Tag Archive: southwest

  1. Password Management & Cybersecurity

    Comments Off on Password Management & Cybersecurity

    Cybersecurity information is readily available and widely circulated today. So have online hacking incidents decreased substantially? Not exactly. Hackers are still targeting personal credentials because they’re a slam dunk way to gain access to private information. According to Verizon’s 2019 Data Breach Investigations Report, stolen credentials account for 29% of all breaches, with 80% of hacking breaches traced back to weak or stolen passwords.

    We’ve talked at length about email security and the risks of password compromise under the Business Tech topics on our blog. Today, we’d like to give you concrete, actionable steps to protect your email privacy.

    Best Practices for Your Email Security

    Email has become so commonplace that individuals are often desensitized to how much delicate information they may contain. Leaving email accounts unprotected on multiple devices is like leaving your front door open. If you think of your email as your home and envision it in the worst possible neighborhood, you’d use a lock. In fact, you’d probably use several locks and an alarm system. That’s precisely how you should approach email security.

    Here are some best practices for you to mandate for your entire team:

    • Make Unique Passwords Mandatory. A common mistake is that people are using the same password across multiple accounts. If you use the same password for your private email as you do for your work email and other accounts, the hackers only have to compromise one account to have access to all of them.
    • Passwords Should Be Complex. Using personal information or simplistic passwords is another common mistake. You need to stay away from using words or information that can be guessed by knowing you or following you on social media. Ideally, passwords should appear to be a random sequence of numbers, letters, and symbols.
    • Turn Off Auto-Fill. Auto-fill seems like a godsend. It eliminates a lot of time filling out information repeatedly. But it also means that all of that information is stored where malicious actors can get it. There are even phishing attacks targeting this exact technology. Remember, the things that save us time are often the biggest holes in security.
    • Use a Business Password Manager. Keeping passwords written down can be dangerous, but if you’re following best practices, you’ll have a lot of hard to guess passwords to keep track of. Using a good password manager app can help you maintain the highest level of security in choosing passwords and making them safe.
    • Never Leave Devices Unprotected. You should need to use your password every time you check your email on every device. The same goes for other accounts.

    Looking for Expert IT in the Southwest to Manage Your Cyber Security?

    If you’re concerned about cybersecurity, contact Integrated Axis today. Our experienced technicians can assess your process, help you find the best software solutions, and develop a reliable protocol to make sure best practices are followed to protect your company’s privacy.

  2. Business Tech | The Risks of Email Compromise

    Comments Off on Business Tech | The Risks of Email Compromise

    We’ve talked at length before about email security in the business world, but this issue cannot be understated. According to AIG (one of the insurance companies that cover business losses due to cyber risks), the largest threat for businesses today are email breaches. Compromised emails cause more overall damage than ransomware and even data breaches by hackers. Why are scammers hitting business email accounts so hard? If you understand the possible motives for email compromise, you’re more likely to take the proper precautions on all communication avenues. 

    Email Compromise Motives

    Most business professionals are well versed in phishing schemes and outright hacking. The motive is to gain access to sensitive data. The email compromises we see work a little differently. Often these scams aren’t about getting data or launching a ransomware attack (though those types of attacks still happen and you should have security protocol in place for those, as well). Often, email compromise is about a one-time theft of money. In some cases, the scammer may come back for payment more than once, if they’re sure that the target isn’t already aware of the scam.

    In these attacks, the scammers have inside knowledge about the target. They may have gained access to email accounts, which means that they can read through all sent and received emails to gain a picture of current projects, vendors, and colleagues that the target deals with routinely. The email account that they’ve compromised is also not necessarily the one they target to send fraudulent requests to. That’s what makes this type of scam so hard to identify and guard against. If you’ve followed all best practices and are confident your own account is secure, you might be less wary about the emails you receive from trusted sources — like your boss or vendor.

    Be Aware

    Take this, for example: a hacker compromises the email account of someone in your company. They’ve read through and figured out which vendors are being used for current projects. They can also do some research online to find all the players in your company. Then they would go about setting up fake email and payment accounts. Once they have all of that in place, they might send you a fraudulent invoice with payment details. Or they might send an email that appears to be from your superior or even the head of the company, instructing you to send payment to a vendor. The payment, of course, would go to the hackers. These scams often look authentic and use proper English. There’s very little to differentiate them from legitimate correspondence. And major companies with excellent security protocols have still fallen prey to these types of attacks. The best approach is to not pay for anything that you didn’t have scheduled, at least not without verifying the request directly.

    Integrated Axis | Your Cyber Security Expert in the Southwest

    If you’re looking for a company to build your strategy for email security in the Tucson and Phoenix area, contact Integrated Axis today. Our experienced staff can assess your process and deliver the exact IT services you need.