely. As user error is a large component of all these common threat vectors, cybersecurity measures alone are not enough. Implementing a proper cyber resilience strategy to quickly and effectively recover from attacks is the only way to ensure that your business does not become the victim of a cybercrime. Datto’s Unified Continuity solutions can enhance your cyber resilience strategy by providing point-in-time restores to quickly recover and minimize downtime from events like disasters, malicious insiders, and ransomware. Interested in learning more about our Cybersecurity solutions? Give us a call or shoot us a message here: https://boring.com/contact-us/ Source: Nina Novak, Datto Blog
Facts about Cloud Security And How You Can Protect Against Data Loss
As cybercriminals continue to take advantage of the public cloud in their attacks, Sophos commissioned an independent survey of 3,521 IT managers across 26 countries* to reveal the reality of cloud security in 2020. The 2020 cloud security reality The survey provides fresh new insight into the cybersecurity experiences of organizations using the public cloud, including: Almost three-quarters of organizations hosting data or workloads in the public cloud experienced a security incident in the last year. Seventy percent of organizations reported they were hit by malware, ransomware, data theft, account compromise attempts, or cryptojacking in the last year. Data loss/leakage is the number one concern for organizations. Data loss and leakage topped our list as the biggest security concern, with 44% of organizations seeing data loss as one of their top three focus areas. Ninety-six percent of organizations are concerned about their current level of cloud security. Data loss, detection and response, and multi-cloud management top the list of the biggest concerns among organizations. Multi-cloud organizations reported more security incidents in the last 12 months. Seventy-three percent of the organizations surveyed were using two or more public cloud providers and reported more security incidents as those using a single platform. European organizations may have the General Data Protection Regulation (GDPR) to thank for the lowest attack rates of all regions. The GDPR guidelines’ focus on data protection, and well-publicized ransomware attacks have likely led to these lucrative targets becoming harder for cybercriminals to compromise in Europe. Only one in four organizations see lack of staff expertise as a top concern despite the number of cyberattacks reported in the survey. When it comes to hardening security postures in the cloud, the skills needed to create good designs, develop clear use cases, and leverage third-party services for platform tools are crucial but underappreciated. Two-thirds of organizations leave back doors open to attackers. Security gaps in misconfigurations were exploited in 66% of attacks, while 33% of attacks used stolen credentials to get into cloud provider accounts. For the details behind these headlines, and to see how your country stacks up, read The State of Cloud Security 2020 report. Secure the cloud with Sophos However you’re using the public cloud, Sophos can help you keep it secure. Secure all your cloud resources. Get a complete inventory of multi-cloud environments (virtual machines, storage, containers, IAM Users etc.). Reveal insecure deployments, suspicious access, and sudden spikes in cloud spend. Learn more Secure your cloud workloads. Protect virtual machines, the virtual desktops running on those machines from the latest threats, including ransomware, fileless attacks, and server-specific malware. Learn more Protect the network edge. Secure inbound and outbound traffic to your virtual network, virtual desktop environments, and provides secure remote access to private applications running in the cloud. Learn more Protecting your data starts here We work with only the best, enterprise level cloud vendors to ensure your data is always secure and always available. Contact us to find out more. Source: Sophos.com, Rajan Sanhotra
5 Ways To Recognize A Ransomware Attack
Whenever we work with ransomware victims, we spend some time looking back through our telemetry records that span the previous week or two. These records sometimes include behavioral anomalies that (on their own) may not be inherently malicious, but in the context of an attack that has already taken place, could be taken as an early indicator of a threat actor conducting operations on the victim’s network. If we see any of these five indicators, in particular, we jump on them straight away. Any of these found during an investigation is almost certainly an indication that attackers have poked around: to get an idea of what the network looks like, and to learn how they can get the accounts and access they need to launch a ransomware attack. Attackers use legitimate admin tools to set the stage for ransomware attacks. Without knowing what tools administrators normally use on their machines, one could easily overlook this data. In hindsight, these five indicators represent investigative red flags. A network scanner, especially on a server. Attackers typically start by gaining access to one machine where they search for information: is this a Mac or Windows, what’s the domain and company name, what kind of admin rights does the computer have, and more. Next, attackers will want to know what else is on the network and what can they access. The easiest way to determine this is to scan the network. If a network scanner, such as AngryIP or Advanced Port Scanner, is detected, question admin staff. If no one cops to using the scanner, it is time to investigate. A network scanner found among a repository of tools used by Netwalker ransomware Tools for disabling antivirus software. Once attackers have admin rights, they will often try to disable security software using applications created to assist with the forced removal of software, such as Process Hacker, IOBit Uninstaller, GMER, and PC Hunter. These types of commercial tools are legitimate, but in the wrong hands, security teams and admins need to question why they have suddenly appeared. The presence of MimiKatz Any detection of MimiKatz anywhere should be investigated. If no one on an admin team can vouch for using MimiKatz, this is a red flag because it is one of the most commonly used hacking tools for credential theft. Attackers also use Microsoft Process Explorer, included in Windows Sysinternals, a legitimate tool that can dump LSASS.exe from memory, creating a .dmp file. They can then take this to their own environment and use MimiKatz to safely extract user names and passwords on their own test machine. Mimikatz and related PowerShell scripts used to launch it, found among a repository of tools used by the Netwalker ransomware threat actors Patterns of suspicious behavior Any detection happening at the same time every day, or in a repeating pattern is often an indication that something else is going on, even if malicious files have been detected and removed. Security teams should ask “why is it coming back?” Incident responders know it normally means that something else malicious has been occurring that hasn’t (as of yet) been identified. Test attacks Occasionally, attackers deploy small test attacks on a few computers in order to see if the deployment method and ransomware executes successfully, or if security software stops it. If the security tools stop the attack, they change their tactics and try again. This will show their hand, and attackers will know their time is now limited. It is often a matter of hours before a much larger attack is launched. Source: Sophos News, Peter Mackenzie
3 Key Cyberthreats Schools Need To Keep In Mind
With valuable, and often underprotected data, education institutes are prime targets for cyberattackers. On top of regular security challenges faced, the new complexities stemming from COVID-19 are offering cybercriminals tailormade scenario for attacking school networks, and giving education institutes even more security challenges that need to be addressed to keep students and student data safe and secure. Let’s take a closer look at some of the challenges these institutions must address: 1. Phishing scams We’re seeing an uptick in coronavirus phishing scams, and so the chances of phishing emails making their way into the inboxes of teachers, administrators, and students is high. Staff must be provided with comprehensive guidance that allows them to identify such emails. It’s critical to deploy advanced email security that blocks phishing emails, prevents data loss, encrypts email, and offers comprehensive protection against phishing. 2. Shortage of skilled IT security staff This is a challenge not unique to schools, but lack of skilled IT staff particularly leaves a school network susceptible to threats. Schools are shut down to control the spread of the pandemic. At most, there’s a skeletal staff at work, or else everyone is working from home. When this happens, who takes charge of your school’s IT security needs? Schools can find themselves with no one pushing network security, device management, and endpoint security policies. Critical reports identifying risky users, or which offer more information about regulatory compliance might not be leveraged effectively. This can give cybercriminals an opportunity to exploit weaknesses in your cybersecurity infrastructure to infect the network. The answer to this challenge is managed threat response services (MTR). This service offers an expert team to deliver threat hunting, detection, and response services 24/7, so that you don’t have to. You don’t have to worry about spotting suspicious behaviors or whether your cybersecurity configuration is on point because the team manages all security needs for your education institute. 3. Advanced malware attacks As students and teachers spend more time online during coronavirus lockdowns, they are susceptible to inadvertently becoming victims of an account takeover, unintentionally or carelessly sharing their information with cybercriminals. This allows criminals to log in to your school’s network, launch a ransomware attack, and take control of sensitive student data. The solution is to deploy advanced endpoint protection technologies to stop the attack chain and predictively prevent such attacks, features should also include automatic roll back to pre-altered state if files are encrypted. This will help protect data if students or teachers are using school-supplied laptops or tabs. If they are using their own devices to access school resources, it is imperative they install a cybersecurity solution specifically catering