Author Archives: lverbik

4 Sneaky Ways Cybercriminals Used Phishing In 2017

10 Jan 18
lverbik
, , , , , , , , , , ,
No Comments

Cybercriminals were more active in 2017 than ever before, with a staggering array of high-profile hacking incidents in the news each month. Here are four of the ways hackers used phishing to penetrate some of the most secure networks in the country last year.

Shipping Info Scam: Last July, an Internet security company called Comodo outlined a phishing strategy that was zeroing in on small businesses. Hackers sent phishing e-mails out to more than 3,000 businesses with the subject line “Shipping information.” When the recipient clicked the tracking link in the body of the e-mail, it downloaded malware to their PCs.

WannaCry: This widespread ransomware exploited a weak point in the Windows operating system to infiltrate networks across the country. Once it was in, the malware locked users out of their files and demanded a hefty ransom to retrieve their data.

The Shadow Brokers: Last April, the ominously named Shadow Brokers released a huge number of classified tools used by the NSA, including Windows exploits, which hackers then used to infect businesses throughout the world.

Google Docs Phishing: In May, hackers sent out false Google Docs editing requests to over 3 million individuals. You know how the story goes — when recipients clicked the link, phishers gained access to their entire Gmail account.

 

SmallBizTrends.com 08/29/2017

Is Cell-Phone Addiction Ruining Your Organization’s Ability To Function?

27 Dec 17
lverbik
, , , , , , , , , , , ,
No Comments

Here’s a scary new stat: according to a new Baylor University study published in the Journal of Behavioral Addictions, the average female student spends 10 hours a day on her cell phone, with male students only slightly behind at eight hours. You KNOW that means they have to be texting and staring at their cell phone during times when it’s horribly inappropriate, such as while driving, in class, at work, etc. Ten hours! Think about that!

The next time you go out to dinner, take a look around. It’s becoming a common scene at restaurants for every single person sitting at the table—Dad, Mom and all the kids—to have their noses buried in a cell phone. A Disney commercial shows a family at one of the parks with repeated scenes of their 14ish-looking daughter paying no mind to anyone, not talking, not interacting, but engrossed in her cell phone. At the end, she texts her dad, who’s standing next to her, “Best vacation ever.” Everyone smiles and the parents are relieved. Seriously? When did texting someone who was standing next to you become acceptable for thanking them? What about looking them in the eye and connecting? I suppose it’s no worse than texting a birthday greeting or e-mailing someone a sympathy card. My grandmother would roll over in her grave.

Of course, it’s a rampant epidemic that you can practically guarantee is leaking into your organization. Not only does this make your employees distracted and therefore horribly unproductive and unfocused, but if you have employees who drive or operate heavy machines, YOU can now be held liable if they are checking company e-mail or doing other work on their phone and crash or harm themselves or someone else because they were distracted. And, of course, it can’t be helpful for employees to constantly be checking Facebook or Pinterest or playing Candy Crush during WORK hours when they’re supposed to be productive, serving your clients.

Since the holidays are about getting together with the ones we love, how about actually being present with them? I wonder how many family dinner tables in America are mostly people sitting at the same table, ignoring each other because they’re too busy texting someone who isn’t there, playing Farmville or doing some other unimportant, unproductive online activity. So many people are NOT where they are. They can’t seem to actually sit and TALK to a person. Engage with them. Be attentive. Listen. I see this more and more with teenagers who don’t know how to introduce themselves or have a polite and meaningful conversation. Many can’t write because they’re so used to communicating in 140-character tweets. Obama caught hell (rightfully so) for having his cell phone out, taking a selfie at Nelson Mandela’s memorial. The Kardashian clan were caught checking their phones and texting at the Music Awards during the moment of silence held for the kid who was killed in Ferguson, MO. Utter disrespect. But where does it end?

