Top 5 ways to prepare for a ransomware attack

Ransomware attack!
A top cybersecurity threat for businesses today is ransomware – a type of malicious software designed to block access to a computer system until a sum of money is paid. In fact, 12 Connecticut state agencies were just attacked with ransomware, with 160 computers affected. Luckily, the attack was thwarted by the state’s excellent multi-layered cybersecurity strategy.

Your business needs to be prepared too. And just like the state of CT, the multi-layered approach is the best way to do it.

Here are the top 5 ways to prepare for a ransomware attack: Read more

How to get your business ready for the future of IT (part 2)

In our first digital transformation post, we talked about the basics of digital transformation…what it means, how you prepare for it and the importance of a strong and secure infrastructure. If you missed that article, click here to read it.

In this post, we’ll talk about how the role of IT in business has changed over time and how your business approach can change along with it.

The IT Management Pyramid

The pyramid below describes the efficacy of your IT strategy as it improves and develops on the way to Digital Transformation. The goal is to move up the pyramid! The idea is to be continually thinking about how you use IT, the role of IT in business strategy, and where your IT is focused. Each tier of the pyramid is explained more fully below, along with the limitations and benefits of each stage as your business develops its IT strategy. Read more

NIST compliance: it’s just good cybersecurity practice

NIST compliance

We all know that cybersecurity risks are not going away. The truth is, they’re only getting worse. Cyber-criminality is an industry, with a lot of money to be made. And as we’ve seen from the news about security breaches lately, they’ll take just about anything they can get their hands on!

The government has a plan!

Hmm…that sounds a little scarier than it is and not completely accurate. The National Institute of Standards and Technology (NIST) is a government agency responsible for maintaining cybersecurity standards for all government agencies. As you may know, they have created a set of standards for non-governmental organizations that handle Controlled Unclassified Information (CUI), NIST 800-171. They’ve created the standards, now you have to create the plan.

What is NIST compliance?

Read more

Security flaws Spectre and Meltdown – what you need to know!

As you may have already heard in mainstream publications or on social media, computer researchers have recently found security flaws in the CPUs of most modern computers. These flaws, known by the names Spectre and Meltdown, are the results of design flaws in the hardware which is found in PCs, Apple, networking equipment and more. These flaws have actually been there for years, but until recently were both unknown and unexploited. This security issue affects almost every computer, server, and personal device. The hardware bug allows malicious programs to steal data that is being processed in your computer’s memory, making password managers, emails, messaging, documents, photos and more, vulnerable.  Read more

IT Direct Superheroes

A standalone IT person can only do so much. While they are keeping you up and running, who is ensuring that IT is giving you a competitive advantage?

Your IT needs to not only work, it needs to keep you efficient and productive, safe and secure, and ready for the future of your business.

Our IT Superheroes make sure your technology leads you into the future!

Please contact us or give us a call at 860-249-1200 to learn what our superheroes can do for you.

digital network security illustration

What is a Network Security Audit?

How secure is your company’s network? If it doesn’t have robust security settings, you could lose important data. A data loss could impact your business in a very negative way. The best way to ensure that your company’s network is in good shape is to perform a network security audit.

A network security audit goes through all aspects of your information technology systems, measuring how well each piece conforms to the standards you have set. By doing a network security audit, it will be easy for you to see where parts of your system are not as safe as they could be. It’s an ideal way to learn where you should focus to ensure security.

What Should a Network Security Audit Cover?

Your network security audit should look at your physical system set-up, including the hardware itself, and it should examine software, apps, and other programming in place. It should also consider the way users access the system. This check covers any entry points into your system.

There are many specific things you can look at within these categories.

For instance, one aspect you could start with is user accounts. Any business that has given access to users has introduced a potential security risk. Your network security audit should ensure that users understand best practices for accessing the network, including how to protect themselves from threats. This includes making sure that regular users have different permissions than administrators. Other users also need authorization to perform more actions on the system. Remove any users that are no longer with the company, or no longer authorized in a certain role.

Your audit can cover policies such as password requirements, if and how users can use their own devices on the network, privacy rules, and more. Make sure that your systems conform to the policies you have set out, and fix any conflicts that arise.

On the hardware side of things, you will want to ensure that physical hardware is in warranty, that operating systems are current, and that your server is working well. This is a good time to make sure that you have system backups, including backup power options if this is an important part of your security plan.

See that your networks are configured appropriately, that antivirus measures are in place, and that encryption and firewall protection is set up to keep unwanted activity out. Include email systems in your network security audit. Security failures are frequently traced back to emails.

As you can see, a lot goes into a network security audit. The factors mentioned above are only the start. Your audit plan could look very different depending on your business and your needs.

The most important thing is to ensure that you schedule regular audits and take action if you uncover problems. A vulnerable network is a significant risk to your company, your clients, and your reputation. It is worth the time and effort to check in and keep your network security in good shape on a regular basis. We completely understand this here at IT Direct. Contact us today to get started on that audit!