Cybersecurity Trends What’s Hot & What’s Cold

COVID-19 has impacted every aspect of our personal and professional lives. When it comes to trends in enterprise security, the pandemic has completely changed the game.

Millions of employees are now accessing corporate networks or cloud-based resources over residential Wi-Fi which results in increased levels of vulnerability. IT employees are often forced to troubleshoot critical infrastructure via remote access, bad actors are wasting no time exploiting vulnerabilities and supply chains are cracking under the pressure.

Here are some of the hot and cold cybersecurity trends for 2022; the scope and sophistication of attacks is only expected to get worse from here on out, so it is important to be prepared.

Hot: The Increasing Threat of Ransomware

Ransomware, a type of malware that holds data for ransom, has been around for years. Recently there has been a resurgence of the type of attacks on businesses globally. These attacks have grown exponentially due to the pandemic due to the massive amount of online growth, and more fully digital remote environments.

The shift to working from home left organizations scrambling to strengthen their cybersecurity. Companies have to deal with employees multitasking both professionally and personally from multiple devices. All in an environment that may or may not be secure. To combat this, organizations need to make sure they educate their employees about the importance of cybersecurity and have protocols in place for all workers to follow.

Hot: The Continuous Upward Trend of Cryptomining/Cryptojacking

Cryptojacking occurs when attackers use ransomware-style phishing attacks to breach an organization. The hacker then uses the organization’s computing power to mine cryptocurrency. Attackers can remain undetected for a long time; no ransom was sought and no personally identifiable information was stolen which can make the attack hard to trace. 

This makes it difficult to quantify the cost of the intrusion. Damages can include lost computer systems capabilities, slower performance and higher electric bills. As cryptocurrencies continue to appreciate in value, there’s more incentive for attackers to commit cryptojacking.

Cold: VPNs Are Phasing Out

Secure remote access is a necessity for remote employees and has exposed the flaws of the traditional VPN. It’s not that secure, complex to manage, doesn’t provide a good user experience and is part of the outdated perimeter model of security.

While VPNs provide security between the remote user and enterprise resources, VPN technology can’t tell if the connecting device is already infected or if someone is using stolen credentials. it doesn’t provide application layer security, and it can’t provide role-based access control once a user connects to the network. The zero trust model, never trust and always verify the user, addresses all these issues. Many enterprises are expected to move to a zero trust model in the near future.

Cold: Passwords To Become A Thing Of The Past

It’s been long known within the industry that passwords are a weak form of security, but there has been a slow move to adopt alternatives. However, amongst big companies and enterprises momentum is growing for passwordless authentication based on biometrics (fingerprints or facial recognition).

It is being recommended that passwords be eliminated wherever possible. Fully passwordless solutions are preferable to two-factor authentication that relies on passwords as one of the factors.

For more information on cybersecurity and the threats that are affecting your business, contact RTC Managed Services today.

5 Misconceptions About Cybersecurity for Startups

Many startups don’t consider security a key priority and are often forced to address it once security is already breached and it is far too late. If your company’s existing IT security program doesn’t meet the expectations of clients or potential business partners, you may lose out on a deal.

If high growth companies don’t take security seriously from day one it will cost them gravely in the long run. Lack of security can result in lost business, and lost trust, making it incredibly hard to recover from. So why do startups often overlook this area of such great importance when it is such a vital part of any growing business?

There are many misconceptions about cybersecurity amongst startups which may explain why it is often overlooked. Below we will discuss these misconceptions and why cybersecurity should be a main priority for any startup business.

Misconception: Cybersecurity Is Only Related To Technology

Cybersecurity includes the tools, tasks, and routine activities each team member does every day to protect the company. It is the responsibility of every team member, from the founder who sets a security-minded tone, to the teams that implement the policies, and even the new employee choosing a password. All of these elements make up your cybersecurity ecosystem.

Misconception: Our App Is Built On The Cloud, So We Are Secure

While the cloud service you use will have its own security systems in place, you need to take ownership of your security and can’t rely on third party policies. Your team is accountable for your company data meaning you need to be responsible for how you use your cloud service, who has access, and what your company policies are around cloud usage.

