by Felicien | Dec 16, 2019 | Education
Prevent Hackers from Stealing Your VoiP and Costing You Money
Best ways to prevent your business from losing money because of hackers stealing your VoIP service.
In 2017, telecom fraud amounted to $29.2 billion in losses to organizations and carriers, according to No Jitter. One form of telecom fraud is theft of service, which is obtaining service through an individual or company without payment. VoIP is much more prone to theft of service than traditional telephony services. Service can be stolen through hackers stealing user names, passwords, and other account information. Hackers also can introduce malware into the system to more easily enable theft. Unfortunately, the Federal Communications Commission has not issued any regulations on VoIP fraud, which means that businesses are still liable for any hacked calls. Fortunately, businesses can take some precautions to prevent theft.
Protect Passwords
When businesses buy a new phone, they should always change the password from the factory settings. Some phones use different passwords for the phone interface and web interface. In this case, unique passwords should be used for each interface. Passwords should be made secure by changing them every six months and requiring at least 12 characters including upper and lower case letters, symbols and numbers. Businesses also should regularly update the admin portal password for the VoIP provider.
Limit Physical Access
VoiP phones and other instruments should be kept in a locked space to prevent unauthorized access. The environment of the space should be maintained within the limits set by the equipment manufacturer. Secure access panels to the air conditioning and power.
Build Security in Layers
To prevent attacks and service theft, an organization should plan its VoIP system as carefully as it does its data network. One way is to plan security in layers.
The first layer of security is preventing intrusions on the network. To secure the network, use VoIP-aware firewalls and shut down ports at any sign of malicious behavior, according to Tech Target.
The second layer of security is phone authentication. The phone will not be authorized to the network or to the IP PBX unless a mutual certificate exchange or a certificate and dongle architecture have authenticated it, according to Tech Target.
The third layer involves encryption or authentication between the media and various channels. This means media gateways, ALGs, firewalls and NAT devices, and SBCs, according to Tech Target.
Finally, the fourth layer is user authentication. Only users authenticated via a user name and password or token device or mutual swap should be allowed to make or receive phone calls, according to Tech Target.
Disable International Calling
Most hackers go after the more expensive international phone numbers. Businesses that don’t need to regularly make international calls can disable international calling, using an international calling card when necessary. If regular international calling is required, businesses should carefully check invoices to be sure all calls made are legitimate.
by Felicien | Dec 14, 2019 | Education
BEC Scam Helps Hackers Steal Over $46M from Company
How fast could your company lose $46M? BEC Scams do it in minutes. Find out how criminals hack CEO emails to earn themselves a huge payday at your expense.
Sometimes criminals hide in the shadows and sometimes they hide behind technology, waiting, ready to strike at the most vulnerable. You know this, so you’ve invested in employee education. Employees are aware of common cybersecurity threats and email scams. But the BEC scam turns everything on its head.
It does so by hijacking the CEO’s most important business communication tool, email.
What Is a BEC Scam?
A cybersecurity-aware employee would always check to see where an email is coming from if that email asks them to do something like send millions to a strange account. But what if that email looks like it comes from you?
A Business Email Compromise (BEC) scam is conducted via your CEO’s own business email account. The hackers monitor your email for days or months undetected before sending an email from you to one or more of your employees, asking them to do something like:
Wire money from the company accounts
Share their login to company programs
If an employee got an email from you, would they question it? In a modern workplace, you’ve built a team around you who would ask “why”. But what if the person receiving the email is not in your trusted circle?
Scammers often target those who report to them, and don’t know you as well, instead.
Hackers take it a step further. They use automation tools found on your email account to instantly identify and delete any emails questioning your instructions or warning you that you’ve been hacked.
Real World BEC Attacks
This attack isn’t uncommon and the results are costly. Here are just a few medium-sized businesses that paid the price.
Xoom Corporation – BEC scammers emailed an employee from the CEO’s account and convinced them to wire $30M to a business overseas under the disguise of a business deal
Scoular Corporation – Employees wired an undisclosed amount to China for a fake acquisition deal. The email said, “We need the company to be funded properly and to show sufficient strength to the Chinese… I will not forget your professionalism in this deal, and I will show you my appreciation very shortly.”
