The post The on-screen keyboard: use it! appeared first on Network Doctor.

If you collect it, protect it! Follow all reasonable measures to protect every piece of information you have about your client or customer. Have policies enforced that prohibit unauthorized access to those who do not have a need to see it.

Be open about how you use information that your clients give you. Clearly communicate any practices and processes, and use this as an opportunity to set your company apart by showing you’ve gone deeper than competitors by performing annual risk assessments.

Help create a culture of privacy in your office. Everyone should be educated about their role in privacy, security and respecting and protecting the private information of clients, colleagues and partner vendors.

Would you like more tips like this delivered right to your inbox? Click Here

The post Privacy – it’s just smart business! appeared first on Network Doctor.

There is no delete button on the Internet. Everyone knows how to capture a screenshot. Even if you keep your social media completely private, when relationships change, nothing is private. Are you going to be comfortable in 10 years with what you post today? It will be archived forever.

If you post in online forums or on message boards, or comment on news-related websites, consider using a pseudonym. Don’t share names of real businesses, clients, friends or family. If a bank manager wouldn’t allow a picture of all of the money in the vault to be shared on the Internet, you shouldn’t ever allow a picture containing any confidential, financial, legal or other protected documents and items to be shared either.

A good social media policy in the office now can save headaches down the road.

Would you like more tips like this delivered right to your inbox? Click Here

The post Staying secure in a social media world appeared first on Network Doctor.

Did you know that, according to a 2014 National Small Business Association Report, 44% of US small businesses were the victim of a cyber-attack, with each attack costing the business on average $9,000?

Did you know that the National Cybersecurity Alliance’s StaySafeOnline.com recently reported 59% of small and midsize businesses do not have a contingency plan that outlines procedures for responding to and reporting data breaches?

Did you know that 77% of small firms believe their company is SAFE from a cyber-attack even though 83% of those firms don’t have a written security policy, according to the National Cybersecurity Alliance?

Did you know that an overwhelming number of people don’t consider that a large company can absorb the costs of a cyber-incident while those costs may suffocate a midsize or small business? What is a pain and annoyance to large companies is catastrophic to smaller organizations.

Oftentimes, we forget the type of threats we all most commonly face. If you don’t have a security plan and a disaster recovery plan, today’s a great day to start. Consider every scenario. You’ll remember details that need to happen and would be totally forgotten in the middle of a crisis.

Would you like more tips like this delivered right to your inbox? Click Here

The post Did you know? appeared first on Network Doctor.

Here’s the problem with this strategy. Let’s assume that you have a Gmail account, an Amazon account and some accounts at big-box retail stores. You use the same password on all of the sites, and you use it for the account you set up on the great website you found to order gift cards as client gifts – at 10% less than their value. Then, the gift-card website gets hacked or falls victim to an attack. Not only do the crooks get your credit-card information, they also get the list of all of the website’s users and those users’ passwords. They publish the list freely out on the Internet. (Don’t believe it? Check out https://rehmann.co/projects/10mil/ )

Since you used the same password on their website as you did on Amazon, Gmail and other websites, all of these accounts are now in the hands of anyone capable of a Google search. That’s why it’s important to have different passwords for EACH website and application.

Would you like more tips like this delivered right to your inbox? Click Here

The post Why do I need so many passwords??? appeared first on Network Doctor.

After enabling 2FA on a Gmail account, each time you log in, you’ll have to input your password. You then get asked to enter a six-digit code that is unique to you and changes every 20 seconds. You get this code from an app on your phone, a jump-drive-sized key fob or a program on your computer. In the above example, you use a smartphone app (there’s one for every type of device, and one app will handle the 2FA codes for each individual account) and input the code. Only then do you have access to your account. You must enter both password and 2FA code each time you access the account. If someone steals your password, they still can’t access your Gmail account.

If you aren’t currently using two-factor authentication with your most sensitive data and systems, investigate if it’s an option today. The extra 15 seconds to pull up the code and get logged in is laughably short compared to the time spent dealing with a hacked account.

Would you like more tips like this delivered right to your inbox? Click Here

The post Two-factor what? appeared first on Network Doctor.

Tip: Step 1: Invest in insurance to protect you from fraud. Step 2: Set up e-mail alerts to receive notifications any time money is withdrawn from your account. In some cases, you can set it to alert you only for larger withdrawals. The FASTER you catch fraudulent activity, the better your chances are of keeping your money. If you contact the bank IMMEDIATELY after money is taken (same day), you have a very high probability of stopping them from robbing you.

Would you like more tips like this delivered right to your inbox? Click Here

The post Set this up for your bank account to prevent fraud appeared first on Network Doctor.

While the PCI architecture and requirements heavily overlap network security issues, a network security audit is going to take a deeper look into how you utilize the technology you own. Most businesses typically need to conduct a network security audit at the same time they conduct a PCI audit.

The PCI regulations have gone a long way toward making every business that accepts credit cards more secure, because it’s a threat to the payment industry to have unsecured businesses responsible for millions in fraudulent charges. A good network security audit at the same time as your PCI audit typically provides for a balanced scale when weighing security and functionality.

Would you like more tips like this delivered right to your inbox? Click Here

The post Is my PCI compliance good enough to serve as a network cyber security audit? appeared first on Network Doctor.

But even if you don’t have a lot of sensitive information, it’s best to have SOME idea of what you would do if a cyber-attack locked all your files or stole confidential information.

Things to consider when you’re planning:

• Physical access to your building(s)
• What to do with lost or stolen mobile devices
• PCI (payment card industry) compliance requirements
• Data-breach incident response
• Threat monitoring

That’s where we are here to help! Give us a call and we’ll be glad to help you put together a cyber-response plan.

Would you like more tips like this delivered right to your inbox? Click Here

The post Do you need an “incident response” plan? appeared first on Network Doctor.

If you have a password on your laptop, it will slow the thief down; but what it doesn’t stop is someone removing the hard drive and connecting it to another computer to get access to all your files, passwords and e-mail –that’s not hard to do.

How do you protect your files? Encrypt them! With the drive encrypted, a thief can’t just pull it out, hook it up and suddenly have access to all your files. This is ESPECIALLY important if you hold or have access to medical records, credit card information or other sensitive data on your devices.

Would you like more tips like this delivered right to your inbox? Click Here

The post Should your laptop be encrypted? appeared first on Network Doctor.