Misconception: We Don’t Need Much Security, We Can Get By With The Bare Minimum

Hackers will find a way to get in, especially if your security is at the bare minimum. It may not seem desirable to you, but depending on what data your company owns, it could strike the interest of hackers for various reasons. Additionally, if you are trying to scrape by with the bare minimum a regulator may flag you for not being compliant. Be proactive in putting standards in place and adhering to data regulations before anyone comes asking about them.

Misconception: We Can Focus On Security Later

Putting security off until later means your company is vulnerable now. It may seem like your company is too small to be a target, but depending on the value of your company or data you may find yourself surprised. Additionally, as your company grows it could potentially do so exponentially. If you don’t start implementing cyber security infrastructure early, it will also result in a ton of security debt; meaning at some point, you’re going to have to pay for cutting corners. The time to start thinking about security is when you start building the company, so that you can incorporate security into the culture and policies from the very beginning.

Misconception: We Don’t Need A Penetration Test

A penetration test, or pen test, simulates a hack to your system, which can reveal blind spots and vulnerabilities you might be missing. It also allows you to stress test your systems to see if they will hold up against an attack. This is a vital step once your infrastructure has been implemented to determine if areas need to be improved.

Based on this information one can see the importance of implementing a strong IT infrastructure when starting a new business. To have experts handle all aspects of your company’s IT and cybersecurity, contact RTC Managed today to see how we can help.

The 4 Primary Threats To Your Businesses Cybersecurity

Cyberattacks have become increasingly prevalent as technology continues to advance. Organizations of all sizes are at risk from attacks that can originate from a variety of sources. Unfortunately, no business is completely safe from a digital attack.

This increase in cyberattacks is largely due to the value of a businesses data, cyber criminals often attempt to steal this data through calculated cyberattacks. This ongoing trend has led to large corporations being the target of attacks which cause them to temporarily halt operations. This results in major disruption, data loss, revenue loss and damaged infrastructure.

This is why it is so important that businesses take the necessary steps to secure their networks. Below we look at the four biggest cybersecurity threats businesses are currently facing today.

New Technology Exploitation

 Cyberattacks are more likely to occur in new technology as they typically offer more areas for potential exploitation. For example, 5G is a prime target as the technology is still in its early phase of deployment and use.

Due to the quick expansion of the technology throughout the cellular industry, it is not yet advanced to the point where all potential vulnerabilities have been addressed. These vulnerabilities give cybercriminals the opportunity to attack any device on these networks.

Malware Attacks

Malware remains a threat to businesses large and small. It is typically used to steal important data, which can then be utilized in unethical ways which could be detrimental to a business.

These attacks are deployed in many ways which makes combating them difficult to prepare for.

The best way to combat malware is by having up-to-date firewalls and security software on all company devices. Additionally, networks can have security filters that can help prevent unsuspecting users from downloading malware.

Phishing

Similar to malware, phishing has become an unavoidable threat to businesses of all sizes. It is a type of attack that most commonly involves email fraud; frequently sent as an email claiming to be from a source the user would trust.

The email attempts to manipulate the user into divulging important company information and may additionally ask the user to change or verify their password by clicking a link included in the email. The link however is not what it seems, redirecting to a website that installs malicious software on the user’s computer. This results in a data breach and system compromise.

Cloud Jacking

Cloud jacking is the act of a malicious third party accessing an organization’s cloud. When the hacker gets access to the cloud, they can corrupt critical data, spy on corporate conversations, and can potentially seize control of the entire cloud.

Cybercriminals take advantage of this; constructing phishing scams attempting to get employees to download harmful files under the assumption that the contents have been uploaded to the cloud by their organization. This can lead to a variety of negative consequences including loss of data, giving hackers increased access and loss of revenue.

While understanding threats to your organization’s cybersecurity is important, it is more important to have a plan in place. RTC Managed Services can help with all of your companies IT and cybersecurity needs. Contact us today to construct a customized solution for your business.

4 Reasons Why You Should Outsource Your IT Management

There are tasks within the scope of work of your company, such as managing information management systems, that may require outsourcing.