I have a strong recommendation: put your cell phone someplace that cannot be accessed when you’re working. Turn off all digital distractions such as Facebook, LinkedIn, Twitter, etc., etc., etc., when you’re engaging with your kids. Break out a board game. PLAY. The next time you’re talking to your spouse, look them in the eye and listen. If you’re talking with someone on the phone, get away from your computer. Just turn your chair. They can TELL when you’ve stopped listening because your eyeballs are glued to your e-mail.

 

Why Hiring The Cheapest Computer Support Company Will Actually Cost You More

13 Dec 17
lverbik
, , , , , , ,
No Comments

As anybody working in IT will tell you, the most common question we get isn’t, “Why is my computer running so slowly?” or “Why is my Internet not working?” It’s, “What do you charge for your services?” With so many IT companies clamoring for your attention, it makes sense that you’d want to look for the most inexpensive, cost-efficient option, right?

The problem is that this question doesn’t get to the heart of the issue. Sure, any IT company can offer rock-bottom prices, but as with anything else, those savings are going to come with fewer, lower-quality IT services. Also, many cheaper services say they are inexpensive, but they typically have slow response times and nickel and dime you over everything.  Instead of asking about price right off the bat, the better question is, “What will I get for my money?”

With cheapo IT companies, the answer is not much. Maybe they’ll be there when the server breaks down or if Microsoft Word is acting weird on your computer. But you can bet they won’t help you implement IT systems that will prevent real, catastrophic issues from arising – the kinds of things that determine the success or failure of a company at the most basic level.

Today, business and technology go hand in hand. It’s an inescapable fact that good tech forms the pillars upon which successful companies stand. Many business owners still insist on cutting corners with IT, hiring cheap and inexperienced “professionals” to protect and support the most fundamental aspects of their operation.

Of course, it’s hard to fault them for doing so. Without a firm grasp of a business’s IT needs, it’s all too easy for a subpar, would-be IT partner to convince an owner they meet the company’s requirements. That’s why the question, “What will I get for my money?” is so important. IT support coverage needs to be comprehensive, addressing every potential sink-or-swim crisis before it actually happens. The integrity of your network infrastructure should support your business, rather than force you to run around putting out fires.

A downed server or temporarily unreliable network might seem like minor issues, but even the smallest of IT problems can easily snowball into an expensive nightmare that threatens your company’s very existence.

Take a company that stores all its data on a central, networked server, for example. Maybe they’re a content creation firm, with terabytes of custom-designed client marketing materials stashed away, or a large law practice with thousands of vital case documents. They were reluctant to spend much on IT support, so they went with the cheapest option available. Of course, regular server maintenance wasn’t included in their package, but they assumed their trusty hardware would keep kicking for at least a few more years. But when an employee tries to access the database, an error pops up. Upon further investigation, it turns out the outdated server has finally broken down, apparently for good. All those documents, all that data instrumental to the basic functionality of the company, is irrecoverable – thousands of hours of work (and thousands of dollars) down the drain, and all because of an issue that would easily have been caught and prevented by a team of qualified IT experts.

When technology works, it’s easy to imagine that it’ll continue working without issue. But the fact is that a computer network requires constant, behind-the-scenes monitoring and maintenance to ensure it stays up and running, not to mention secure.

From hordes of hackers waiting in the wings for you to slip up, to hardware failure, to natural disasters, rogue employees and a million other IT threats, it’s important to ensure the stability of your network before a problem comes knocking. Cheap Band-Aid solutions work great until the day they cost you thousands. It’s better to invest in a team of real IT experts, and avoid crisis altogether. It’s much cheaper to prevent something from breaking than it is to replace it altogether.

Does Your Business Need Data Breach Insurance?

29 Nov 17
lverbik
, , , , , , , , ,
No Comments

In the past few years, data breaches into small businesses by malicious hackers have climbed to an all-time high. According to data compiled by the Identity Theft Resource Center, at least 1,093 data breaches occurred in 2016, 40% more than the previous year. And this trend shows no sign of slowing down. In response to rampant cyber-attacks across the country, many small businesses have turned to data breach insurance, designed to financially protect and support victims of malicious hacking. If your system becomes infected by ransomware, the insurance can cover the cost and guide you through the process so you can mitigate damage and stress.

