Since the holidays are about good cheer, don’t be a grinch this year!

Wednesday, November 18th, 2015

CyBer Monday

The holiday shopping season is fast approaching once again. Every year, more and more people use online shopping for the majority of their purchases. Is your business ready for the online shopping that your employees will likely do during business hours? Is your bandwidth ready to make sure your mission-critical applications take priority?

Cyber Monday will come up faster than you think, but that is only one day of online shopping. Cyber Monday 2014 ranked as the heaviest online buying day that year with $2.038 billion in desktop spending, but the day after Cyber Monday wasn’t far behind, ranking second for the season at $1.796 billion. It doesn’t even stop there! On the second Monday in December (Green Monday), online buying was $1.615 billion! These are all regular business days! And each year the amount of time and money spent online shopping increases! The whole season is about shopping for those important to us, and employees are going to try to get online to grab the best deals no matter what day, or time of day, it is.

Since the holidays are about good cheer, don’t be a grinch this year. Find ways to satisfy all your business and employee needs. Give your employees the gift of online shopping time during this holiday season, while making sure your IT team receives the gift of proactively throttling bandwidth for noncritical applications when needed.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats. FREE bandwidth audit available!

The Tip of the Spear . . . Phishing

Monday, November 16th, 2015

Spear-Phishing

Spear phishing has become a leading way hackers gain access to business systems and data. They use natural human familiarity as the weakness. You receive an e-mail from an executive within your company. Will you take the time to second guess the sender? Will you hesitate clicking a link or an attachment that is deemed important by this person? Likely not. Even those who know the risks and precautions may easily fall victim to this type of hack. It thrives on the information that is already available to the hacker. They find out enough about you to make the e-mail not only look like it is from someone you know, but also include information within the e-mail that will reinforce this familiarity, such as referring to a project or another team member.

For a business to try and fight against this type of hack, employee communication is important. In 2014, 56% of those polled by Dark Reading cited “lack of employee awareness” as the most dangerous social engineering threat to organizations. Consistent training and constant communication will give employees the tools to proactively question an e-mail they receive.

Avoiding the most obvious risk should be lesson number one. No matter who the e-mail is from, even the CEO of the company, make sure employees know not to give out information such as passwords or business account numbers. They should question and verify the e-mail when this type of information is requested at any time. You can no longer trust an obvious phishing sign like a request from a foreign national looking for money. Spear phishing takes the extra effort to look past the initial information in the e-mail into the overall intention.

As always, make sure your employees know to think before clicking a URL or downloading any files. Today, malicious attachments come in all types, not just .exe files, and URLs may lead them to a Web site that looks legit but is actually a phishing site that will then request confidential information, such as logon credentials. It is easy to verify a domain or run a scan on an attachment, so users should know the necessary steps of verification.

Lastly, recommend that your company take precautions when it comes to cybersecurity. Instead of large, all-in-one product add-on tools that just give you a small, top-level view of activity, recommend that your company use the most targeted security tools available. To mitigate security risks, this should include the ability to proactively block malicious URLs, discover and analyze Shadow IT and cloud services, and supply comprehensive drill-down reporting on Web-access activity for your entire distributed workforce.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats. FREE bandwidth audit available!