Most businesses can confidently deal with their basic organizational operations. However, as tech advances, your organization may not be able to handle the demands of a modern IT infrastructure.

Your IT department is a critical function of your business and is better left in the hands of experts. Rather than hiring a team yourself, it may be more time and cost efficient to outsource this work to an experienced team. Below we discuss the reasons why you should do so.

Reduced Costs

Most businesses that opt for managed IT support have the advantage of reducing their costs. Paying employees in-house is expensive and the process of finding an experienced team is time consuming.

By outsourcing your IT management, you can minimize your costs compared to managing a whole department in-house. An in-house IT department requires recruitment, training, salaries, and benefits.  The difference is that when you consider outsourced services, you only incur the agreed upon charges.

Expert Advice

 Managed IT service providers have adequate experience. If you are looking to hire an in-house team, finding individuals who have this level of experience can be quite daunting and expensive. Hiring someone at a cheaper price point may result in hiring an inexperienced employee.

Businesses that offer IT services are experts in the field, focusing on this industry day in and day out. This makes it easy for them to advise you on matters related to your IT department. You benefit from invaluable advice from seasoned IT experts, and receive the advantage that you can get technical support on anything related to your systems.

Improved Security

The risk of hacking has increased largely over the last decade. This is a worrying trend considering the high reliance on technology and the importance of data to your business.

A huge advantage to outsourcing is that your organization will enjoy an extra layer of security.  Most security breaches are due to human error from in-house employees. To avoid these risks, you can consider calling in experts to manage your IT infrastructure. These experts will be able to take all the precautions necessary to protect your business from any potential breaches. This will help ensure that your business doesn’t end up being the victim of a cybercrime.

Allows You to Focus on Your Core Business

Managing your day to day business operations is hard enough. The last thing any business needs is the challenge of dealing with technical failures. This can have a grave effect on your staff and derail you from achieving your organizational goals.

Managed IT support takes away the pressure. You can focus on your core business without having to worry about issues regarding your technological infrastructure. Have the peace of mind knowing that experts are monitoring your systems at all times while you focus on meeting your business goals.

If you’re looking to outsource your IT services, contact RTC Managed Services today. Our expert team is ready to help create a customized solution for your business.

Best Cybersecurity Practices for Small Businesses

Cybersecurity is as important for businesses as ever, as our world continues to move forward technologically. No longer is cybersecurity just an issue that large businesses need to consider, small businesses alike should have plans and practices in place to ensure their IT infrastructure remains protected at all times.

Below we have compiled a list of best practices that you can implement in your business to help improve your cybersecurity.

2-Factor Authentication

Anyone can fall victim to a cyberattack or hack which is why it is so important to protect yourself and your company’s data. The simplest way to ensure the wrong person doesn’t get into your accounts is to implement 2-factor authentication. This way, even if your passwords are compromised, a hacker will still hit a brick wall trying to get into your system.

Create Strong Passwords

While constantly changing and updating passwords can be tedious it is definitely a best practice. 63% of data breaches happened due to lost, stolen, or weak passwords. Make sure your employees are updating their passwords at least every 90 days while also using a combination of characters, numbers and symbols to ensure higher levels of security.

Back-Up Company Data and Files

Small businesses are often under the impression that they will not be the target of an attack, however this is not the case. Small businesses should back up their important company data and files in case of disaster or breach. Keeping software up to date with the latest patches and security features is another way to minimize risk.

Secure Wireless Connection

With so many employees working remotely, it is important to educate your employees about the importance of using a secure wireless connection, especially when working with sensitive data. If employees are not working on a secure connection, it can make sensitive information prone to attack.

Educate Your Employees on The Importance of Cybersecurity

It doesn’t matter how great your cybersecurity tools are, if the weakest part of your protection system is your employees. Take some time to make sure that they understand both the threats and the tools in place to protect the organization. Ultimately, you want them to be vigilant in identifying and dealing with risk. The more you communicate with them about why things are being done, the more likely they are to take the measure to ensure that company information stays secure.
If you’re looking to improve your businesses cybersecurity efforts, contact RTC Managed Services today. Let us use our expertise to ensure that your organization stays protected at all times.

