What is Cloud Jacking?

Written by WesTec on November 5, 2020. Posted in Cybersecurity, Data Protection, Uncategorized

With the rise of COVID-19, cloud-based remote work has become increasingly popular and necessary. With new and emerging cloud-based technology comes new cybersecurity threats, like “cloud jacking.”

What is cloud jacking?

Cloud jacking occurs when a hacker steals the information of a cloud account holder and gains access to the server. Hackers often use this act as a means to conduct criminal activities, such as identity theft.

Because businesses often store confidential, sensitive information on cloud servers, they are major targets for cloud jacking. When it relates to sensitive information, these kinds of security breaches can be devastating for a business’ clients, partners, and reputation. Cloud jacking is not simply a one-time offense, as it creates a web of victims.

How do I protect myself against cloud jacking?

There are several things you can do to protect your business, clients, and partners from falling victim:

Require strict, multi-factor user authentication
Limit internal access to your cloud server
Perform background checks before granting anyone access to your cloud server
Backup all data stored on the server, in the event that there is data loss
Use encryption to secure all data before storing on your server
Require all users to create strong, secure passwords
- Here are the properties of a strong password:
  - The longer, the better
  - A combination of lowercase and uppercase letters
  - Numbers and symbols
  - Avoid words or terms that could be easily linked to your identity

The professionals at WesTec Services want to help you protect your network and business. We provide vital business technology and consulting services that can be tailored to your needs and budget. Interested in learning more? Contact us today!

Don’t forget to follow us on Facebook, Twitter, and LinkedIn!

Top 3 Cybersecurity Threats Businesses Have Faced in 2020

Written by WesTec on October 29, 2020. Posted in Cybersecurity, Internet

As we make new advancements in internet technology, hackers are getting smarter! Therefore, it is crucial that you stay informed on emerging cybersecurity threats. WesTec Services has compiled a list of cybersecurity threats to be aware of:

Cloud Jacking

As remote work has become more popular and necessary as a result of COVID-19, cloud jacking has become more prevalent. Cloud jacking occurs when a hacker gains access to your cloud server. Often, hackers will hijack cloud accounts to steal identities and conduct unauthorized or illegal activities. Cloud jacking should not be taken lightly, especially if you store sensitive, confidential information on your cloud server.

Endpoints

In the past, centralized security measures were enough to protect a network from security breaches. However, the introduction of mobile phones and laptops posed new security threats — and brought awareness to security vulnerabilities (or “endpoints”). Using encryption, endpoint security seals any vulnerabilities in a network’s connection. This additional layer of security protects against threats if an infected device connects to the network. However, with the rise of remote work, we are seeing an increase in endpoint interception, as many are using mobile devices and laptops on networks that are not secure.

Phishing

Phishing is still alive and well in 2020! Hackers are now targeting small businesses with spam emails. These emails will appear to be from companies that sell a product or service that may be of interest to small businesses — and of course, upon the user clicking a link or downloading a file, their computer has been infected. Furthermore, some emails will provide a link that prompts the user to enter their log-in credentials for a familiar website, while even displaying a reCaptcha security pop-up to appear more credible and secure.

It is important to use the internet with care. Cybersecurity threats can cause a variety of issues for your business, ranging from system failure to productivity loss. At WesTec Services, we believe there is power in educating yourself. As a business owner, you should familiarize yourself with potential threats and educate your employees on internet safety. Have questions about cybersecurity? Contact us today!

What is HTTPS?

