Tag: IT Audit

15 Jul 2019

Chicago IT Support – Virus Protection not enough!

Virus Protection is not enough to Protect your Data.

When you are looking for Chicago IT Support, you need to be aware that anti-virus solutions are not the answer for all network security. Virus Protection is only one tool in the never ending fight against cyber attacks.

Chicago IT Support firm IT Risk Managers LLC

Chicago IT Support firms like IT Risk Managers LLC will use multiple tools to stop security breeches and protect your network from other outside attacks. When choosing a Chicago IT Support firm, make sure they have a Security Operations Center monitoring your systems, firewalls, and virus protection solutions. 24/7.

This Chicago IT Support firm will protect your data!

Outsiders can steal financial information, customer records, pricing information. The hacker community is scanning the network for companies with poorly configured firewalls and otherwise unsecure systems. Believe it or not Employees are your greatest threat as they rarely consider risk before they interact with the outside.

IT Support firm provides Network Assessment

What can you do to keep the wolves at bay? The first step is to have a Network Risk Assessment performed by an outside firm.  Don’t assume your IT staff understand or appreciate these risks. Tell them this is part of an audit. These assessments will show you a number of potential security risks such as:

  1. How employees are your greatest risk, because of training
  2. How security updates are often overlooked
  3. How antivirus is commonly not set-up properly and often lacks malware protection

 

What’s is more frustrating, most of the solutions to these threat cost little or no money to fix.We audit our financials and Insurance needs to ensure we are secure, why should IT be any different. We audit our financials and insurance needs to ensure we are secure, why should IT be any different.

For more information on how to secure your network and other practical solutions to protect your business please call Rick Bolda at 630-918-7370 or email info@itriskmgrs.com

10 Apr 2019

One Must Have From your Chicago IT Support Provider

Network Security
SECURITY OPERATIONS CENTER FROM YOUR CHICAGO IT SUPPORT PROVIDER

The single most important thing your Chicago IT Support plan needs

If you are making a decision related to IT and your Chicago company you are faced with a ton of options, technologies, costs, software, platforms, etc. But, currently the single most important focus of your Chicago IT support strategy needs to be IT Cyber Security. You’ve probably heard this from any reputable IT Company or one of the better IT Companies in Chicago. Don’t ignore this message. Sometimes executive leadership tends to tune out the constant sky is falling messages about information technology. But IT Cyber Security is one area that can’t be ignored.

Your Data is Under Attack

Your data is your company. All your accounting records, sales records, human resources records are today’s most valuable assets. And hackers want this data, and spend enormous amounts of time trying to get it. Cyber threats are becoming more common and extremely sophisticated. And as one of Chicago’s leading IT Companies we see more and more attacks happening to smaller companies. That’s why even as a small business or mid-size business IT Cyber-Security must play a huge part in your IT Support plan. The threats include Malware attacks, that can penetrate your systems through emails, web site visits, downloaded files. Other threats may include hacking, insider attacks and of course ransomware. Well the majority of these threats can not be stopped by typical firewall and perimeter security technologies.

Why Firewalls aren’t enough!

The problem is many Chicago IT Companies have relied on firewalls and perimeter technologies to protect your company’s data from hacking. Perimeter technologies are systems that act like a fence or gate. They protect intruders from getting in from outside your network. Imagine a house, your yard fence, windows, locks and doors, these would be considered perimeter defense technologies. However, these technologies alone will no longer protect you. The reason is most attacks these days come from inside your network. So what would you do to protect your house if someone was already inside? Well your security and home defenses would be much different. Then you would need to look more at solutions that allow you to respond and eliminate the threat from the inside. Now your Chicago IT Support plan needs a Managed IT Cyber Security service to keep your data safe from the inside. What does that mean? Well it means that your systems, network and its data are monitored 24/7 to make sure no one is hacking or compromising your data from the outside and inside.

Protection Detection and Response

Lets continue with the home analogy. To protect your home you may install a fence, locks on your doors and windows, or even gates on your windows. In the IT security and support world, gates, locks and doors would be the firewalls, and endpoint protection technologies. This is the first step towards a proper IT Security plan. Protection! Next let’s think about burglar alarms, and what they consist of in your home. They would have motion sensors, movement detectors and cameras. In IT Security solutions and IT Support technologies this would be the Detection piece of your IT Security solution. You need a platform that detects an intrusion, similar to burglar alarms. These are referred to as intrusion detection solutions. And lastly, and perhaps most important is what happens when an intruder is detected? Well 911 is called. This is Response! Well in IT Security how you respond to an intrusion is what will save you from an attack. You need all three pieces, Protection, Detection and Response to have a successful IT Security plan.

The Glue that holds everything together

OK well now you know you need an IT security solution that provides Protection, Detection and Response. That is great, but finally there is a something that keeps all of this working, and that’s a SOC. The Security Operations Center is the glue that holds everything together. All successful Managed Security services must provide a Security Operations center or SOC. You must work with a Chicago IT support company that offers IT Managed Security Services and that has a SOC that provides 24/7 monitoring of your systems. And I am not talking about a SOC that is run inside some small IT company. I am talking about a SOC that meets compliance requirements and the platform is maintained in a HIPPA, PCI. SSAE 16 compliant data center.  The SOC is the cornerstone to a successful Chicago IT Support strategy. And as a small business you can not afford to implement your own SOC. A good SOC Cyber Security Platform from a good IT support company will do the following:

It will monitor the inbound and outbound data and network traffic of all your network devices. This will allow the traffic to be evaluated as being from good sources or from bad sources. Action based on the different traffic behaviors can then be evaluated to see if a threat pattern exists. The threat pattern may be related to ransomware attacks, insider attacks, botnets and other threats that slip past the firewall. This is what Managed IT Security is.

A good SOC offering will also provide your business with regulatory compliance reporting to deal with HIPAA, OCI, SOX and other regulatory bodies. This will minimize your exposure to fines, penalties and remediation costs. Regulatory compliance is a key benefit of a good Managed IT Security offering.

And to pull this all together Log Capture and Management has to play a roll. This is where the information is evaluated and data investigated to discover breeches, anomalies, and other malicious behavior.

In conclusion your IT Support plan must have a IT Cyber Security solution or SIEM (security information and event management) solution that leverages a Security Operations Center to succeed and protect your comapny’s data, network and systems.

If you have further questions related to Chicago IT Support or IT Security Solutions for your business feel free to call Rick Bolda at 630-918-7370 or email info@itriskmgrs.com.

 

24 Apr 2018

IS YOUR CYBER SECURITY GOOD ENOUGH TO PROTECT YOU FROM A LAWSUIT

Cyber Security Services Chicago
Make sure you have the right Cyber Security in place!

Could Your Business Be Open to A Lawsuit If Someone Steals Confidential Data From Your Systems Because of Poor Cyber Security?

The short answer is – YES, your Chicago business could possibly be open to a lawsuit if someone steals confidential data from your systems because of poor Cyber Security. There have been cases in the past where lawsuits were won because a customer was harmed through a company being hacked, and the company was found to have lax security. Meaning the company’s Cyber Security was not what it should be. There also have been cases in which the company sued employees for stealing customers or the company’s confidential data, and won.

One such example of this happened in 2009 when a hacker successfully hacked a bank and stole $26,000 from a customer in Chicago Illinois by obtaining a loan in their name. The couple sued the bank for failing to use state-of-the art security measures – and won. U.S. District Judge Rebecca Pallmeyer refused to grant a summary judgment in favor of Citizens Financial, stating in her ruling that “assuming that Citizens employed inadequate security measures, a reasonable finder of fact could conclude that the insufficient security caused Plaintiffs’ economic loss.” So absolutely because of poor Cyber Security the Chicago company was found responsible.

Also in 2009, DuPont filed a lawsuit against a research scientist for breach of contract and misappropriation of trade secrets for stealing a large number of files. Hong Meng stole more than 600 files by copying them to a portable hard drive. So not only can a customer sue a company for the theft of confidential data, but a company can also sue an employee for the theft of confidential data. It makes sense that your Chicago company have the Cyber Security pieces in place to make sure you’re not vulnerable.

Tips on How to Protect Your Business’ Confidential Data and Improve Cyber Security!

There are steps a business can take to help protect itself against being sued for confidential data theft. Here are a few tips:

● Keep an inventory of all your computers, laptops, mobile devices, and other equipment so that you know where your company stores confidential data.

● Keep track of confidential data by talking with sales, IT, HR, accounting, and service providers.

● Pay attention to how you keep confidential data: Social Security numbers, credit card information, and other sensitive data.

● Use Social Security numbers only for necessary and legal purposes.

● If your company has a mobile app, make sure the app only access necessary data and functions that it needs.