THE NEED FOR DEDICATED TECHNICAL SUPPORT

Running a business is never easy.

Even when things are running optimally, you have to keep your eyes to the horizon. You have to be aware of potential disruptions before they arrive so you’re prepared to manage the consequences.

Luckily we have an unprecedented level of technology to aid us, whether it’s the intranet that keeps your employees functioning on the same page, the website that allows customers the ease of accessing your services from any location, or even the smart phone in your pocket that keeps you up-to-date on all of your business’s happenings.

Unfortunately, like with even the best employee, technology can fail us. Servers can crash, websites can go offline and signals can be dropped.

When the worst occurs, a tech issue can grind your thriving business to a halt. Everything you’ve built up no longer functions and your customers find themselves unable to rely on you.

Therein lies the importance of tech support.

THE IMPORTANCE OF DELEGATION

It’s easy to take for granted the access to trouble-shooting videos or tutorials. Any problem you may face is bound to have been encountered by someone else. Spend enough time searching and you can probably find a solution to most issues.

But is this how you want to spend your time?

You hire the right people to fill the necessary positions so that you’re free to run the business as a whole. You can’t be relied to manage every  IT task.

By aligning yourself with the right tech representative, you can have, on staff, contract or retainer, someone with the in-depth knowledge to get your business back up and running in no time.

Possessing the necessary skillset and knowledge that comes from experience, a proper technician can quickly diagnose and repair your problems as soon as they arise.

Better yet: they can prevent them before they even occur.

AN OUNCE OF PREVENTION

We don’t often think of the importance of tech support until it’s too late. Having an expert on-hand is incredibly valuable.

Having an expert manage and maintain your network is even moreso valuable.

The greater the presence your technician can have in running your network, the more they’ll be able to offer in terms of consistency.

Think of it this way:

Going to the hospital when you’re ill helps you get better.

Having a doctor that works alongside you to maintain your ideal lifestyle can help keep you from getting ill altogether.

Your service technician provides that oversight for your network. They are the ones that understand the state of your network and provide you with the pertinent information and recommendations when changes need to be made or adjustments implemented.

NOT ALL TECH SUPPORT IS EQUAL

Most hardware and software you purchase comes with a 1-800 help line. These are in case you run into difficulties; you have immediate access to a product specialist to help you through your issues.

Believe it or not, this isn’t always so easy.

Networks are inherently complex. Every business requires a different combination of machinery, computers and software to accomplish their tasks. This complexity allows for the possibility that the reason Equipment A isn’t working is actually because of Equipment B.

The technician support you on Equipment A doesn’t know your network. The standard trouble-shooting protocols may not work as the issue isn’t a foreseen one.

That’s why you want a dedicated tech representative. Whether an individual or a member of a dedicated team, the value of someone with knowledge of your specific network is beyond measure.

Save yourself the time spent on the phone with someone who lacks the knowledge of your setup. Get yourself an expert that can manage all aspects of your IT infrastructure for you.

FINAL THOUGHTS

It can be intimidating to find someone to run your network. There’s a high level of trust and reliance that can go into the decision to bring on outside support.

But like many things in your life, be it a health care practitioner, a mechanic, a hair stylist or whatever else, there are some tasks better left to the experts.

We’re always available to take your questions or help address your concerns. Feel free to call us or drop us a line and we’ll be happy to get back to you as quickly as possible.

WHY YOUR BUSINESS NEEDS A DEDICATED FIREWALL

Have you ever heard that quote about knowledge being power?

In the information age that is now more true than ever. Any and all data that we share online is of great value to advertisers and marketers in the digital world.

Where do you think Google derives their profits from?

That’s right; it’s their ability to gain access to, analyze, package and sell advertising based on your online habits that has allowed them to grow into the behemoth they’ve become.

This isn’t all at your expense, either. This knowledge allows the internet to become more and more tailored to your specific clicking habits. By participating in the sharing of data, you’re helping developers craft a web-surfing experience that better fits your needs and wants.