Written by WesTec on October 1, 2020. Posted in Cybersecurity, Internet, Security

You have likely seen the acronym “HTTP” while navigating the internet. HTTP (Hypertext Transfer Protocol) appears at the beginning of a web address and supports data transfer between the web browser and website. You may have also seen the acronym “HTTPS” and wondered, “What’s the difference?” Hypertext Transfer Protocol Secure (HTTPS) derives from HTTP and is an encrypted security certificate that protects sensitive information in data transfer. HTTP refers to a standard, unencrypted server, while HTTPS indicates a server is secure. HTTPS is a necessary extension if your website requires log-in credentials or the entry of private information. Without HTTPS, hackers can easily extract sensitive information. As the need for internet security increases, web browsers like Google and Yahoo! take HTTPS quite seriously. If you do not have this security certificate, your website will be flagged “not secure” – and who wants to enter their credit card information on a website that isn’t secure? Don’t fall victim to a security breach. Educate yourself on how HTTPS works and why it’s important:

How It Works

HTTPS simply takes HTTP and adds a layer of SSL protection. SSL (Secure Sockets Layer) is a connection that encrypts and decrypts a user’s requests and responses. SSL ensures that communication occurring between the user and the website server cannot be read or extracted by hackers.

Why It’s Important

Since its inception, the internet has changed life as we know it. With the introduction of e-commerce, we no longer have to leave our houses to shop for the items we need – we simply fill up our “cart”, enter our credit card information, and wait 5-7 business days for our items to arrive. We no longer have to mail a check or pick up the phone to pay our bills – we can conveniently pay our bills online! When we create a social media account or fill out a job application online, we are surrendering information like our full names, addresses, social security numbers, and more. Because HTTP websites are more susceptible to hacking, it is imperative that we make the transition to an entirely HTTPS web. We can have peace of mind, knowing that our personal information is safe. Additionally, HTTP does not protect against malware infection. When a website is infected with malware, its users are at risk of being infected as well. A cybersecurity threat can cause data breach, system failure, and ultimately impact your reputation and productivity as a business. Therefore, it is important that you educate yourself on internet safety. The IT professionals at WesTec Services can answer any questions you may have about cybersecurity. Contact us today!

3 Crucial Security Solutions to Employ as a Business Owner

Written by WesTec on August 13, 2020. Posted in Access Control System, Business, CCTV, Cybersecurity, Data Protection, Hardware, Internet, IT, IT Consulting, Network, Network Health Check Audits, Network Installation, Phishing, Security, Telecommunications

A security threat of any kind can disrupt productivity and impact business. What precautions are you taking to ensure your company does not fall victim to these disruptions? Here are 3 security solutions you should employ as a business owner:

Backup Disaster/Recovery

System failure can occur for a variety of reasons, such as virus infection, human error, and natural disaster. Regardless, system failure occurs without warning and could easily put you out of business if you are not prepared. Therefore, it is crucial you implement some sort of backup and data recovery software to protect your network. If you store important or confidential files on your computers, you simply cannot afford to be without backup and data recovery.

Access Control Systems

Another way to protect your business against security threats would be to implement an access control system. With access control systems, facility owners may install security technology such as ID key entries and finger-printing scanners in order to track who enters the building. This technology can also record the time and date guests arrive and leave.

CCTV or IP Security System

Video surveillance is another great solution for businesses looking to increase security efforts, especially when paired with access control systems. Installing cameras at key entrances and exits will allow a facility owner to better monitor who enters the building. Unlike backup disaster/recovery, access control systems and CCTV protect against external security threats. Why wait until you need a solution in order to implement preventative measures? Most IT consultants simply react to problems instead of looking for ways to prevent them from happening in the first place. At WesTec Services, we believe prevention is better than a cure; prevention is key to maintaining productivity and cash flow. Protect your assets – call WesTec Services and schedule a meeting with one of our IT professionals to discuss what security solutions are best suited for your business!

Protect Yourself Against Cyberattacks When Working Remotely - WesTec

Protect Against Cyberattacks When Working Remotely

Written by WesTec on July 24, 2020. Posted in Cybersecurity, Data Protection

As business continues to shift towards long term remote work practices, our tendency to fall for phishing scams has risen exponentially. While many businesses used to have one or two locations, workers are now spread out all over the country, working from their home phones and computers. While we now see more screen sharing services and video conferencing, a lot of these newer services are still perfecting their security measures. Here are a few changes businesses can make to protect company security during remote work conditions:

Use video conferencing passwords

Video conferencing apps such as Zoom or WebEx have had security breaches in the past, random people joining a call without invitation and “bombing” it. Many of these services have already made improvements to prevent this, but when possible, enable a meeting password and share it only with those welcome on the call.

