Tag Archives: network security

Take the Fear Out of Encrypted Email

When some people think of encrypted email, their minds conjure up images of secret codes, espionage, and a scene right out of Mission Impossible, where the message will self-destruct. Also, they may think that it’s just too difficult to send an encrypted email, as the recipient won’t open it, or their email simply doesn’t need to be encrypted. Nothing could be further from the truth.

Here are 3 facts that you may not know about email encryption.

Tales of the Encryption

  • Email is like a postcard: it has no privacy.
    Many people believe an email is just sent from one computer to another, the reality is an email can travel along an intricate path from the time it’s sent to the time it’s received. Without proper encryption, there may be multiple opportunities for the email to be intercepted.
  • Avoid data leaks caused by human error.
    Email can be set to automatically be encrypted if sensitive and confidential information such as credit card numbers, bank account information, and social security numbers are detected in an email. Medical facilities must use encrypted email when sending PHI to be HIPAA compliant.
  • Emailing a large document can be cumbersome. Some email platforms limit the size of an attachment. A side perk of some email encryption services is that email file size limits can be circumvented (shh… don’t tell IT).

At Network Security Associates your data security is our Number One Priority. Adding email encryption to your email is easy and affordable. Contact Network Security Associates today for information by filling out the form below or call us at 702-547-9800.

How to Manage the Hidden Network Security Risk of Local Admin Passwords

To ensure optimal network security for your organization, it’s essential to make sure you address areas easy to overlook. One frequently neglected area is your local admin passwords. It’s important to understand how these passwords work and the steps you should take to prevent them from posing a security risk. 

What to Know About the Local Admin Password

Be Strategic About Local Admin Passwords to Ensure Reliable Network Security

During the set-up process for a PC, it’s necessary to create a local admin password to provide manual access to the computer. Though most organizations don’t regularly manually access their PCs, manual access (and a local admin password) are necessary for device access if your network goes down or your organization faces other technological difficulties.

However, local admin passwords can compromise your network security. This typically happens when you use the same password for all of your devices. A hacker only needs to crack your local password once to have access to all of your company’s computers. Hackers know this is a potential vulnerability that many businesses fail to address. 

With the phasing out of Windows 7, many companies are rolling out Windows 10. Even though Windows 10 disables local admin access by default, many businesses must enable it to ensure that they always have local access to their devices. When you enable the admin access option, you need to make sure that it doesn’t threaten your network security. 

Options for Addressing the Security Risks Posed by a Local Admin Password

You have a couple of options for handling the potential security risks associated with a local admin password. Your first alternative is to disable this setting; however, if your network goes down or you face unexpected issues, you won’t have local access to your PC.

Another option is to check each PC has its own unique admin credentials. Though this solution does require more work, it ensures a single password doesn’t provide access to every one of your business’s PCs. 

Microsoft has a tool that simplifies the process of giving each machine its own password. The tool will generate random local admin passwords for every single PC and store them in an active directory. This makes it much more cumbersome for hackers to crack and utilize your admin passwords. 

If you decide to assign local admin passwords manually to your PCs, always use a different password for each machine. Make sure you change them regularly, and avoid reusing old ones. 

Boost Your Network Security

Network Security Associates offers 24/7 data protection and network monitoring. We serve businesses in a variety of industries, including medical facilities and casinos. Contact us at 702-547-9800 to learn more about our managed IT services and how our team will ensure you receive reliable network security.

What Is Two-Factor Authentication, and Does It Increase Your Network Security?

No business owner wants to deal with a cyber attack, but do you know how much damage it can really do? The average small business that experiences a network security breach spends close to $8,700 to repair the damage. And, if you don’t protect your customers’ data, you’ll lose their trust and likely their business.

There are many things you can do to improve your cybersecurity, and some are more complex than others. One simple solution is to add two-factor authentication to all of the websites accessed by you and your employees.

Two-Factor Authentication: The Basics

Two-factor authentication is also known as two-factor verification or 2FV. It adds a second layer of security to your accounts by requiring you to add another credential in addition to your username and password. 

In most cases, you’ll receive a code by SMS (text message) which is only good for a short period of time. Unless a hacker had access to your mobile phone, they wouldn’t be able to get into the site, even if they figured out your password. Some programs or websites use different methods for authenticating, including sending a code to other “trusted devices” or using an app like Google Authenticator. 

Is Two-Factor Authentication Worth It? 

According to the most recent Verizon Data Breach Investigations Report (DBIR), 80 percent of hacking-related breaches were caused by weak login credentials. 2FV significantly improves your network security by isolating access to individual users. As long as your employees have their phones locked down with security code, fingerprint or biometrics, it will be virtually impossible for someone to impersonate an authorized user and gain access when they shouldn’t.  

You might wonder whether adding 2FV eliminates the need for you to use a password manager. The answer is no. Long, complex passwords that are changed frequently are still your first line of defense. Using a good password management program helps you stay on top of this without having to store our passwords somewhere easily accessible by others. 

2FV Is Easier Than You Think! 

It’s easy to understand how some people would think that 2FV would be overly inconvenient. However, that couldn’t be further than the truth. Setting up 2FV only takes a few minutes and the login process is only extended by a couple of seconds. In many cases, you can also authorize certain devices, so you don’t have to complete the extra authentication as long as you’re logging in from that device. 

Increase your security game today by scheduling a Network Security Assessment. During this evaluation, we’ll evaluate your information security, data protection, compliance, and performance. Contact us at 702-547-9800 to learn more about how to bolster your network security

Security Training Is the Best Way to Prevent Computer & Network Security Breaches

What’s the biggest threat to your company’s computer & network security?

It might surprise you to learn that almost 90 percent of cyber-attacks are caused by human error – an employee mistakenly clicking on a phishing email or leaving their laptop out in the open is far more likely than a criminal cyber-attack. 

Once you understand the nature of the threat you’re dealing with, it’s much easier to address it. Here are some common issues that are easily avoidable:

Increased Threat of Phishing Emails

Phishing is the practice of sending an official-looking email in an attempt to get the recipient to enter sensitive information like login credentials, credit card numbers or even their social security numbers. The senders of these emails then use the information they’ve obtained to commit fraud. 

These emails have come a long way in recent years. They now look very official, and even highly-educated executives sometimes fall victim to them. In fact, several years ago, tech giants Facebook and Google were duped out of $100 million due to phishing scams! 

You can expect to see even more phishing scams coming to light over the next months and years. They’ll continue to get more sophisticated and the cost of dealing with the fallout will grow. As of today, it’s estimated that a phishing scam can cost the average medium-sized business around $1.6 million per occurrence. 

Other Common Cyber Security Errors

While phishing is a major concern, it’s not your only computer & network security issue. Many innocent employee behaviors can leave your company vulnerable and could lead to serious consequences. Some examples include:

  • Leaving work computers unlocked and unattended
  • Leaving notes, passwords and other sensitive documents out on your desk
  • Working remotely on unsecured networks
  • Failing to delete data from devices
  • Failing to encrypt data before sending

Security breaches caused by employees who are purposely engaging in malicious behavior are rare. In most cases, they’re caused by a lack of knowledge or simple negligence. You can address this by making frequent and consistent cybersecurity training part of your internal practices. 

The Value of Security Training

While firewalls, encryption and other security measures are critical for keeping your data safe, proper employee training is your number-one line of defense. The first step is to create a clearly defined written set of cybersecurity policies and rules and distribute it to all of your employees. The second is to institute a mandatory training program that occurs during onboarding and at least once per year thereafter. 

Some of the topics that should be addressed during a training session include:

  • Overview of threats (phishing, malware, etc.)
  • Password best practices
  • Safe internet habits
  • Social media safety and security
  • Device maintenance and security
  • Preventative measures

Between training sessions, regularly test your employees and require a remedial class for anyone who fails. This will help keep the information in the forefront of their mind all year long. 

Improve Your Company’s Computer & Network Security

The consequences of a security breach are serious and can devastate a small- to medium-sized business. Fortunately, most of the vulnerabilities are preventable. Network Security Associates can help implement systems and processes to bolster your computer and network security. Contact us at 702-547-9800 to schedule a network security assessment

Password Protection Is Easier Than You Think

On June 10, 2019, Network Security Associate’s, Jeff Wagner, spoke at the Henderson Chamber Members breakfast, his presentation on network security focused on Password Protection.

Below is a short summary on how to create a strong password.

  • The longer the better
  • A mix of letters (upper and lower case)
  • Numbers & Symbols
  • No ties to personal information (tough one)
  • No dictionary words
  • The secret is to make passwords memorable but hard to guess

Using a password manager such as LastPass is a great tool for securing all the different password you need to keep track of. LastPass simplifies your online life by remembering your passwords for you. Using a password manager will make it easy to have a strong, unique password for every online account and improve your online security.

Check to see if you have a  strong password by going to  haveibeenpwned.com this site will check to see if your password has been compromised.

To learn more about network security and  password protection check out our blog article on Password Best Practices.