to the needs of home users. To maximize their safety, schools must also deploy a next-gen firewall that detects and blocks ransomware at the gateway, and also prevents its lateral movement. Boring can help We protect companies and organizations with proven solutions and services for the full cybersecurity lifecycle. Our offerings include independent consulting for your information security requirements and enterprise solutions for IT risk management and continuous compliance. Some of our services include assessments, policies, prevention, protection and recovery for IT network systems. We are equipped to help businesses make decisions about their IT infrastructure and reduce their exposure as it relates to data protection and cybersecurity. Reach out to us today for a network assessment so our team can assess your vulnerability and discover which services and products will work best for you. Source: Sophos NEWSAuthor: Indrajeet Pradhan
How to handle compromised credentials
You’ve just discovered there are compromised employee credentials or other sensitive data of your company exposed and available on the Dark Web. The reality is, once exposed on the Dark Web, your information cannot ever be completely removed or hidden. You cannot file a complaint or contact a support line to demand your data be removed. Your company should immediately start taking appropriate steps and measures to correct or minimize the risks and potential damages associated with this exposed data. Identify, understand and learn from past mistakes or failures, and adopt a more proactive and preventative approach to your business’ cybersecurity strategies moving forward. Sound the Alarms Important Business Alert Alert all employees, top to bottom, of the compromised data and explain or educate them about the Dark Web. Review individual compromises with critical users. Explain specific threats and risks – both to the business and potentially, the user Establish/update strict password policies and review and share with users. Retire old and exposed passwords Define what a strong password is and implement a password construction policy Make different passwords for each business account mandatory and keep personal ones separate Determine a schedule for routine password changes Change passwords Change passwords for exposed logins – all accounts using the compromised passwords Replace with unique passwords for each account Change/refresh any passwords older than six months Cybersecurity Best Practices to Proactively Protect Your Business Implement Multi-Factor Authentication Even the strongest and most complex passwords won’t protect you if they have been compromised and exposed on the Dark Web. Requiring users to verify who they say they are via two or more unique security factors will virtually eliminate more than half the threats and risks associated with exposed user credentials. Consider Single Sign On (SSO) and Password Management Solution The combined benefits of a Secure SSO and Password Management platform will enable your entire workforce to adapt and thrive in a security-first environment while reducing password frustration and fatigue for users and empowering increased productivity. Ongoing Security Awareness Training for Users Users continue to be the weakest link in security for businesses worldwide. This is often due to genuine ignorance regarding security best practices and a lack of knowledge or awareness of common threats and risks. Establish ongoing security awareness training for all users and turn your weakest link into your strongest security defense. Perform Regular Risk Assessments A comprehensive audit of your business infrastructure and systems will inevitably reveal vulnerabilities and security gaps within your network, applications or on your devices. Performing regular assessments will allow you to stay in the know and enable you to achieve and maintain a more preventative approach to security, often eliminating issues or problems before they arise. Proactively Monitor for Breaches and Cyber Threats Cyber threats continue to increase and evolve, and hardware and software vulnerabilities are discovered regularly, exposing your business to a steady barrage of security risks. To adopt a proactive and preventative approach to cybersecurity, your business must have visibility and insight into both internal and external activities, trends and threats to the network and data. Back Up Everything It is imperative that you ensure your business and customer data is protected and secured against any incident or disaster such as system failure, human error, hackers, ransomware and everything in between. In addition, make sure you explore the importance of accessibility and consider investing in business continuity as part of your backup strategies. Invest in Cyber Insurance Sometimes things do not work out no matter how much effort you put into them. As a business, you must do everything right. However, a hacker only needs a single gap or weak point in your security systems to slip past your defenses like a trojan horse. Every business in operation today needs cyber liability insurance to protect their business when all else fails. Don’t wait until you are the next news headline or statistic. Contact us today to start implementing the comprehensive security solutions your business deserves.
