Managed IT Services Blog

To think that IT security is only a problem reserved for large enterprises is to put your business at a serious disadvantage. In fact, more and more small to medium-sized organizations are investing more in IT security because they understand that they are at risk. According to the 2018 State of Cybersecurity in Small and Medium Size Businesses study published by Ponemon, 67 percent of respondents experienced a cyberattack in the year 2018, and 58 percent of those attacks resulted in a data breach. 

 IT security remains a challenge for organizations of all sizes, but there are steps you can take to reduce the risks. Adhering to these three key IT security strategy pillars is the first step you should take. 

Since the early days of the computer virus, cybersecurity professionals have developed new ways to address the threat landscape. However, just as the good guys find new ways to defend against these attacks, the threat actors responsible are also evolving their methods to bypass these security controls. 

As I sat down to write this article news broke of yet another major flaw affecting Windows systems. This time it’s a remote code execution vulnerability in Remote Desktop that could be exploited by a hacker via a worm making this a particularly dangerous flaw—view the details of this vulnerability. So it’s time to get patched!

IBM’s SecurityIntelligence reported some frightening statistics regarding data breaches in 2018. Although the time it takes to detect a data breach is down from years to 196 days, the cost of a breach has increased. On average, the cost of a compromised record is up to $148. This is tough news for most organizations to deal with, and experts expect the number of records compromised per breach to increase, as well.

These reasons alone make it more important than ever for organizations to stay informed about the latest trends in IT security. Considering the damage that can be done to the reputation of a business that is the victim of cybercrime, you have more reason than ever to understand what the threat landscape looks like for this year.

Cybersecurity is one of the main business concerns of the 21st century. Consumers, businesses, and employees are all driven by the internet and can access anything at any time. This 24/7 access can cause problems from external sources, such as hackers.

However, internal security threats open an organization to a breach. Here are a few tips for businesses to protect themselves from internal security threats.

Lily Hay Newman, in a recent article in Wired, pegs “poorly secured databases that connect directly to the internet” as a main culprit for many of today’s mega data breaches. Why? Robust database security offers a defense-in-depth strategy should an attacker breach your perimeter defenses. But if the security measures are left unused, the sensitive data presents an easy target for hackers to go after.

When it comes to choosing a victim, cybercriminals often look for low-hanging fruit. They seek the path of least resistance to keep their chances of success high and of getting caught low.

This is why so many criminals target small- to medium-sized businesses (SMBs). It is no secret among SMBs that they are frequently targeted by attackers. In fact, a research report from the Better Business Bureau shows that 87 percent of SMBs are aware that they are not safe from cybercrime. Despite this awareness, cyberattacks cost SMBs an average of $2,235,000 in 2017. This means smaller companies are still failing to properly secure their assets.

Yes, you heard that right, the boss said, “We need Log Management!” And he’s right but what does he mean? Isn’t that the horribly complex software that is only needed by huge corporations? And why is he saying it now? Did something happen?

Businesses that lack adequate data security are exceptionally vulnerable to cyberattacks. They’re also are more likely to experience problems associated with mismanaged, unorganized, and insecure data. If you don’t have an IT security plan in the modern age, you’re exposing your business to unnecessary risk and liability. A comprehensive IT security strategy can help you protect your business, your customers, your data, your viability, and your integrity. We’ve laid out three essential components of an IT security roadmap to help you protect your company and plan for the future.

From a Microsoft Azure Active Directory perspective, there are two approaches to MFA:

1. A laser accurate approach specific to the application in the Azure blade using conditional access

2. A global approach managed through the “Multi-factor authentication” page via Office 365