Ubiquiti Networks – This San Jose company’s employee wired $46M at the “CEO’s” instruction. They were only able to recover $8M.
How to Protect Your Company from BEC Cybersecurity Threats
First of all, know that the CEO may not be the only target. It could be the CFO, CMO or even middle management.
They often attack companies using Office 365, which is relatively easy to breach if extra precautions aren’t taken. They gain access to your email via simple tricks like getting you to share your password on a spoofed 365 website.
Deploy education and technology to both prevent someone hacking a CEO email and to quickly identify when you or someone in the company has been compromised. This might include:
Powerful spam filters
Monitoring software
Malware protection and firewall
Security awareness training
Other customized solutions to maximize security
Above all, stay informed. Follow our blog to learn more about keeping your company safe from very real and sneaky cybersecurity threats like these.
by Felicien | Dec 7, 2019 | Education
Learn how the advent of the Internet of Things has improved device connectivity and enabled businesses like yours to delivery consumer-driven solutions.
The Internet of Things (IoT) was first conceptualized in 1982 through the internet connection of a Coke machine at Carnegie-Mellon University which was able to report inventory levels and the temperature of vended sodas. From this beginning 37 years ago, IoT has led to greater connectivity between all types of devices for the purpose of providing and sharing data. What would have been unimaginable 50 years ago in our parent’s and grandparent’s time has been realized today as televisions, refrigerators, telephones, and other types of consumer electronics have been enabled to talk to one another.
IoT has also helped businesses like yours learn a lot about your customers. The way in which consumers interact with IoT-enabled devices provides businesses with valuable data which can be used to transform products and services and solidify customer loyalty. This leads to the development of additional products, increasing the things-to people ratio, which is the amount of consumer products owned per person. As the things-to-people ratio continues to grow, businesses have seen the development of smart homes, smart phones, autonomous vehicles, etc., as well as an increase in the generation of data which enables machine learning and greater human-to-computer interactions.
This white paper is an exploration of the advances in IoT and how it is moving greater automation of connectivity. This automated connectivity is critical as the number of IoT devices grows, warranting cost effective ways to remove the complexity of these connections. Businesses understanding the importance of managing the connectivity of their IoT devices will be best positioned to gain market share.
What is the Internet of Things (IoT)?
A simple definition of Internet of Things is the ability of all things, people, machines, objects, etc. to transfer data between each other over a network. Each of the things interacting through the IoT network are given what is called a unique identifier (UID), which is a label or identifier assigned to the IoT things (i.e. people, machines, objects).
IoT connectivity is responsible for moving the number of connected devices from millions to billions. According to business consultancy groups McKinsey and Gartner, there are more than 26.7 billion IoT connected devices in 2019. The number of things to people in 2020 is projected to be 26 times more in 2020, while the number of connected devices will grow by three times as many or 75.4 million in 2025. The popularity of IoT can be seen in the use of smart and connected devices in the home. This includes applications such as smart thermostats, smart locks, and smart refrigerators. Smart security, one of the poplar home uses for IoT connectivity, has a market expected to grow to $22 billion by the year 2021. Additional markets expected to grow as a result of IoT are home entertainment systems and energy management technology.
How IoT Has Spawned Greater Connectivity
The global IoT market is worth $1.7 trillion in 2019. Of this amount, 35 percent or $595 billion of this value is attributed to hardware, such as smart home peripherals, smart phones, etc. Countries North America, Western Europe as well as China make up two-thirds of the installed IoT devices. It is also worthy to note that, on average, 127 new IoT devices are connected to the internet every second across the globe. Industry is also gravitating toward a greater use of IoT connected devices. Industrial IoT, which comprises 17 percent of the IoT related projects on a worldwide basis, has a market value projected to reach $110 billion in 2020.
Growth of Personal Digital Assistants
The development of new devices has advanced connectivity and has also been responsible for this growth. Over the past years, the advent of personal digital assistants (PDAs) or virtual assistants, from Apple’s Siri, to Google Voice has meant less reliance on manual typing and a greater dependence on voice assistance. The global intelligent PDA/voice assistance market was worth $2.4 billion in 2018and is expected to increase a total composite average growth rate (CAGR) of 40.4 percent for the period (2018 – 2025).
