Bad guys have reached an all-time low and we see a quadrupling of deliberate targets and people in QC organizations. We now strongly recommend all our customers use a form of end-user training – we use and support KnowBe4, which we see allows employees to recognize baddies and reduce mistakes in opening “bad” from 30% to 2% over 12 months. In today’s world, all users need to have some basic automatic patch updating, antivirus, antispam, and security training. Beyond basic products, we use further automation and protect earlier and faster. This next generation of tools is called EDR– Endpoint Detection and Response – and has more power to protect beyond the manual detect, report, and repair in basic prevention in cyberattacks. We’ll help you with this. Keep in mind:
90% of ransomware attacks start with e-mail. Besides automated tools, how can we all help reduce the risk of a cyber- event?
It starts with you:
Stop and Think – does this make any sense when you receive an email?
- Do I know a person with this name?
- Does my KnowBe4/security training tell me to hover over the links so I can see that they are fake?
- Should I call my help desk and see if I should open this?
- Is this a really good fake, where “Amazon is misspelled by one letter?
- If I google it, does the company and employee even exist? Is there a phone number? Who answers?
Either hit the delete key, trash the message, or pick up the phone and call the “sender”, or call your TSTS Operations Support Help Desk.
Here are some additional notes and background for those that want to know more.
Beth Tinsman, CEO, and President, Twin State Tech
Education and Training
We and many of our customers have invested in Security Awareness Training with KnowBe4. We have taken the raw KnowBe4 program, created a custom curriculum, and run simulated phishing tests on a weekly basis. The results of the training continue to trend downwards, meaning we see less and less clicks on the simulated phishing e-mails. Education works and is one of the most important tools at our disposal.
It is now ever-important to remain vigilant and question even the smallest e-mail that seems off – Pay close attention to who e-mails are coming from – Think twice before clicking a link or opening an attachment in your e-mail
Many of you have migrated to Microsoft 365; you each had to also configure a second layer of authentication to be able to access your e-mail account and receive e-mail. Multi-Factor Authentication, or MFA, is used to mitigate password compromise as a code is required after entering a username and password.
If there is ever a time that you receive a prompt on your mobile device and you did not intentionally request it, call Tech immediately.
Viruses can be prevented and detected by proactive security. Here’s how we accomplish that and keep our data safe.
Antivirus | Endpoint Protection
All computers we support in best practices have antivirus and patch management deployed, and they all report back to a central management center that is monitored by TSTS. Antivirus scans run automatically on the devices at a scheduled interval. We know how important it is to have active antivirus, but so is application patching. General updates and security updates are pushed out and applied monthly to Windows 10 along with 3rd party applications, such as Adobe Reader. Applying these updates prevents workstations from missing important patches for vulnerabilities.
Endpoint protection is a critical component in preventing and identifying malicious software attacks. We only use the best-in-class threat protection.
Another important tool at our disposal is top-of-the-line backup software. We are obsessive about backups, as they are the only recovery vehicle if an organization is compromised. You’ve heard us focus on national standards 3-2-1 backups, meaning 3 copies of information, using 2 different methods, with 1 offsite. We also test our backups by running simulated restores on a regular basis.
While education, training, MFA, and endpoint protection are some of the ways we continue to have a proactive approach to network security, the responsibility of awareness relies on all of us as end users. We will continue to strengthen our security position, but, for now, it is so important for all of us to stay vigilant.
Do’s and Don’ts
- Do not share your password.
- Do use a strong password. It should not include your name, business, etc. It should be complex in that it includes a number or symbol.
- Do not use the same password over and over for different accounts. This is what the baddies count on, and will try a password compromised in one place on all your work and financial portals if they can figure that out from LinkedIn or other methods.
- Do question any email that seems off or out of the norm.
- Do not be afraid to contact Tech if you think you may clicked a link or entered your password when you shouldn’t have.
Tags: cyberattack, cybersecurity, EDR, hacking, security