5 Tips to Make your Passwords More Secure
An organization’s infrastructure is only as secure as the passwords protecting it. Poor password practices make it easy for hackers to access sensitive information, which is especially damaging in the case of financial data. Strong, unique passwords are essential for any account, so most organizations have established guidelines for creating passwords. These guidelines should generally focus on making passwords easy to remember but hard to guess. The following five tips will help make your passwords more secure.
3 Digital Trends to Keep in Mind in 2021
As a business professional, it is helpful to learn about current trends that can affect your company. Here are three digital trends to keep in mind in 2021.
AIR-FI – The New WiFi Hacking Method
The ubiquitous nature of Wi-Fi has certainly made our lives easier and more convenient in a lot of ways, it's also undoubtedly made them more dangerous, too - particularly when it comes to our privacy.
How to Avoid Being Scammed While Shopping Online
Online shopping is becoming more popular — and so, too, are fraudulent websites designed to scam shoppers. Learn about the precautions you can take to avoid becoming the next victim.
3 Positive Business Takeaways in 2020
Although 2020 has been filled with many unfortunate events like the coronavirus pandemic, there have been some positive business developments. Here are three of them.
This Microsoft Office Feature is a Time-Saver
If you work with a lot of information, there are times when you need to copy information from one file to another. Microsoft Office is a suite of productivity tools that help you perform tasks like creating documents, entering data into spreadsheets, or designing databases. Sometimes you find it necessary to copy and paste material from one tool to another. The Microsoft Office Clipboard feature saves you time by eliminating the tediousness of constantly switching between one application to another.Read more
4 Reasons Why You Shouldn't Click "Unsubscribe" Links in Emails
Using "Unsubscribe" links might seem like a good way to prevent junk emails from cluttering your inbox but doing so is risky. Here are four reasons why you should avoid clicking "Unsubscribe" links in emails.Read more
WordPress Sites at Risk from Critical Flaw
WordPress sites running the File Manager plugin are being hounded by hackers, thanks to a critical vulnerability found in some of the plugin versions. Find out what makes this vulnerability so attractive to cybercriminals and how to get rid of it.Read more
3 Basic Security Blunders That Many SMBs Are Still Making
Many small and mid-sized businesses (SMBs) are still making some basic mistakes when it comes to securing their organizations. Here are three of them.
In the past decade, the number of known malware programs has risen from 65 million to 1.1 billion. The ways in which cybercriminals deploy the malware have also increased in number and sophistication.
While advanced security technologies are available to defend against these cyberthreats, many can be thwarted with basic security practices. However, research is showing that many small and mid-sized businesses (SMBs) are still making some basic mistakes when it comes to securing their organizations. Here are three of them:
- Believing That It Won’t Happen Them
Many SMB owners have a false sense of security when it comes to cyberattacks. Nearly 60% of them believe that their companies won’t be targeted by cybercriminals, according to a 2020 BullGuard study. They often think that their business is too small to be of interest to cybercriminals. This “it won’t happen to me” mindset can get small businesses into big trouble.
Although large companies typically have more money and more data to steal, they also have more security solutions and in-house IT administrators to guard those assets. Most SMBs do not even have an IT administrator on staff. The BullGuard study found that 65% of SMBs manage their cybersecurity efforts in-house, but less than 10% have a dedicated IT staff member. As a result, they are typically easy targets. Plus, there are far more SMBs to attack than large companies.
Rather than spending a lot of time and effort going after the large fruit at the top, hackers often target the smaller, low-hanging fruit because it is plentiful and easier to pick. For proof, all SMBs need to do is look to the past. In 2019, 76% of the SMBs in the United States reported being attacked, according to the Ponemon Institute’s “2019 Global State of Cybersecurity in Small and Medium-Sized Businesses” report.
- Having Bad Password Habits
Every year researchers analyze millions of passwords that have been exposed through data breaches and leaks in order to show people the types of passwords not to use — and every year weak passwords like “123456”, “password”, and “qwerty” keep topping those lists. It would take a cybercriminal only one second to crack each of these passwords using a brute-force password-cracking tool, which is why using weak passwords is so risky.
Reusing passwords is also dangerous. Hackers know people frequently reuse passwords, so they try compromised passwords on multiple accounts using credential stuffing and other types of attacks. Despite this danger, more than 99% of people reuse their passwords, either across work accounts or between work and personal accounts, according to a 2020 Balbix study. On average, every password is shared across 2.7 accounts.
While having easy-to-crack passwords for user accounts is bad, a much worse situation is having service account credentials that are easy to hack. Cybercriminals like to hack service accounts because they can easily elevate the accounts’ privileges and gain access to sensitive data. Much to their delight, hackers often find that companies haven’t changed the default passwords for their service accounts, according to the “Black Hat 2019 Hacker Survey Report“. While a few vendors design their software or hardware to create a unique default password when it is installed by a customer, most vendors simply use the same default password (e.g., “admin”, “password”, “guest”) for every installation. Although vendors typically recommend that customers change the default password before using the software or hardware in business operations, many SMBs fail to do so. This makes it easy for cybercriminals to hack into those service accounts, as the default passwords used by vendors are easy to find on the Internet.
Furthermore, changing a service account password is not a one-time event. It needs to be changed periodically. However, even some security pros fail to do so. The Black Hat report revealed that 36% of them don’t follow this practice. If the pros fail to regularly change their service account passwords, odds are that most SMBs won’t either.
- Not Adequately Securing Mobile Devices
In 2019, more than 60% percent of employees at SMBs used smartphones for work, according to an IDC survey. This percentage is now likely higher due to more employees working from home because of the Coronavirus Disease 2019 (COVID-19) pandemic.
Using smartphones and other mobile devices is popular in SMBs for good reason. With mobile devices, employees can access business apps and systems at any time from almost anywhere, which is key to their productivity and the SMBs’ profitability, according to Verizon’s “Mobile Security Index 2020: SMB Spotlight” report. Thanks to both mobile and cloud technologies, SMBs are better able to compete with larger companies.
However, the mobile technologies that are helping SMBs become more competitive could also cause them harm. Mobile devices are often the target of phishing, ransomware, and other types of attacks. The SMBs that participated in the Verizon study said they are aware of these threats, with 81% indicating that the risk to their business is moderate to significant. Yet, many of these SMBs are not implementing basic security measures such as changing all default passwords (done by only 41% of the SMBs) and restricting access to company data on a “need to know” basis (done by only 50% of the SMBs). Equally troublesome is that 66% of the study participants said they have personally used public Wi-Fi for work tasks, even though 25% said it is explicitly prohibited by company policy.
Given the lax security, it is not surprising that more than a quarter of the SMBs admitted they suffered a security compromise involving a mobile device in 2019. And if they do not take steps to better secure their mobile devices, they could significantly damage their reputation and bottom line, according to the report.
wocintech (microsoft) – 44 flickr photo by wocintechchat.com shared under a Creative Commons (BY) license
What You Need to Know about the Zero Trust Model
Network infrastructures are getting more complex and thus harder to secure with traditional network security tools. Fortunately, there's a viable alternative: the zero trust model. Here is what you need to know about this model.Read more