IoT Growth in the Healthcare Industry
The healthcare industry has been a direct beneficiary of IoT connectivity. Such innovations as robotic process automation (RPA) and artificial intelligence (AI) have helped healthcare sector providers diagnose disease, manage chronic conditions, and bring the cost of care for patients and providers. The healthcare IoT market value was $60 billion in 2014 and expected to reach a value of $136 billion in 2021, a CAGR of 12.5 percent. Growth in the connected devices segment of the market is projected to be the best for the healthcare industry. Asia-Pacific countries are expected to experience a CAGR of 17 percent for the measuring period of 2015 – 2021. Why is IoT important to the Healthcare sector? It provides companies with the ability to grow therapies and processes useful in meeting needs and improving healthcare outcomes through improved:
Monitoring of patient health
The operation of healthcare clinics
The management of workflow
Imaging connectivity
The measurement of the effectiveness of fitness, health and wellness programs
The development of new drug therapies
IoT +37 Years: What Does the Future Hold for Connectivity
The future of IoT is more than bright. The explosion in the growth of IoT connected devices, over 300% between 2019 – 2025, is forcing businesses to invest in this technology to experience a cut of the nearly $500 billion in profits generated from more than 2 billion devices in use in 2019 alone. Companies are maneuvering to position themselves as leading innovators in the development of IoT devices and products. For example, Google invested $3.2 billion to purchase Nest products and paid another $2.1 billion to acquire FitBit, in a bid to compete with competitor Apple’s Apple Watch. These acquisitions are strategic moves designed to gain further control of the IoT market and offer an array of products which can capture valuable consumer data and further the development of needed products.
IoT has not reached its zenith in terms of depth or breadth of market. What was thought to be the limit when smartphone technology was first introduced to the market more than 25 years ago on August 16, 1994 (IBM’s Simon Personal Communicator), the world and consumers have seen an astronomical amount of growth in the number of devices (“things”) with the capability to interact with us and each other to provide important data and operate free of human-to-computer interaction. Automated homes equipped with functions which can clean your floors, issue notifications when you are running low on milk, provide real time video and alerts when an intruder approaches your home are more than the dreams of 1960s science fiction writers like Isaac Asimov and Philip K. Dick.
Bottom Line
Businesses that learn to involve themselves in IoT connectivity will find themselves at the leading edge of this technological advancement. IoT means a greater opportunity for profitability through the mining of data and predictive analysis provide by data scientists to determine consumer interests, wants, and needs. The application of IoT in a business setting helps businesses leverage knowledge gained from their customers in ways unforeseen when the internet was first made available to the general population. IoT connectivity leads to higher profits and better consumer loyalty, as seen in the rapid growth of IoT’s market value.
Businesses will also come to understand that improvements in their IoT offerings will lead to improved employee morale. IoT connectivity provides businesses with valuable consumer data which in turn leads to the creation of products designed to improve quality of life. The data gleaned from IoT devices can be synthesized efficiently and seamlessly, creating a data-driven environment which reduces employee stress and leads to greater creativity. This is another benefit IoT connectivity provides your business and its bid for greater profitability.
It is important to recognize that any limits on IoT connectivity are those which consumers set. A greater reliance and dependence on digital devices to provide us with the comforts of daily living will be tempered by attempts by hackers and other nefarious actors to compromise these machines for their personal gains. Proper monitoring and safeguards must be put in place; businesses must constantly gauge consumer interest for the next best thing and balance that desire against the ability of that “thing” to provide a solution and not be another gadget that is a potential hazard. A proper read of the data IoT devices provide will help guide business toward smart development in keeping with the dramatic increase in value in the IoT market, leading to better products, happy consumers, engaged employees, and a better envisioned world.
by Felicien | Dec 2, 2019 | Education
HIPAA Compliance Basics – IT HIPAA Compliance
If you are an organization subject to HIPAA, you need to understand and comply with all relevant requirements. Learn more about how this law applies to your company.
The Health Insurance Portability and Accountability Act of 1996 set standards for all organizations that handle protected health information. In the past, HIPAA standards for privacy and security mainly applied to the management of paper health records and verbal exchanges of patient health information. In today’s modern world, however, the majority of protected health information is in a digital format, and these standards must be applied differently.
HIPAA Basics
HIPAA sets guidelines organizations must follow when they collect and store private health information. The law provides patients with certain rights to access their own health information, as well as confidentiality protections. HIPAA also outlines the steps an organization must follow when private health information has been compromised.
The Health Information Technology for Economic and Clinical Health Act
To ensure that all organizations subject to HIPAA are in compliance in the digital age, the government passed an additional law: the Health Information Technology for Economic and Clinical Health Act. Essentially, this new law raises the penalties that apply when a health organization violates any of HIPAA’s standards for privacy and security of protected health information.
How to Protect Your Data
In light of the many restrictive standards that apply to protected health information, it is essential for every organization that handles this information to take the matter seriously. Below are some tips to help you protect your data from vulnerability.
1. Invest in security software.
The right security software can help to maintain the safety of your data from hackers. Invest in advanced security software and update it as needed.
2. Train personnel.
Every employee who handles protected health information needs to understand the importance of complying with HIPAA laws. Take the time to train employees on the best practices for handling sensitive data, as well as the consequences for HIPAA violations.
3. Partner with the right professionals.
One of the best ways to keep your data safe is to partner with a reputable IT company that can design security measures to keep your network secure. The right company will also be able to help you take action quickly when a breach occurs.
4. Stay in the know.
Regulations are subject to change, and threats to your data are always evolving. Stay informed about all recent changes so you can keep your organization protected.
Keeping protected health information secure is not only ethical, but it is required by law. If you are an organization subject to HIPAA, compliance needs to be a priority at all times.
by Felicien | Nov 28, 2019 | Education
Tips to Protect Your Mac Computer from Cyber Threats
Mac computers have an excellent reputation when it comes to cybersecurity, but they can still be targeted. Find out about protecting your Mac from threats.
Malware, ransomware, phishing—the cyber threats on the internet abound, and these threats are generating an astounding cost to the people who rely on computer systems to do business. To date, the cost of cyber infections has racked up billions of dollars in costs to unwitting business owners, some of which thought they were protected. Even though Macintosh (Mac) computer systems are highly regarded for their security, they are still at risk. Here are a few tips you should know.
1. Keep your Mac properly updated.
Without a doubt, one of the biggest reasons Mac computers fall victim to a cyber-attack is because they are not updated as they are meant to be. The developers of the Mac operating systems, whether it is one of the older Mac OS versions or something more modern like Mojave, send out frequent security patches as new updates. If you have automatic updates turned off or do not take the time to update your computer manually, you could easily miss an important line of defense.
2. Use good security programs on your business Mac.
Just because you have a Mac that has a stellar reputation for protecting itself against cyber threats, it does not mean that you should not go a step further and install a good security program. These software programs are designed to catch all those things that get past the existing Mac firewalls and security defenses.
3. Keep your Mac free of unnecessary programs.
Every user has them—those unnecessary programs that are really not used often enough to be counted as valuable or useful. These unnecessary filler programs take up valuable space on your Mac computer and slow it down. If the system is already slow, it can make it harder to recognize when something is awry and something fishy is going on. Plus, the more unnecessary programs you have that you never use, the easier it is for malicious software to latch onto something and set up shop on your computer because you will never see it.
4. Get educated about the biggest threats to security on your Mac.
Knowledge is a powerful defense tactic no matter what type of computer or OS it is that you rely on as a business professional. You should take the time to familiarize yourself with the biggest MAC cyber threats and the types of cyberattacks most often occurring today. You should familiarize yourself with things like:
Phishing and how phishing attacks are carried out as well as how to avoid them
Ransomware and how it gets latched onto your Mac system
How to avoid things like malware that get attached to legitimate software
Whether you use your Mac for everyday tasks and projects at work or you have a system of Mac computers utilized by multiple employees and users within your organization, it is critical to protect your business Mac computers properly. Work with a managed IT service company to implement the best security measures and negate Mac cyber threats.
by Felicien | Nov 26, 2019 | Education
Thanksgiving wouldn’t be complete without sending a thank you to all of the local businesses in our community and a special thank you to those who put their trust in us to manage their technology.
As we spend the day reflecting on what we’re thankful for, we hope you’re doing the same (and enjoying some delicious pumpkin pie while you’re at it!)
Have a great Thanksgiving!