When possible, protect equipment and increase security

Many employees do not have the necessary equipment at home, such as computers and monitors, to work as efficiently in the office. By allowing employees to bring home computers from the office or providing them with security for their home computers, the business can feel more confident in the security of their data. It is also common that home computers lack the security measures of work equipment, making them easier for hackers to access and leak valuable information. Whether you are using company equipment or your own, talk to your company and discuss how to best protect sensitive company data from your home.

Be cautious opening emails

With basically all office communication occurring now through email, employees are much more active, and most likely responsive, on their inboxes. This provides more opportunities for phishing scams to sneak in and imitate legitimate people or companies.Use caution when opening emails from unknown addresses, and if it seems unsafe, never click on a link or download. While transitioning to remote work may be difficult, the security of your data does not have to be. WesTec Services have been providing technology services for over 20 years. To discuss your IT, business telephone, or video security needs, contact WesTec today.

Misleading password meters could increase risk of data breach

Written by WesTec on July 10, 2020. Posted in Cybersecurity, Cypbercriminals, Data Protection, Passwords

A Password meter is an indicator of the strength of a password entered by a user on a website. In most cases, meters estimate the amount of tries necessary for your password to be guessed by an attacker by factoring in password length and complexity. A University of Plymouth study tested 16 of the most encountered password meters on the internet to test their effectiveness. Based on the results, here are a few tips on how to keep your passwords secure, regardless of an “approval” given by the password meter:

Do not always trust the password meter

Just because a password meter says “strong password” does not mean it is. The meters can be helpful but are also extremely flawed, giving you a sense of false security. When deciding on a password, do not base it solely on the rating given by the website.

Avoid using keyboard patterns

On many password meters, passwords such as “querty”, “abc123”, and “Password” sometimes cannot be detected as problematic. Common letter combinations, such as going down a row of the keyword or commonly used words, are easily guessed and not always flagged on the meters.

Make passwords complicated and personal

The most secure passwords are those with a combination of uppercase, lowercase, numbers, and symbols. Choose combinations that seem difficult to guess by an outside person or computer. The more complicated and seemingly random the password, the stronger it will be.

In addition to character variation, do not use the same password for all of your accounts. Change up your passwords so that if one is discovered, not all of your information is at risk.

Secure your valuable data with the protection it deserves. Do you part to protect your information with a strong password, WesTec is here to do the rest. WesTec Services is dedicated to providing the highest quality of IT consulting as well as backup disaster and recovery planning. Give WesTecCall a call today to discover more about our available services.

How to Prevent Malware

Written by WesTec on May 15, 2020. Posted in Cybersecurity

When your computer slows down or begins acting in an unusual way, it may be infected with a virus or malware. While most malwares are annoying, others may be malicious and hijack your computer’s information. Here are some tips to keep your hardware safe and prevent your computer from becoming infected.

Install Anti-Virus Software

Installing an antivirus or anti-malware software is the first step to protecting your computer. Without some type of protection software, your computer is an easy target for hackers. It is important to make sure the software stays up to date as well. For the best protection, install updates regularly as they alert you on your computer.

Run Regularly Scheduled Scans

You should be scanning your computer regularly with the anti-virus software you install. To best protect your computer, schedule your scan one night every week. Make sure your computer does not shut down automatically or go into hibernation mode to ensure the scan completes.

Use a Secure Network

Always use a secure network for computers to connect to files, printers or internet. Using an open network makes it easier for hackers to access your information. This means you should avoid using your computer at places that offer free WiFi. If your business likes to offer complimentary wifi to customers, consider offering a guest wifi with a different password than your main network for added protection.

