Cloud applications are not immune to cyberattacks. As companies move away from storing data locally, attackers are shifting focus to cloud solutions right along with them.

As a business owner, you have a lot on your mind as we all progress through the COVID-19 situation. Your workforce is probably broken up in ways you have never experienced before, and the way everyone is connecting to your resources may be less than ideal from a security perspective. This situation makes a comprehensive security awareness program more important than ever. A security awareness program promotes ownership of all employees over the safety of an organization's data and information systems. It also gives them skills to prevent and minimize data breaches and security incidents at the individual level. A comprehensive security awareness program includes three elements: Testing – Find out where your most significant security gaps lie. Training – Teach end-users how to identify and respond to suspicious emails. Reporting – Track improvements over time and identify areas for focus for the next round of testing and training. We are all doing what we have to do to survive this global pandemic, and security is taking a back seat for now. The problem is that now, more than ever, security needs to be a primary focus. Cyber-attacks are rising because criminals know that some of the typical defenses that businesses have in place are down or moved at the moment. In fact, FBI has reported a 400% increase in cyber-attacks during the pandemic.

You spend hundreds or thousands of dollars each year on anti-virus and threat prevention software for all the computers in your organization. As a result, you expect those devices are safe from viruses, ransomware, and other malware. But now you’re missing files, software programs are acting strange, or your entire system is frozen and you’ve received a ransom message. You’re frustrated, and maybe feel a little taken by your anti-virus vendor. Why have you been spending all this money on an anti-virus solution if you still have to deal with the ramifications of a virus or other malware?

Computers are the center of business and personal productivity in the 21st century. Users expect them to work as intended, on time, and without issue. Unfortunately, this is not always the case. Viruses, or any type of malware (viruses are just one of several types of malware - more on that later), can at the least inconvenience users, and at worst cripple an entire business or organization. When trouble arises, average users may wonder if their computer is misbehaving. They might suspect malware has compromised their system, but don’t know how to confirm their suspicion.

You use password-protected applications for everything from banking and financial management to planning vacations and socializing. In the workplace, sign-in credentials connect you and your employees to business applications and online services like payroll processing, appointment scheduling, invoicing, and every other confidential function of your business.

We recently used Presbyterian Health Services potential breach of protected health information (ePHI) as a case study in why employee behavior and training are key elements of security and compliance.

I'm currently re-watching The Office (US) for what feels like the 100th time. This time, I realized that some parts have a whole new meaning now that I work for an IT company that provides tech support to businesses like the fictional Dunder Mifflin Paper Company. In this clip from Season 7, Episode 9, "WHUPF.com," Jim tries to reset the server after a power outage causes it to go down. He's stuck and The Office can't do any work since he doesn't know the password to sign into the server. This causes Michael to recall all of The Office's former IT guys to determine who originally set up the server. As Michael thinks through the list of IT guys backward from the most current by the nicknames he gave them, "Glasses, Turban, Ear Hair, Fatty 3, Shorts, Fatty 2, Lozenge, and Fatso," Kevin remembers that 'Lozenge' set up the server eight years ago. Michael recalls that whatever the password was made him laugh when he heard it but, "Pam got really offended." Jim ultimately enters Kevin's suggestion of "big boobz," based on Michael's clues. The password is accepted, the server is reset, and Dunder Mifflin lives on to sell paper another day.

On June 6, 2019, Presbyterian Health Services, a health care system and health care provider in New Mexico, discovered a potential breach of protected health information (ePHI). You might assume that a hacker breached their firewall or snuck into their network undetected. That was not the case. The breach occurred because well-intentioned employees fell victim to a phishing email.

Do you have computers in your business operating on Windows 7? Do you feel like you just upgraded away from Windows XP? If that’s the case, you were most likely utilizing Windows XP beyond its April 8, 2014 end of life date and managed just fine without upgrading immediately. So, it makes sense that you are probably not too concerned about upgrading away from Windows 7 any time soon. You survived the last end of life date just fine, and you’ll get through this one too, right? Wrong.

National headlines about ransomware attacks crippling Baltimore City and Cleveland Hopkins International Airport might leave smaller businesses thinking that governments and large corporations are the only entities facing a real threat of attack. However, threats against businesses of all sizes have been on the rise. Malwarebytes Labs issued a Cyber Crime Tactics and Techniques 2019 Q1 Report stating that cyberattacks on businesses in general have increased 235% in the past year. Ransomware specifically is gaining rapid momentum in Q1 2019 with a 195% increase in ransomware attacks on businesses from Q4 2018 to Q1 2019.