If your business creates and stores vast quantities of sensitive data — especially if that data is a vital asset to the company — you should at least consider protecting yourself with data breach insurance. When all else fails, it can mean the difference between shutting down for good and staying afloat in the midst of crisis.

SmallBizTrends.com 9/5/2017

Top Tricks Cybercriminals Use To Hack Your Computer Network

16 Nov 17
lverbik
, , , , , , , , , , , , ,
No Comments

There’s no denying that cybercrime is on the rise. All it takes is a glance at a few big news stories from the past couple years. Equifax gave up the information of over 100 million people, many of them not even users, to a surgical hacker attack. Last May, over 57,000 infections spread from a single ransomware source across 99 separate countries, with damage reaching everything from hospitals and businesses to vital public utilities like the German railway network. And how many high-profile celebrities have had their phone’s picture feeds hacked and had to deal with the scandal of some maliciously leaked photographs, some of which they’d deleted years before?

But it’s not just massive corporations like Equifax or JPMorgan or actresses like Jennifer Lawrence that are being targeted day in and day out. It’s small businesses, many equipped with far less robust security measures in place. In fact, if you’re an entrepreneur, it’s almost a statistical guarantee that hackers will target your business at some point down the road.

In your company’s battle against cybercrime, it’s essential to stay abreast of the rapidly shifting digital landscape. Only the most up-to-date security technology can even hope to protect you from the ever more sophisticated thieves pounding at your digital door.

However, it’s also important to stay informed. Here are a few of the sneakiest and most common tricks thieves use to snatch your vital data:

Social Engineering Hacking, though it can cost you thousands and thousands of dollars and do just as much damage as its digital counterparts, doesn’t require a single line of code. Instead, they find weaknesses in the “human network” of a business. For example, skilled scammers can call your business’s cell phone provider, posing as the CEO’s spouse, and convince the customer service rep to hand over passwords, Social Security numbers, and sensitive personal information. Many IT departments are susceptible to this same scam.

Often, social engineering is used to gather information that will later be used for a different strategy. Such as …

E-mail Phishing, which hijacks (or fabricates) an e-mail account with trusted authority and sends users an e-mail requesting they click a particular link. Maybe the e-mail looks like it’s from the service department of your company’s time-tracking software, seeking to remedy an error. But when the link is clicked, ransomware or other malware spreads like wildfire through the system, and the user is at the mercy of the hackers. Usually, this is used to extort exorbitant sums of money out of small businesses or individuals. Symantec reports that just last year, over 7,000 businesses of all sizes fell prey to some form of phishing scam, costing them more than $740 million in total.

Brute-Force Password Attacks Or Password Guessing are just what they sound like. Either a hacker uses a software that, after putting in some data about the target (for example, the name of their dog or their anniversary), runs through potential keys ad infinitum. With sufficient information about the target, it’s only a matter of time before the software breaks through. Or, more often than you might think, hackers can simply guess the password. Infiltrators have common passwords that use real words or common structures memorized and can run through hundreds before giving up.

Fault Injection is a different story, usually only used by the most dedicated, sophisticated hackers around the world. Cyberthieves will use a complicated software to scan the source code of their internal software or network, noting every potential weak point in the system. Then, by splicing in strings of code, they can penetrate through and steal data, inject a virus, or employ other digital mischief.

How To Protect Yourself Against These Threats

As they say, forewarned is forearmed, but it’s not enough to keep your eye out for common hacker strategies. As the progress of technology marches on, so do the techniques and softwares used by hackers, resulting in an infinite number of permutations of ways they can penetrate your system.

The only way to be truly secure is by utilizing bleeding-edge security solutions to ensure you stay ahead of the breakneck developments in hacker technology. With constantly updating software dedicated to security, along with some know-how, you can rest a lot easier knowing your data is safe.