Are your credentials in the Dark Web?
Digital credentials are at risk 39% of adults in the U.S. use the same or very similar passwords for multiple online services, which increases to 47% for adults ages 18-29. Passwords are a twentieth-century solution to a twenty-first century problem. Unfortunately, usernames and passwords are all that stands between your employees and vital online services. A good security practice is to use a completely different password for every service. How are credentials compromised? Phishing – Send emails disguised as legitimate messages. Malvertising – Inject malware into legitimate online advertising networks. Watering Holes – Target a popular social media, corporate intranet. Web Attacks – Scan Internet-facing company assets for vulnerabilities. How does a hacker use credentials? Send spam from compromised email accounts. Deface web properties and host malicious content. Install malware on compromised systems. Compromise other accounts using the same credentials. Exfiltrate sensitive data (data breach) Identity theft Data is sold at auction For those who make credentials available on the Dark Web, the financial rewards can be significant. A criminal dealing in stolen credentials can make tens of thousands of dollars from buyers interested in purchasing them. And by selling those credentials to multiple buyers, organizations that experience a breach of credentials can easily be under digital assault from dozens or even hundreds of attackers. The numbers are staggering The average number of data records per company, including credentials, compromised during a data breach is 28,500! Protecting against compromise While there is always a risk that attackers will compromise a company’s systems through advanced attacks, the fact is that most data breaches exploit common vectors such as known vulnerabilities, unpatched systems and unaware employees. Only through defense in depth – implementing a suite of tools such as security monitoring, data leak prevention, multifactor authentication, improved security awareness and others – can organizations protect their credentials and other digital assets from seeping onto the Dark Web. We keep you out of the Dark Web Small businesses need Dark Web Monitoring for today’s cybersecurity risk. Protect your business and secure your assets. We make Dark Web Monitoring affordable enough for small businesses to take advantage of enterprise-level actionable intelligence. Contact us to learn more about our Dark Web Monitoring services.
5 Common Social Engineering Scams
Social engineering scams have been going on for years and yet, we continue to fall for them every single day. This is due to the overwhelming lack of cybersecurity training available to the employees of organizations big and small. In an effort to spread awareness of this tactic and fight back, here is a quick overview of common social engineering scams. Managed service providers (MSPs) have an opportunity to educate their small and medium business clients to learn to identify these attacks, making avoiding threats like ransomware much easier. Phishing Phishing is a leading form of social engineering attack that is typically delivered in the form of an email, chat, web ad or website that has been designed to impersonate a real system, person, or organization. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing an end user’s sensitive data. A phishing message might come from a bank, the government or a major corporation. The call to actions vary. Some ask the end user to “verify” their login information of an account and include a mocked-up login page complete with logos and branding to look legitimate. Some claim the end user is the “winner” of a grand prize or lottery and request access to a bank account in which to deliver the winnings. Some ask for charitable donations (and provide wiring instructions) after a natural disaster or tragedy. A successful attack often culminates in access to systems and lost data. Organizations of all sizes should consider backing up business-critical data with a business continuity and disaster recovery solution to recover from such situations. Baiting Baiting, similar to phishing, involves offering something enticing to an end user, in exchange for login information or private data. The “bait” comes in many forms, both digital, such as a music or movie download on a peer-to-peer site, and physical, such as a corporate branded flash drive labeled “Executive Salary Summary Q3” that is left out on a desk for an end user to find. Once the bait is downloaded or used, malicious software is delivered directly into the end users system and the hacker is able to get to work. Quid Pro Quo Similar to baiting, quid pro quo involves a hacker requesting the exchange of critical data or login credentials in exchange for a service. For example, an end user might receive a phone call from the hacker who, posed as a technology expert, offers free IT assistance or technology improvements in exchange for login credentials. Another