MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

3 Security Lessons We Learned the Hard Way in 2017

3 Security Lessons We Learned the Hard Way in 2017

2017 was filled with security issues ranging from threats and small attacks to major security breaches. You can learn a lot from the misfortunes of other ill-prepared organizations about how to prepare for and handle cybersecurity issues. This week’s tip is dedicated to learning a bit from some of the security problems that may have flown over your radar last year.

Lesson One: Track Your Data
The Yahoo and Equifax data breaches led to countless individuals losing track of their data and how it’s used online. These breaches made it unbearably clear that even some of the largest organizations in the world aren’t immune to the dangers of the Internet, and even they could become victims if they didn’t pay particularly close attention to their security. In some cases, these breaches remained unannounced for months.

This observation led to the belief that small and medium-sized businesses must be much more careful with their data than they previously had been. If large companies can be toppled by security threats, then so too can small businesses (since they likely have smaller security budgets and less comprehensive solutions put in place). Therefore, a small business should also take as many measures as possible if it should hope to secure its future.

Lesson Two: Patches Are Extremely Important
Patches and security updates are one of the best ways to prevent data breaches. In the Equifax case previously mentioned, it would have been vital. Patches are implemented by developers with the express purpose of resolving holes in their solutions. Yet, 2017 has shown that some companies need to put a higher priority on patching, as many of the issues that 2017 saw could have been prevented with proactive patching.

Everything starts with the developers, though. If the developers don’t issue the patches and updates in the requisite timetable, the problems posed by the threats could have plenty of time to cause as much damage as possible. For example, the bug that allowed the EternalBlue exploit wasn’t patched until a month after the issue had become known. The exploit was then used alongside other threats, like WannaCry and NotPetya, to cause even more trouble for organizations and individuals, alike.

Therefore, we recommend that you apply patches as soon as possible after they are released. We also recommend that you maintain a consistent patching schedule, routinely deploying them as you can. After all, the longer you wait to deploy a patch, the longer you have to become infected by the very bugs that they are designed to fix. Plus, the longer the patch is available, the longer it is available to hackers. These nefarious actors could take it apart and discover what vulnerability is being addressed, affording them time to create code that would negate the effects of the designated patch.

Lesson Three: So Many Ways for Data Theft
Cisco has found that business email and account compromise attacks are five times more profitable than your typical ransomware attacks. In fact, the Federal Bureau of Investigation estimates that BEC attacks have lost businesses over $5 billion. Therefore, your organization needs to take a stand against common security threats. One way you can shore up defenses for your infrastructure is with traditional endpoint security. If you can keep threats from accessing your network in the first place, you’re setting yourself up for success. You can use access controls to ensure that a hacker can’t access your entire infrastructure from a single unsecured endpoint. We also recommend educating your employees through security training so that they are made more aware of their role in network security for your organization.

Don’t let your business fall victim to security threats in 2018. To learn more about network security, reach out to MERIT Solutions at (757) 420-5150.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 21 May 2018

Captcha Image

Tag Cloud

Security Tip of the Week Best Practices Technology Privacy Cloud Business Computing Network Security Hackers Malware Internet Software Hosted Solutions Business Management Backup google Productivity Managed IT Services Mobile Devices Computer Microsoft Disaster Recovery VoIP Outsourced IT Business Continuity Business IT Support communications Email User Tips Cybersecurity Windows 10 Hardware Innovation Productivity IT Services Data Backup Cybercrime Efficiency Windows Saving Money Mobility Mobile Device Management Managed IT Server Ransomware Small Business Apps Internet of Things Smartphone Operating System Data Recovery browser Data Law Enforcement Save Money Tech Term Android Virtualization Telephone Systems Cloud Computing Data Security Smartphones Hosted Solution Quick Tips Passwords Phishing BDR Money Information Technology Chrome Recovery Communication VPN Microsoft Office Office 365 BYOD Automation Password Holiday Best Practice Social Media Social upgrade Budget App Work/Life Balance Data Management Cost Management Network Wi-Fi Collaboration IT Support Facebook Government Hacking Google Drive Avoiding Downtime Vulnerability Update Alert Two-factor Authentication Health Gadgets Miscellaneous Managed Service Provider Wireless Computers Data Breach Risk Management Unsupported Software Identity Theft Streaming Media The Internet of Things Flexibility search Shortcut Employer-Employee Relationship Data Protection Firewall Application Antivirus User Error Current Events Audit Wireless Technology Windows 10 Personal Information Telephony Politics Spam Workplace Tips Managed IT Services Cleaning USB Save Time Private Cloud Office tips Applications History Social Engineering Proactive IT Users Encryption Apple Data Loss Marketing Humor WiFi Disaster Artificial Intelligence Blockchain Big Data Google Docs Going Green Bandwidth Mobile Security eWaste Devices Sports SaaS Redundancy Tech Support Samsung Commerce Hacker Content Filtering Battery Internet Exlporer Solid State Drive Fraud HaaS Cortana Patch Management Compliance Gmail iPhone Automobile Value Mobile Computing Transportation Wireless Charging Excel IT solutions Project Management Saving Time Data Storage DDoS Robot Office Computer Care Phone System OneNote End of Support Remote Computing Television Legal Cast Emails Computing Sales compaq Employer Employee Relationship Touchpad Workers Adobe Monitoring IT budget Reputation Wearable Technology Analytics Settings Instant Messaging Analysis Advertising Keyboard Retail hp Computer Accessories Updates Worker Commute Licensing WannaCry Management Maintenance Mobile Device domain Managing Stress HBO Webinar App store Data storage Conferencing Microsoft Word Mobile Financial Technology Device Security Identities Administration Books Chromecast Microsoft Excel remote Scalability Yahoo Education IT solutions Hiring/Firing Gifts Vendor Management Professional Services Router Printing IoT Colocation Running Cable File Sharing Server 2008 How To Ali Rowghani IT Management Windows 10s Identity Hard Drives Benefits Spyware Trending Files Travel Nanotechnology Google Assistant Language Unified Threat Management Administrator Storage Lithium-ion battery Credit Cards WIndows Server 2008 Hard Disk Drive Data Privacy Training Entertainment Tablets Root Cause Analysis Computer Forensics Upgrades Relocation Electronic Medical Records Access server installation dvd "cannot install required files" FAQ stock Point of Sale Hard Drive Edge Company Culture HIPAA NFL Augmented Reality Business Intelligence Touchscreen Virus Consultant Safety Lifestyle Black Market Charger tweet Outlook Chromebook PDF Smart Technology Ciminal Word Avoid Downtime Managed IT Service Proactive Legislation calculator Shadow IT Twitter Document Management iOS Smart Tech Text Messaging Experience Windows Ink control Websites Comparison Evernote WSJ Regulation Computer Fan Connectivity MSP Google Maps Exchange Video Games Screen Mirroring Data Theft Distributed Denial of Service Specifications altivista Virtual Reality Laptop Networking Uninterrupted Power Supply Sync Dark Web Content Filter Scam intranet Music Software as a Service SBS Meetings Cache Monitors Remote Monitoring Thank You Congratulations Emergency CrashOverride Worker

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...