Natural Disasters Can Destroy, But Your Data Is Safe If It’s In The Cloud

02 Nov 17
lverbik
, , , , , , , , , , , ,
No Comments

This past hurricane season has brought some of the most harrowing, widespread destruction the southeastern United States has ever been forced to weather. But, despite the enormous, tragic cost of these natural disasters, the people of these communities persevere. In the wake of widespread wind damage and flooding, communities have banded together. Thousands of volunteers and neighbors are working as one to rebuild and find the way forward. There is no doubt, however, that the havoc wreaked by Hurricanes Harvey and Irma will produce aftershocks that will echo through affected areas for decades.

To anyone who turtled up in their attic in the middle of the storm or just saw a picture of the wreckage in the news after the hurricanes departed, the physical damage caused by the storm is obvious. What’s less obvious is the effect these storms have on the futures of the survivors, the reverberating impact that cuts thousands of life plans short and forces individuals to completely change their course in a cruel reversal of fate.

“Forty percent of small businesses don’t survive these events,” said Russel Honore, the previous Joint Task Force commander for Hurricane Katrina. The electrical grid is knocked out for days, and businesses are forced to close the office for what they hope is a temporary period due to flooding.

Each day that a business can’t provide service, it’s bleeding money — a cost that many businesses, especially the little guys, can’t absorb. So, they close for good, their buildings go up for lease and those who were once the heads of promising young businesses are now unemployed, in the market for a job in a city up to its neck in water.

Just as common is a business that finds its central data structures wiped out by physical damage. Following a hurricane, most businesses near the storm should have little trouble cleaning up and remodeling following nasty flooding, but if their servers, computers and network infrastructure have been wiped out, it’s a completely different story.

Oftentimes, a catastrophic loss of data will shutter a business for good. A 2010 report by technology research firm Gartner Group stated that 43 percent of businesses went belly-up almost immediately after a “major loss” of data, while 51% shut down within just two years. That leaves a measly 6% survival rate for businesses that suffer company-wide data loss.

These are scary numbers, to be sure, but there is good news: Businesses that migrate their data to the cloud are at significantly less risk of losing vital data. This is not only because your typical cloud service will back up your up-to-date data with several levels of redundancy, but because most cloud services are actually more secure than their on-site counterparts in general.

And make no mistake, businesses with on-site data are susceptible to loss far beyond physical disasters like hurricanes, flooding, earthquakes or solar flares. Don’t forget the risks disgruntled employees, freak accidents and, especially, hackers pose to your precious data. While it’s true that all of these risks still exist with cloud-based services, they’re much reduced. A 2012 Alert Logic report stated that “on-premises environment users actually suffer more [hacking] incidents” than cloud-based users, while also being subjected to “significantly more brute force attacks.” When you think about it, this makes sense. With your entire system backed up on a number of off-site locations, it’s much more difficult for hackers to encrypt the entirety of your data and hold it for ransom.

That said, not every business absolutely needs the cloud to stay secure. Certain business models need on-site structures for various reasons, and a few find it more cost-effective. Still, the cloud is definitely something that any savvy business owner needs to examine closely as a potential option. It could mean the difference between flourishing in the next fiscal quarter and going under.

Skimp On Data Protection And Pay The Price

10 Oct 17
lverbik
, , , , , , , , ,
No Comments

We’ve said it time and again: Today’s cybercriminals are using more advanced technology than ever. And those malicious tools are becoming even more sophisticated at a breakneck pace. To top it all off, new software developments are enabling these criminals to cast wider and wider nets, targeting businesses that, before, would have flown under their radar. Companies small and large, of every type, are being infiltrated by vicious cyber-attacks across the world each and every day.