common example is a hacker, posing as a researcher, asks for access to the company’s network as part of an experiment in exchange for $100. If an offer sounds too good to be true, it probably is quid pro quo. Piggybacking Piggybacking, also called tailgating, is when an unauthorized person physically follows an authorized person into a restricted corporate area or system. One tried-and-true method of piggybacking is when a hacker calls out to an employee to hold a door open for them as they’ve forgotten their ID card. Another method involves a person asking an employee to “borrow” his or her laptop for a few minutes, during which the criminal is able to quickly install malicious software. Pretexting Pretexting, the human equivalent of phishing, is when a hacker creates a false sense of trust between themselves and the end user by impersonating a co-worker or a figure of authority well known to an end user in order to gain access to login information. An example of this type of scam is an email to an employee from what appears to be the head of IT support or a chat message from an investigator who claims to be performing a corporate audit. Pretexting is highly effective as it reduces human defenses to phishing by creating the expectation that something is legitimate and safe to interact with. Pretexting emails are particularly successful in gaining access to passwords and business data as impersonators can seem legitimate, so it’s important to have a third-party backup provider. For all employees to be aware of the various forms of social engineering is essential for ensuring corporate cybersecurity. If users know the main characteristics of these attacks, it’s much more likely they can avoid falling for them. Aside from education and awareness, there are other ways to reduce the risk of being hacked. Employees should be instructed not to open emails or click links from unknown sources. Computers should never be shared with anyone, even for a moment. By default, all company desktops, laptops, and mobile devices should automatically lock when left idle for longer than five minutes (or less). Lastly, ensure your business is prepared to quickly recover from this kind of attack in case an employee does fall victim to one of these schemes. Humans are humans after all. By leveraging a solid backup and recovery solution, everyone can rest easy. Source: Datto.com, Courtney Heinbach
Humans And Cybersecurity Practices
Based on a comprehensive survey of 5,000 IT managers across 26 countries, Cybersecurity: The Human Challenge provides brand new insights into the state of cybersecurity skills and resources across the globe. It reveals the realities facing IT teams when it comes to the human-led delivery of cybersecurity, and explores how organizations are responding to the skills challenges they face. The study also exposes unique insights into the relationship between an organization falling victim to ransomware and their day-to-day cybersecurity practices. Key findings IT teams are showing progress in many battles IT teams are on top of patching. Three-quarters of IT teams apply patches to desktops, servers, applications, and internet-facing assets within a week of release. Servers and internet-facing assets are patched most quickly, with 39% of respondents patching them within 24 hours. Prevention is prioritized. On average, IT teams dedicate nearly half their time (45%) to prevention. After that, 30% of time is spent on detection and the remaining 25% is spent on response. IT managers are keeping up to date with cybersecurity. The majority (72%) say that they and their teams are up to date with or ahead of cybersecurity threats. Just 11% think they are significantly behind. Improving cybersecurity requires people – who are in short supply There is an urgent need for human-led threat hunting. Forty-eight percent of respondents have already incorporated human-led threat hunts in their security procedures and a further 48% plan to implement them within a year. The cybersecurity skills shortage is directly implementing protection. Over a quarter (27%) of managers said their ability to find and retain skilled IT security professionals is the single biggest challenge to their ability to deliver IT security, while 54% say it is a major challenge. Organizations are changing the ways they deliver security Improving operational efficiency is a key priority. Four in ten (39%) respondents said that improving operational efficiency and scalability is one of their biggest priorities for the IT team this year. Outsourcing IT security is rising fast. Currently, 65% outsource some or all of their IT security efforts. This is set to rise to 72% by 2022. The percentage of organizations that exclusively uses in-house staffing will drop from 34% to 26%. Ransomware victims display different behaviors and attitudes than those who haven’t been hit Ransomware victims are more exposed to infection from third parties. Twenty-nine percent of organizations hit by ransomware in the last year allow five or