Let that sink in a moment. This means that if you have a cyber incident, like ransomware, it is FAR more likely that a human being in your organization triggered it.
When companies focus their attention on solving what they think are technology problems with technology solutions, they’ll neglect to identify simple interventions that can help reduce the incidence of bad behaviors and promote good ones.
This is why we conduct training on social engineering exploits to keep our clients safer. Unfortunately, there are limits to just what technology is capable of doing. HBR says it best:
In the absence of fail-proof AI, human judgment is still needed to fill the gap between the capabilities of our security technologies and our security needs. But if human judgment isn’t perfect, and technology isn’t enough, what can companies do to reduce behavioral risks?
Training is the best way to protect users – and your company – from attacks that could potentially risk your entire company and it’s existence.
We reached out to our partners, LastPass, and are sharing their great holiday shopping tips to keep you safe with cybersecurity. A big “Thank You” to their blogger, Katie Petrillo.”
3 Ways to Make Your Holiday Shopping a Breeze–
and Keep You Safe
As Black Friday, Cyber Monday, and gift-giving season approach quickly, we’re sharing best practices for using LastPass to make online shopping fast, easy, and most importantly, secure.
Cybersecurity is a top priority for many consumers after yet another worrisome year where Yahoo announced all 3 billion accounts had been comprised in the 2013 breach and over 145 million Americans had their information exposed in the Equifax breach.
Here are our tips for using the new, improved LastPass to keep your personal information secure, while also making it easy and quick to get your online shopping done this holiday season.
Adding New Items
You’ll be inputting lots of information as you shop for loved ones this holiday season. From your personal information to shipping and billing address to credit card numbers, that’s a lot of typing, and it should be as seamless as possible. Before you do any shopping, get everything into LastPass by adding these items using the new structure in your vault. Here’s how:
Click the LastPass icon in your browser and select “Open My Vault.”
Select the + icon in the bottom right and choose “Add Item.”
On the menu, select the type of item you want to add (Payment Card, Address, etc)
Enter your information and click “Save” so you can access it later when you need it.
Do this for all of the information you’ll need throughout the holiday shopping season. Don’t forget each of your shipping addresses — your home, work, your parents or in-laws — so you can quickly fill it in when you need it.
Creating New Accounts
When you’re buying for others, you’ll find yourself on sites where you don’t already have an account, and you need to create one. The last thing you want is to take too much time creating those new accounts, so use LastPass to quickly fill your personal information (via the items you added above) and generate strong passwords. Here’s how:
Click the icon in the empty account information field (Name, email address, etc).
In the drop-down menu, click the item that corresponds to your personal information, and it auto-fills for you.
In the password field, click the icon to show the password generator (which has a modern look and feel). You can “Fill Password” to use the auto-generated one, or choose “More Options” to change the requirements, such as length, complexity, and characters.
Click “Fill Password” where it will populate both password fields, and submit the entire form.
In the top right, a card will ask if you want to add the new site to your vault. Click “Add” and you now have the new account saved and easily accessible if you need to go back and track your order or contact support.
Filling Your Credit Card & Addresses
Perhaps one of the more tedious aspects of shopping online is typing in your address and credit card – endlessly. LastPass eliminates that process and reduces it to one click, and is the tool you’ll use most often throughout the upcoming holiday season. Here’s how to fill your information for purchases:
Ensure you added your payment cards and shipping/billing addresses to your vault, as noted in “Add Items” section above.
On the online checkout page, click the LastPass icon in the empty address field. You’ll see a drop down menu of items you added to your vault. Click the one you want and LastPass automatically fills in the form.
In the credit card fields, again click the LastPass icon and select the payment card you want to use to automatically fill the credit card number, expiration date, and security code.
Just like that, you’ve made the online shopping process a series of clicks rather than a frustrating, time-consuming process of finding your credit card number and filling in your addresses. This holiday season, use the new look and feel of LastPass to make online shopping quick and easy, but without compromising your personal online security.
Managed malware protection is part of our relentless commitment to protect our clients with state-of-the art services as your Managed Service Provider.
Wrapping proactive IT security around your business with Strongarm.
With the right technology, anything is possible. Without getting too deep into technology, here are some of the things that will be happening to protect you, your business and your employees and users.
The attackers are being watched. Whatever the attackers, they are being watched as they set themselves upon the internet. Be it phishing sites, hacking websites and adding exploits, or malware command and control, Strongarm is constantly watching. By aggregating data from technology partners and open sources and curating a set of their own data, Strongarm gets ahead of the attackers.
By monitoring outbound DNS requests and correlating this against aggregated intelligence, Strongarm stops your company’s systems from talking to malicious infrastructure. When a connection to a bad domain is identified trying to leave your network, the DNS resolver returns Strongarm’s blackhole address instead of the attacker’s. The victim system communicates with Strongarm instead of the attacker, effectively disarming the attack.
Strongarm speaks to your users…and malware. If your user clicks on a phishing link, they receive a shot of user education right where they would have been phished! This is a real win, as there’s nothing for you to do to respond. In the case of malware or ransomware, this doesn’t just block an infection and drop the connection. Strongarm “speaks malware,” meaning they can interrogate the infected host to gather valuable information, such as who the victims (machines) were and whether there is a “poison pill” to destroy it. This is what makes this managed malware protection different from all other DNS providers and security solutions: Turning the attack against itself to protect your business.
Strongarm’s got your back. When an attack is stopped, the work has just begun. As soon as an attack has been stopped, Strongarm begins triaging what’s happened. Using the their discussion feature, Strongarm will tell you what kind of an attack has happened, what the attacker’s goal was, and recommend how you can respond.Sometimes it’s simply having a conversation with a user. Sometimes it’s cleaning malware off of a workstation. Sometimes it’s verifying your systems are patched against the attack we stopped. Working together, we’ll keep your users safe.
Why DNS-Based Security Works. By watching DNS requests and not focusing on the network traffic, Strongarm is not blind to encrypted traffic, peer-peer traffic, and other tactics that hackers use to get past firewalls and antivirus.One of the benefits of Managed Service Provider care through Kirkham.ITis that we’re going to help find those nasty little bugs and other creatures and keep them picked out.
Managed malware protection and your Managed Service Provider.
Kirkham.IT is a Managed Service Provider (MSP) providing services that remotely manage and provides IT infrastructure for their clients, tailored to reach each client’s objectives.
Kirkham.IT has partnered with Duo Security to provide Multi Factor Authentication (MFA) to desktops and remote access users. Security as well as ease-of-use are very important in our evaluations, and after considering offerings from multiple vendors, we selected Duo.
Easy and Fast
Duo’s Push MFA is easy to use and fast:
The video is not exaggerating – it really is that fast.
Duo is fast, easy to use, and affordable. It is simply the best way to secure your devices.