However, it’s very important that we know what data is being shared and know how to control what others can access.

The simplest solution? A firewall.

WHAT IS A FIREWALL

The data you willing input and share online can be thought of as traveling through the frontdoor. You’re aware of what’s coming and going and you can easily keep an eye on it.

Of greater concern is what, or whom, may be traveling through the backdoor.

Through gaps in software or insecure links, hackers could have access to your confidential data, your big ticket items and appliances (think of your credit card numbers, bank info) as well as your personal belongings (all your family pictures and videos.)

What a firewall does is lock this data down tight so that only without a key it’s inaccessible to others. That way you don’t have to keep an eye on it but can instead trust that your belongings are safe.

FOUR-ALARM BLAZE

‘That’s easy,’ you might be thinking, ‘I’m already using Windows firewall.’

Great, that’s an excellent first step. Maybe not a lock on the backdoor, but it’s definitely as good as keeping the screen door latched.
The problem with Windows firewall and other firewall software is that they’re located in the operating system, meaning that they don’t protect you until the threat is already at your machine.

Like a screen door keeping flies out, the firewall software lets the intruders get right up against the screen before pushing back. However, as it is permeable, the intruders have the time and opportunity to search about for an entrance or a weakness.

A BETTER MOUSETRAP

At the risk of mixing too many metaphors here, an external firewall is a dedicated piece of hardware dedicated to the sole function of preventing the unwanted transfer of data.

Sitting between your server and your internet connection, you have control over what passes each way before the server is even reached.

Like a lock on a door, once it’s set you can trust in your security.

RISK VS. COST

Is it worth the cost to purchase dedicated security hardware?

Consider this: IBM conducted a report last year stating the average cost of a security breach is up to $3.79 million dollars.

Think of that.

Now, sure, maybe you’re not an IBM-sized company, but with automation becoming commonplace, hackers simply need to write bots that can chip away at any-sized business’ security 24 hours a day, seven days a week.

Could you handle a loss of even 1/10th that average? That’s still almost $400,000US.

Even if you could, would you want to?

You certainly don’t have to.

STAY SAFE

At RTC Managed Services we deal primarily with Dell SonicWall. We’re happy to recommend that without reservation but there are many other firewalls that will meet your needs.

Get one and use it. Be assured of your safety.

Like always, if you have any questions or concerns, we’re always here to assist you.

How the Coming Changes to Facebook Will Affect Your Business

Remember life before Facebook?

It was a simpler time: children played outdoors, Volkswagen diesel products were clean and democratic election’s went without interference.

More or less.

Today Facebook has become such a cornerstone of our day-to-day life that it’s almost impossible to imagine what life would look like without it.

For many if us it has replaced community centers, churches, even the water-cooler as the go-to place to interact with our family and friends.

But with one major difference: Facebook is a for-profit business.

That means that Facebook is constantly evaluating their return-on-investment, making changes to help their bottom-line.

This has been…problematic to say the least.

WHERE THE MONEY COMES FROM

Like their contemporaries at Google, Facebook generates their revenue from advertising. Their success at selling advertising is tied directly to the amount of their users personal information they can provide to advertisers.

Every time you ‘like’ something, every interaction you have, every form you fill-out, you’re providing valuable psycho-demographic data that advertisers pay good money to benefit from.

This allows for advertising that’s incredibly well targeted, focusing on users based on demographics, interests, even location.

Why’s this a problem? Well…

But if even something as monolithic as Britain’s National Health Service can be vulnerable, what chance do we have to be protect ourselves.
The answer there is complexity.

It turns out that not only brands can use that information to target their message.

Foreign agents with a political agenda saw an opportunity to create a massive disruption in the 2016 US federal election.

Having access to the political views of millions of American Facebook users allowed these agents (we’re not going to say it was the Russians, but it was totally the Russians) to propagate targeted messages that spread disinformation and undercut the veracity of established media.

Facebook tried to downplay their culpability, before admitting their role.

So what next?

CHANGE IS COMING

Well, yeah, but change is always occurring.

In 2016 Facebook made a dramatic change to their algorithm that saw the devaluing of ‘likes’, the prioritization of video content and an increase in sponsored posts.