Even knowing this, business owners are tempted to cut costs and corners. When you’ve never had a breach, data security can seem like a distant concern, especially for a limited budget. But regardless of which digital barriers you put in place to protect your business, you can bet on one thing: One day, your security will be tested by an attack. Whether or not the hackers punch through could mean the difference between your company shutting down for good — as 60% of small businesses do in the six months following a cyber-attack, according to the Denver Post — and remaining solvent and secure in your position.

When you’re struggling to stay afloat or simply wanting to be a savvy spender, you may think the best way to lock down your data is to put one of your staff on the task or to do it yourself.

And sure, your team can conduct hours of research searching for inexpensive security. And you’ll almost certainly find something cheap with good reviews and a decent track record. You’ll figure out how to install the software across your system, complete with firewalls, server protection, antivirus and maybe a bell and a whistle or two. Perhaps you’ll even hold a meeting to educate your staff on the do’s and don’ts of cyber security.

“Use intricately constructed passwords,” you’ll tell them. “Don’t click suspicious links in your email.”

Then, after a few days of fiddling with settings and ensuring the security software is properly in place, you’ll forget about it altogether. After all, it’s already installed, and you’ve checked to make sure there aren’t any gaps in the system. It’s not something you need to constantly monitor.

A year later, your business has — miraculously — doubled in size. You’re finally reaping profits. Best of all, a recent news story has brought your company into the public eye, and brand-new leads are contacting you every day. For the first time since the company’s inception, you can breathe easy.

Then, one Monday morning, you log into your computer. For a second, everything seems to be normal, until an innocent-looking pop-up fills your screen. “Attention!” an eerie robotic voice barks from your speakers, “Your documents, photos, databases and other important files have been encrypted!”

Thinking it’s a hoax, you click into your server drive. To your dismay, you really are locked out of everything. So, palms sweating, you read the rest of the pop-up. It provides instructions to install the deep web browser Tor as well as an address for you to visit. When you go there, you learn that in order to recover all your data, including the credit card information of your customers, you’ll need to dish out $50,000 in bitcoin.

A year ago, you couldn’t afford adequate cyber security. Can you afford $50,000 in cash today?

Identical situations are unfolding every day, with people exactly like you. Back in April, CNBC reported that across the previous 12 months, half of all small businesses had been infiltrated by malicious hackers. “Cyber security is clearly a concern that the entire business community shares, but it represents an especially pernicious threat to smaller businesses,” wrote the Securities and Exchange Commission in a 2015 report. “The reason is simple: small and midsize businesses are not just targets of cybercrime; they are its principal target.” Cheapo security solutions might be fine for a lone browser surfing the web at home, but they are shockingly inadequate resources on which to base the entire success of your company, your livelihood and the livelihood of your employees.

Frankly, it’s irresponsible to lock your data behind a flimsy $5 firewall. Invest in robust cyber security solutions and secure the future of your company.

What is VoIP Technology?

01 Sep 17
lverbik
, , , , , , , , , , , ,
No Comments

Is it time for your business to abandon that ancient land line phone and discover the flexibility and convenience of VoIP technology? If so, you’re in luck because we’re working on a series of blog posts on this topic.  Let’s jump right in and learn the basics…

When you install VoIP technology into your home or business, you’ll have the ability to talk to others using Voice Over Internet Protocol (VoIP.)  All that means is that you’ll be able to use the phone that’s connected to the internet to make calls.

Instead of phone lines that traditionally run over the electrical or phone lines in your home already, VoIP uses your internet connection instead.

In most cases, you won’t be able to tell the difference in using VoIP over other phone technology.  It gives you the same basic results.  It sounds easy, right?  It really is that simple.

To do this, several key things will be necessary.

  1. You will need to connect your standard telephone to an adapter unit that is VoIP qualified or get a new internet ready phone unit. You may also use a microphone equipped computer to make your calls instead of a phone.
  2. When you pick up the phone to dial your friend across the ocean, the VoIP adapter realizes what you are doing and turns the voice signals you are sending into your phone into digital based signals. These are then sent across the ocean through the Internet, instead of traveling through any phone line.
  3. Your friend receives your call in the same way. He or she will pick up the phone when you call and then VoIP goes to work again.  This time it translates the digital like signals back into a standard voice transmission.  When your friend uses their phone, they hear your voice, nothing more.