● Follow the “principle of least privilege” by scaling down access to data.

● Store all documents, files, thumb drives, and backups in a locked room or cabinet.

● Require employees to put files away, log off computers, and lock file cabinets and doors at the end of the day.

● Implement access controls in your building.

● If you have any offsite storage, limit employee access to it to need-only basis.

● If you ship any confidential information using outside carriers or contractors, encrypt it and keep an inventory on what is being shipped.

● If you have any devices that collect confidential data like PIN keypads, secure them so identity thieves can’t tamper with them.

● Make sure to have an IT audit or IT security assessment to make sure that your company has the right pieces in place for proper Cyber Security.

If you want to get serious about using state-of-the-art cyber security for your business confidential data so you won’t be held liable in a lawsuit if someone steals a customer’s data, get in contact with us.

We follow all of the regulations and recommendations for securing personal and confidential business data, and are fully certified to meet all standards for corporate, medical, legal, and other types of business environments. There is no one better to trust with your information security than our team of IT professionals.

If you would like to learn more download our eBook on the Number 1 mistake business leaders are making when it comes to securing data.

Go Here:

https://www.itriskmgrs.com/1-cyber-mistake-ebook

02 Nov 2017

Help your Company– Change Your Passwords – It helps the IT Security Solutions you have in place!

IT Security Solutions are a cornerstone to protecting your company’s data! Make sure you help your company and adhere to good password habits!

Your company could be spending thousands on their IT Security Solutions. But if you don’t respect password management, and strategy it could be money wasted.  Making sure you have a good password strategy is key to a successful IT Security Solutions! We have passwords for everything – our computers and cell phones, our garages, and, for some of us who can’t control our snacking habits, even our refrigerators are password protected. Many services that you use such as email, online banking, and your apps for shopping will automatically prompt you to reset your password with a new one; but how often should you really be changing your passwords to keep your information protected?

Personal vs. Shared-Device Passwords:

First thing’s first: we all know that we have the same password, or a variation of it, for everything we use. Of course, that’s the easiest way to keep yourself from having to send your forgotten password to your email, which you’ll then have to sign into, and change your password yet again. While it saves time and energy to have the same password for all of your logins, it’s never a good idea to use your personal passwords for shared computers. And your company works hard to make sure data is safe and the IT Security Solutions they have in place do the job!

This isn’t to say that you have a malicious coworker (which, you might) who would sign into your personal accounts using the password from your work computer, but, as the saying goes, it’s always good to keep your work life and personal life separate. The same goes for your work and personal passwords.

What Passwords Should I Be Changing?

The sweet and simple answer is: all of them. If you want your information to have maximum protection, you’ll need to periodically change your passwords to ensure that you don’t get hacked. If you made an email account specifically to get your fourth free trial of your favorite online radio streaming service, no need to go back and change that password. But it’s safe to say that the more you use a particular website, email address, or online service, the more you should be changing your passwords. Help IT and make sure their IT Security Solution is effective!

How Frequently Should I Change Them?

The current, most common recommendation for changing your password is once every 90 days, but do you really need to be changing your passwords that often? For your most important accounts that need the most protection, like your online banking account, you’ll want to change your password at least once every 90 days, if not more frequently. And that doesn’t mean you can be lazy and change your password from “password1” to “password2” – if you really want to maximize your protection, you’ll have to get more creative than that. Something as simple as adding an “e” or “b” to signify that it’s your email or bank password will be a reminder for you and a head-scratcher for a hacker. For other passwords, such as your social media profile or movie-streaming account, you can wait as long as a year to change your password (or longer, if you really feel that daring).

Tips for Changing Your Password:

Though it’s a little extra hassle, keep a list of all of your passwords somewhere safe – and not on your computer. Have a hard copy of your passwords tucked away in your desk or on a thumb drive so that they’re easily accessible to you, but not to your potential hackers. Keeping all of your passwords similar, but not exactly the same, can also help when it comes to trying to remember what exactly you chose a few months ago. If you find yourself forgetting whether or not you’ve changed your password, set a schedule to change all passwords at the same time so that you never have to search through the depths of your memory to figure out what password you used when you signed up for your account in 2009.

Just like wearing a seatbelt, passwords can be annoying to remember but are there for your protection. Don’t get caught with your proverbial pants down and leave your personal or professional information up for grabs.

To learn more about how employees enable hackers;

Go Here:

https://www.itriskmgrs.com/8-ways-your-employees-enable-hackers