The changes coming this year promise to be even more disruptive.

Facebook has yet to announce what these changes will look like, but have indicated what direction they’re planning on going.

And, from what we can see, they won’t favor small businesses.

FAMILY, FRIENDS. AND SPONSORS

The underlying philosophy guiding these coming changes is that Facebook wants to create more user-to-user interactions. They want to create an environment that encourages users posting more valuable content for other users.

User content that creates interactions will then have more value and, therefore, be more likely to be in your timeline.

Expect to see more links showing who you’re friends follow. This will likely be expanded to show their interactions as a way of encouraging user participation.

Posts from businesses, brands and publishers, on the other hand, will be less valued. You can expect to see less of these.

Unless, of course, they’re paying.

PAY TO PLAY

While Facebook does want change, they also want to protect their profit. Therefore, advertisers will continue to have a shortcut into your timeline. This will allow larger brands to pay for their influence, while smaller businesses and not-for-profits, lacking the spending power, will find their presence drastically reduced.

The ability to directly interact with customers will be directly affected by the ability to get in front of the customers. Less presence means less interactions means less presence.

WHAT NEXT?

On the surface it seems that this will create more of an echo chamber, not less.

As interactions beget interactions, influencers and sponsors will be prioritized, creating more visibility and occupying more newsfeed real-estate.

It can be assumed, however, that as Facebook is currently under a microscope in regards to their influence, they will continue to tweak and adjust their algorithm as these changes are put into practice.

HOW SMALL BUSINESSES CAN SURVIVE THESE CHANGES TO FACEBOOK

First of all, diversify your marketing tactics.

Depending on one on-line platform for your reach puts you at the mercy of other’s decisions.

The second thing to do is make sure you’re posting valuable content. If you can create posts that your followers will engage with, you have a way into the newsfeed.

As well, engage with others. Don’t wait for them to come to you, but go out and find your customers and interact with them.

If interactions are to be the currency going forward, invest in them. Make engagement your goal and create value with everything you post.

Your likelihood of maintaining presence after these changes have been made will depend entirely on maintaining interactions with your customers.

Which may not be a bad thing.

As always, if you have any questions or concerns, let us know. We’re always here to help.

Reasons Why Your Business Needs A Disaster Recovery Plan

You wouldn’t buy a car or a house without buying insurance, so why run a business without a disaster recovery plan?

Disaster recovery is crucial for all business in the technological age; without it you open yourself up to the potential of catastrophic data loss. While data loss can be detrimental to your business, there are many reasons why disaster recovery should be an essential part of your business’s IT strategy.

Below we have outlined a few of these reasons:

Unexpected Threats

Threats to the data of your business can range from natural disasters to human error, to cyber criminals and more. Ransomware is considered a top cyber threat and poses grave issues to IT systems. Preventative measures are always best, but can only go so far when a disaster actually strikes. Your business should have a plan in place to get systems back online quickly in the event of a disaster to mitigate these unexpected threats.

The Cost of Downtime

Downtime can hit any business, at any time, for a multitude of reasons. This can lead to lost revenue, damaged reputation, loss of customers and more. The longer you are offline, the more damage your company will experience. Having a disaster recovery plan helps businesses get back online quickly, while reducing the overall impact of the downtime. A good disaster recovery plan will be specific to your needs, efficiently getting the business back up and running.

Data Security

For many businesses, the data they generate, collect and store is the lifeblood of their business. This means that the protection of this data needs to be a top priority. Having a disaster recovery plan in place helps businesses avoid catastrophic data loss. By having strict outlined action steps for the backup and recovery of data, a disaster recovery plan ensures that your data is safe and secure.

The Bottom Line

As much as we try to prepare and prevent the worst from happening, there are things that will always remain out of our control. The best course of action is to have a plan in place to reduce the impact of an unexpected disaster on your business.

RTC Managed Services helps your business stay prepared, making sure you experience little to no impact when it comes to a disaster. With years of experience in the industry, we work with small and medium sized businesses to create customized solutions tailored to your organization. Contact our team of experts today to learn more.