As you can see, it really doesn’t make much of a difference in the experience that you have using the telephone.  You’ll be doing the same thing that you are already doing.

Here’s how it works:

Phone Call –To- Adapter- Internet – Adapter –To- Phone

Although it may seem like this process takes time, it really does not.  It will take little to no time to convert your voice into a digital signal to go over the internet service that you have and back into your voice so your friend will hear you.  In fact, the process happens so fast you may not even realize what is happening at all!

Computer Communication

Another option that you may have comes in the form of using the computer in your home or business to make your calls.

In order to do this, you will need to have a computer that has a microphone built in.  This microphone will serve as your communication tool.

When you make a call, you will simply use the software that is installed on your computer to call your friend.  When they answer, you can talk to them without any type of handset.  Instead, you’ll use the microphone to talk into.

The process is still the same.  The computer will take your voice and translate it into a digital signal which is then sent over the internet to your friend’s computer.  They can either use the phone or their own computer to talk to you.  The voice once again changes from a digital signal into an actual voice and you hear your friend, just as you would if you had dialed their phone number into your phone.

You can also do this by using a computer that is equipped with a headset that allows you to speak into it for more privacy.

As you can see, VoIP technology is quite easy to use and can help your business stay connected to your clients, suppliers and associates around the world. Techno Advantage can help you get the right equipment, ensure that your connection is optimized and maybe even save money!

If you are considering VoIP technology for your business, contact our Techno Pros here at Techno Advantage. 

Why Your Current Antivirus, Backup, And Firewall Have Been Rendered Completely USELESS (And What You Need To Do About It)

16 Aug 17
lverbik
, , , , , , , , , , ,
No Comments

At the end of World War I, German engineer Arthur Scherbius constructed a device that would become central in another worldwide conflict of unimaginable magnitude over 20 years later: the Enigma machine. The machines, which steadily became more complex with each iteration, consisted of a series of rotors that, by themselves, encrypted messages input via the attached typewriter. Each rotor performed a simple substitution cipher, but when run through multiple rotors, the encryption reached a staggering level of complexity.

Initially used for transmitting sensitive company secrets in the commercial sector, the technology was eagerly adopted by the German military machine prior to World War II. After war broke out across Europe once again, Enigma encoding became central to the operation of the Axis powers, used for sending vital, sensitive intelligence across the airwaves. Due to the complexity of the Enigma system, the Germans were certain that the code would not, and could not, be broken.

But the Germans were wrong. Using photographs of stolen Enigma operating manuals obtained by a German spy, the Polish General Staff’s Cipher Bureau managed to construct an Enigma machine of their own, enabling them to covertly decrypt substantial amounts of Axis intercepts. Ahead of the impending invasion of Poland, the Poles shared their knowledge with the French and British military to expedite the defeat of the Germans. A massive team at Bletchley Park in Buckinghamshire, led by code-breaking master Alan Turing, became the central location for Allied efforts to keep up with Enigma operations.

Germany, still convinced the code was fundamentally unbreakable, continued using Enigma for a wide array of communications. But even the most complicated four-rotor Enigma systems were eventually decrypted. Great pains were taken to ensure the Germans never learned their precious code had been broken, labeling any intelligence gained from Enigma as “Ultra,” keeping the significance of Bletchley Park’s operations under wraps. Ultra-intelligence was used sparingly to avoid German suspicion.

The efforts of the Polish Cipher Bureau, Alan Turing, Bletchley Park, and the hundreds of men and women who contributed to the cracking of the Enigma code were described as “decisive” in theshortening of the war, and, at the high end, are estimated to have saved over 14 million lives.