Think Before You Click

Good protection software will automatically scan any links or unusual emails on your computer. However, it does not hurt to always be cautious when opening an email from an unknown sender or making sure a link is taking you where it says it is.

Use Multiple Strong Passwords

Finally, never use the same password for all of your important accounts. We often use the same email address or username for all accounts. Knowing this, it becomes crucial to use multiple strong passwords to prevent hacks. Your passwords should be easy to remember, difficult to guess, and always avoids dates or names.

Following these tips can help protect your computers and information from viruses and malware. For more information on how WesTec’s IT experts can help your business keep its information safe from hackers, contact us.

When Should I Update My Passwords?

Written by WesTec on May 1, 2020. Posted in Cybersecurity, Passwords

Sometimes, accounts will ask you to update your passwords for security reasons. This often feels like an unnecessary task meant to make your life more complicated. However, in a world full of hackers and online predators, one must regularly update their password to protect valuable information.

Change Your Passwords Regularly…

By regularly changing your login information and passwords, you make it harder for someone to steal information. This is increasingly important for accounts without two-factor authentication. Communication accounts, like email and chatting apps, should also be updated every so often for increased protection.

…But Don’t Change Them Too Often

Traditionally, experts recommended you change passwords every 30 to 60 days–this is no longer the case. Mandatory password updates lead to money loss and lack of productivity with minimal security payoff. Now, changing your password doesn’t hold near the protection it used to. Because cybercriminals continue to learn more advanced hardware and software, they can typically discover your password if they look hard enough.

As humans, we tend to create patterns. This is no different in password creation. Typically, we use similar letters, numbers and themes when updating a password. Updating your password too often leads to confusion with little added benefit.

Keep Your Data Secure

As a rule of thumb, update your passwords when there is proof of some sort of security breach or online attack. This includes unauthorized use of an account or evidence of malware. By doing so, you’re preventing a hacker from gaining access into your personal accounts and obtaining sensitive, private information or data.

There are other ways to protect your data. Contact the experts at WesTec Services for more information about our cybersecurity services.

If you’re not sure how to create a secure password that will outsmart the online hackers, read our recent article for tips.

Hack the Hackers with Password Security

Written by WesTec on November 7, 2019. Posted in Cybersecurity, Data Protection, IT, Management and Consulting, Network, Passwords, Security

Have you ever been the victim of a cyber attack? Do you use the same password for all of your accounts? Follow our guide to outsmart the hackers with increased password security.

How Hackers Get Your Passwords

Before you can better protect your accounts, you must understand how cybercriminals access steal your information. Typically, a hacker will compromise your account in one of three ways.

Personal attack: Hackers target your account specifically. They will typically guess your email password and use password recovery options to access other accounts.
Brute-Force attack: Hackers systematically check all possible passwords until the correct one is found.
Data Breach: Hackers attack large companies, resulting in millions of compromised accounts.

What Makes a Good Password?

Ideally, your password should be at least 16 letters and contain a combination of numbers, symbols, uppercase and lowercase letters. Passwords should not include any repetition, dictionary words, usernames, pronouns or IDs. Make a strong password by thinking of a phrase and then use the initials of each word, as well as the numbers and symbols, to combat potential attacks. For example, if your phrase is “Do you think a hacker will guess my 16 character password for Facebook?!”, your password might be: Dytahwgm16cp4F?!

Enable Two-Step Authentication When Possible

If any sites or accounts offer two-factor authentication, take advantage of it. This system works to limit hacking attempts by making a user authenticate their identity with a second method of verification. Check out our recent blog post about two-factor authentication for more information.

Use a Password Manager

The best thing you can do for your accounts is have a different password for each one. However, if you follow this one cardinal rule of password security, keeping up with all passwords can be difficult. Using a password manager allows you to save all of your passwords in a secure spot with a strong master password. WesTec offers consulting for any individuals or businesses wanting more information about password security, network installation, or managed IT services. Contact us for more information.