more suppliers to connect directly to their network – compared to just 13% for those that weren’t hit. Ransomware damages professional confidence. IT managers whose organizations were hit by ransomware are nearly three times as likely to feel “significantly behind” on cyberthreats than those that weren’t (17% vs. 6%). Being hit accelerates implementation of human-led threat hunting. Forty-three percent of ransomware victims plan to implement human-led hunting within six months, compared to 33% for those that didn’t suffer an attack. Victims have learned the importance of skilled security professionals. More than one-third (35%) of ransomware victims said recruiting and retaining skilled IT security professionals is their single biggest challenge when it comes to cybersecurity, compared to just 19% who hadn’t been hit. Download the full PDF report for more findings, including results for each of the 26 countries surveyed. About the survey Sophos commissioned specialist research house Vanson Bourne to survey 5,000 IT managers during January and February 2020. Sophos had no role in the selection of respondents and all responses were provided anonymously. Respondents came from 26 countries across six continents: Australia, Belgium, Brazil, Canada, China, Colombia, Czech Republic, France, Germany, India, Italy, Japan, Malaysia, Mexico, the Netherlands, Nigeria, the Philippines, Poland, Singapore, South Africa, Spain, Sweden, Turkey, UAE, the UK, and the US. Fifty percent of respondents were from organizations of between 100 and 1,000 employees, and 50% were from organizations of between 1,001 and 5,000 employees. Respondents came from a range of sectors, both public and private. Source: Sophos.com, Sally Adam
5 Easy To Avoid HIPAA Violations
Businesses that operate within the medical industry know all too well how important it is to follow all of the rules and guidelines concerning patient information and data. The penalties for HIPAA violations can be severe, ranging from several thousand dollars up to a million dollars or more. While some HIPAA violations are obvious, others may be easy to miss. In this article, we’ll take a look at five unexpected HIPAA violations that many small businesses do not know to look out for. 1) Data Forms on Your Website Forms on your website that users are able to fill out are a great way to collect data and generate leads. However, form data is typically not encrypted at rest and is also often sent via unencrypted email. If a user enters medical information into one of these forms, it could amount to a HIPAA violation for the website owner. The form doesn’t even have to ask for medical data directly – if a user inputs medical data into a blank textbox on the form the consequences are often the same. 2) Digital Copiers Many business owners are unaware that digital copiers store data. If you don’t take the time to secure your copier and/or wipe its data when you go to sell it, you could leave your business vulnerable to a HIPAA violation. 3) Phishing Emails All it takes is for one employee in your business to fall prey to a phishing email for your entire network to be exposed. While a breach in security resulting from a phishing scam can constitute a HIPAA violation, you can protect against these breaches by keeping your security software updated, making use of firewalls, and using strong passwords that you change frequently. 4) Improper Disposal of Records and Hard Drives Any record – digital or physical – that contains personal health information (PHI) must be wiped clean and/or destroyed before it can be disposed of. If this information is left in a trash can or left in a folder on an employee’s computer, it could fall into the wrong hands, leading to a very serious HIPAA violation. There are companies that provide hard drive destruction services and it is highly recommended you find a local provider and regularly shred your hard drives. They will actually come to your location and shred the drives in your presence and then give you a certificate of destruction. 5) Loss or Theft of Devices If a device containing PHI is lost or stolen, it could result in a stiff HIPAA violation for the business responsible for the device. This means that it is essential to encrypt all devices that store PHI and train your employees to report the loss or theft of their business devices immediately. It’s also important to train your employees not to use unencrypted personal devices for business purposes. Conclusion HIPAA violations can be a major blow for businesses, and they are often times difficult to protect against. If you would like to learn more about how we can help shield your business from HIPAA violations through strong, effective security, we invite you to contact us today. Boring Business Systems is an I.T. Support and Managed Services Provider serving the greater Tampa and Lakeland area. In addition to network support and desktop support, Boring also specializes in cybersecurity and works with many companies that are subject to HIPAA compliance.