Much like the Germans who assumed Enigma was uncrackable, most business owners believe their current, potentially outdated, cyber security measures will keep their data safe. But, in the contemporary age where digital information is as precious as gold, cybercriminals are working around the clock to penetrate even the most robust security solutions. You can bet they’ve already created a workaround for your current antivirus. What was good enough before may not be good enough today. After all, it’s simply impossible that a security solution from even two years back could be equipped to defend your precious data from a cutting-edge hacking technology that didn’t even exist when it was created.

Today, companies that fail to stay abreast of the latest cyber security trends — clinging foolishly to their own Enigma — are certain to pay the price down the line. Once the lock is picked, you need a new lock, and criminals are cracking new locks each and every day.

Luckily, as your IT provider, we’re cyber security experts, and we constantly seek the latest and most robust security solutions. Don’t leave your company’s security up to a false sense of confidence. Always be looking at options to upgrade your digital security and make it a sure thing.

The ONE Thing You Must Do to Keep Your Data Safe in the Cloud. Is Your IT Guy Doing This?

26 Jul 17
lverbik
, , , , , , , , , , ,
No Comments

How secure is your data? Cloud data storage is becoming a massive industry in this country, and many businesses and other institutions are putting their data into the cloud. Some of this data is pretty harmless. Other stuff — like hospital records, banking information, or company payrolls — are prime targets for bad actors. Is the cloud storage tradeoff worth it?

The short answer is yes, but only if your IT guy is encrypting your sensitive data.

Every cloud storage company you talk to will claim to take top-of-the-line security measures on behalf of your data. But that, in a nutshell, highlights the problem with cloud storage. Your data is entrusted to a third party for safekeeping. It’s possible that they’d do everything in their power to safeguard your information. But bad things, like ransomware, phishing, or just plain going out of business, do happen. And when they happen, it’s not the cloud storage company whose data is on the line; it’s yours.

Even if that doesn’t occur, let’s be honest. Most of the major cloud storage companies are based in the United States, the U.K., or France, where they could be subject to NSA snooping (or questionably legal surveillance from any other government entity). Despite the best efforts of many storage companies to  prevent government intrusion, your data could still be at risk, even when it’s locked up tight.

This brings us back to encryption, which is the hands-down best way to protect your data, period. It’s just like locking sensitive data in a box, with a password needed to reopen it. Even if someone gets ahold of the box, if they don’t have the password, there’s nothing they can do with it. There are a lot of encryption tools out there and you’ll want to make sure that you have the right one for your specific needs. If you ever need a recommendation, don’t hesitate to reach out and ask! We’ll be happy to provide you with the specific recommendation (free or paid) that fits your needs.

In addition, most cloud storage companies protect your data with their own encryption, but this isn’t as secure as encrypting your own information. That’s because the cloud storage company has the encrypted data in its possession, but it also has the keys to that data. If someone can get in, they can probably get the information they want. And a disgruntled employee — or just a hapless one — can also provide hackers access to the system through good old-fashioned human engineering.

If the cloud storage company is compromised (and it happens quite often), will your data be secured or unsecured? Well, if you’re encrypting your own data before uploading it, then the bad actors will open up the safe to find … a bunch of locked boxes. Pretty frustrating, right?

On the other hand, if you’ve trusted the cloud storage company to take care of everything, you’re going to have a bad day.

As you can tell, it makes sense to have your IT guy encrypt everything that gets put on the cloud before it gets there. But remember, just as your cloud storage provider is vulnerable, you can be vulnerable as well. It’s less likely that bad actors will target your company specifically, but if they want your data bad enough, they’ll go to great lengths to get it.

Many people have a misconception that these criminals will just use a magic program to crack your encrypted files. Decryption does exist, but it requires a lot of time and processing power. It’s far more likely that hackers will target your email or other aspects of your system and try to find out the encryption codes that way. And never forget that people are the weakest part of your IT security. Educate employees so they aren’t vulnerable to phishing scams, downloading questionable software, and visiting the wrong websites.