Every day we read about another cybersecurity breach. Lost credit card information, hacked emails, corporate or national security information stolen by insider or external actors. Cyber espionage and security attacks have become sophisticated and big business. We have reluctantly learned a new language: ransomware, “phishing”, malware, HIPAA (in healthcare), PCI (for credit card protection), and PII (personally identifiable information) to name a few.
The challenge grows even faster as more and more devices are attached to our networks. New devices like thermostats, smart lights, cell phones, watches, and smart monitors of all types connect to our networks to share information. This Internet of Things (IoT) creates new threats.
Ransomware payment demands have skyrocketed – from an average of $12,000 in Q1 of 2019 to three times as much at $36,000 in Q2 of 2019. But these “ransoms” to unlock wrongfully encrypted computer systems do not include the cost of lost productivity, impact to reputations, and expense to recover from successful attacks. The global damage of ransomware annually is estimated to be in the tens of billions of dollars at this point. Much of this threat is aimed at small and mid-sized organizations that have fewer resources to defend themselves.
OXEN Technology is a small organization. We serve small and mid-sized organizations. We are in this together. Cybersecurity is at the heart of each of our businesses for the foreseeable future.
The foundation of good cybersecurity remains the same
What should you be doing?
- Keep your hardware modern and software up to date: Vendors (most notable Microsoft) provide patches and security fixes regularly for their products. It is important to apply these updates in a timely fashion before hackers get a chance to exploit security holes and vulnerabilities.
- Use complex passwords or passphrases and enable multi-factor authentication wherever possible.
- Regularly review who has access to your applications, especially the IT admin functions: For example, vendors often ask for access when they install or maintain their software and their access needs to be removed when they are finished. Have a procedure in place to remove permissions and access for former employees.
- Train every user on how to recognize phishing attempts and scams: Over 90% of ransomware gets in by someone opening a fraudulent email. Regular, ongoing training on how to recognize suspicious emails and activities like phone scams can lower your risks.
- Use the leading anti-virus and anti-malware software – and keep it updated: The traditional methods for protecting against viruses are no longer effective, but there are new solutions using advanced analytics to provide better every-day protection. Choose strong, regularly updated modern anti-virus and anti-malware solutions. Also, consider an anti-spam solution for your email.
- Maintain an actively managed “next-generation” firewall: Static firewalls, like the kind we purchase at Best Buy, are not enough. And especially not enough for a business. Firewalls need to be actively managed and updated to block the most current threats to networks. The newest even offer “deep packet inspection” which examines the data coming through the network in real time to stop threats, and “DPI-SSL”, which inspects encrypted traffic.
- Back up your critical systems and information! If you do get ransomware or an infection that can’t be effectively remediated, you can still recover your data from a backup. A strong backup solution is one of the most highly recommended cybersecurity protections today. If you aren’t backing up, we can educate you on the choices that best fit your organization and budget.
We work with clients every day on these essential cybersecurity issues. More importantly, we continually invest in improving our understanding of the threats and finding the right partners to provide the level of security that we and our clients require.
OXEN Technology currently offers:
We can perform a network risk assessment that encompasses your organizational risk, personnel risks, and technical risks.
All of our core solution bundles and packages include anti-virus, anti-malware, and anti-spam protection for your desktops and servers. These include our Network Essentials package and Business Bundle.
We offer this annual online security awareness training at no charge to all employees of our managed IT services clients. A monthly subscription version of this training is also available and includes ongoing education, weekly quizzes, and simulated phishing attacks.
Network Vulnerability Testing
This testing is free to our managed IT services clients. An external vulnerability scan can give you certainty and clarity about the vulnerabilities of your network and the information you need to act to improve your security.
Our Managed Firewall solution provides constantly monitored and managed next-generation firewalls, with features such as DPI-SSL (encrypted traffic inspection).
We have data backup and BCDR options for all requirements and budgets. Our OXBOX appliance allows clients to quickly recover a functioning system, applications, and their data in case of a failure on their production hardware or software systems. It is automatically backed up to a secure remote data center in case of a disaster affecting your entire facility.
Our Network Security Monitoring appliance constantly scans your IT network for security threats and events that are then analyzed with sophisticated software and a 24/7 Security Operations Center. We notify you of the most dangerous threats and jointly determine how to eliminate them.
Unsure of where to go with your cybersecurity practice? We offer a Shared CIO or CISO role, where one of our consultative experts helps to shape and lead your technology and/or cybersecurity initiatives. This role aims to work with your IT team and your businesses leadership to achieve your goals.
there is a lot going on in the industry around cybersecurity. The good guys are building tools as fast as they can to protect against the known and expected threats. We promise that we will stay on top of it so that we can provide strong, trusted, simple security solutions.