This Month in Cyber Security: November 2020 (2:00)

by | Nov 24, 2020 | Security

New cyber threats emerge on a weekly basis but are all of them relevant to your organization? Each month, our security team hosts a 30-minute webinar to discuss the latest threats, breakdown their applicability to small and medium-sized organizations, and cost-effective steps to mitigate risk. In this webinar, we discussed protecting your identity, threat vectors for organizations, and an update on Peters’ Newsletter.

Identities

Many times we see employees using their business email addresses for personal use, especially if they have been at the company for a long period of time. Employees are consumers and they have a plethora of information saved on various sites. For example on social media, some employees use their business email addresses as login information.

In a cloud-based or SaaS environment, this is especially dangerous. In the event of a breach, the employee becomes an easy target. This is because the information that an employee has available on these various sites is associated with their business email address. It is important to remind employees to keep personal and company accounts separate. One of the leading methods of mitigating the risk of a breach is MFA. Learn how you can setup MFA for your users in 1-day with Peters, here.

3 Major Threat Vectors for Organizations
  1. Identity –  We recently helped a customer to address a false unemployment insurance claim filed on behalf of one of their employees. The information on this claim was: full name, email, and even salary. The availability of information ties back to the Equifax breach, that occurred in 2017 and again late last year.  As an MSP our advice was to have our customer evaluate how well they internally monitor and verify these claims, as well as how they ask their employees to do so.
  2. Email – We also recently helped to respond to a business email compromise that was caught by their customers. Unfortunately, this was a late catch. Some strategies we suggest to reduce this risk is security awareness training and our Security Review for Office 365 service. To learn more about Business Email Compromise, read our short blog.
  3. Data Leakage – Do you know where your data is and who is accessing it? Many times employees will use 3rd party apps they deem “better” than what is allowed. For example, if an organization does not provide a simple file sharing application for document collaboration, an employee may feel that Google Docs is easier. This employee will begin to use the latter solution instead. This leads to company data to be left unprotected. By monitoring for shadow IT and providing secure collaboration solutions, you can prevent your data from being leaked.
Peters Newsletters

Here at Peters, we release a monthly newsletter for our customers to catch up on everything we are doing. In our newsletters, we share upcoming events, recent blogs, and employee highlights. An important section we want to draw attention to is the “What’s New” section. In this section, we share important news relating to cybersecurity. This month we focused on the VMWare breach, which you can read more about here.

You can also access past newsletters on our resource page, click here.

If you have questions about how you can better protect your network, give us a call at 630.832.0075 or send an email to info@peters.com to get started! Peters & Associates engineers are dedicated to securing your network; with 24/7 monitoring and support, our Managed Services and PULSE Alarm will never leave you guessing.

Download the slide deck here.

Watch the full recording here, or watch the short recap below: