October is Cyber Security Awareness Month

Phishing

Play hard to get with strangers.

Cyber criminals cast wide nets with phishing tactics, hoping to drag in victims. Seemingly real emails from known institutions or personal contacts may ask for financial or personal information.

Cyber criminals will often offer a financial reward, threaten you if you don’t engage, or claim that someone is in need of help. Don’t fall for it! Keep your personal information as private as possible. If they have key details from your life—your job title, multiple email addresses, full name, and more that you may have published online somewhere—they can attempt a direct spear-phishing attack on you. Cyber criminals can also use social engineering with these details to try to manipulate you into skipping normal security protocols.

If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email. Always avoid sending sensitive information via email.

If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from an organization but still looks ‘phishy,’ reach out to them via customer service to verify the communication.

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

October is Cyber Security Awareness Month

Oversharing and Geotagging

Never click and tell.

Everyone seems to be posting their information on social media - from personal addresses to where they like to grab coffee. You may figure, if everyone’s doing it, why can’t I?

What many people don’t realize is that these seemingly random details are all criminals need to know to target you, your loved ones, and even your physical belongings—online and in the real world. Avoid posting names, phone numbers, addresses, school and work locations, and other sensitive information (whether it’s in the text or in the photo you took). Disable geotagging, which allows anyone to see where you are—and where you aren’t—at any given time.

While it’s tempting to do otherwise, limit your social networks to people you actually do know in real life, and set your privacy preferences to the most restrictive settings.

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

October is Cyber Security Awareness Month

APP SECURITY

Keep tabs on your apps

Have you noticed that apps you recently downloaded are asking for permission to access your device’s microphone, camera, contacts, photos or other features? Or that an app you rarely use is draining your battery life?

Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved - gathering your personal information without your knowledge while also putting your identity and privacy at risk. Don’t give your apps an all-access pass. The following are some steps to avoid “over-privileged” apps:

• Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use.

• Learn to just say “no” to privilege requests that don’t make sense.

• Only download apps from trusted sources.

Enable automatic app updates in your device settings or when they pop up, because having the most up-to-date software doesn’t just make things run smoother—it helps keep you patched and protected against ever-evolving cyber threats!

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

As Hurricane Michael makes its way towards Florida and the Southeast U.S., now is the time to take action and be prepared to protect your computers, printers, files and data.

1. ENSURE YOU HAVE A BACKUP

• Don't wait until the day before a hurricane to backup your files! It's good practice to frequently backup your data files. We recommend a hybrid-cloud image-based backup that can be used to restore data and applications even if your server is destroyed, and that can restore data from different points in time.

• Print a copy of your important/emergency contacts and take them with you if you do not have access to them from your phone or computer, you'll have them available to use via a landline.

• RealTime Clients: Everyone who is on our Business Continuity Service – Your servers are backed up and replicated offsite daily. If there is a problem, we correct that as part of the service. As hurricanes approach your physical location, we’ll be talking with you and confirm things are backed up and replicated prior to you shutting your operations down as part of your storm prep.

2. SECURE YOUR EQUIPMENT

• COMPUTERS

  • Shutdown the operating system.

  • If connected to a surge protector or UPS - unplug from the wall outlet (or unplug power cables from the surge protector or UPS if wall outlet isn't accessible).

  • Unplug Ethernet cable from the back of computer or docking station.

• PRINTERS

  • Power off the printer.

  • If connected to a surge protector - unplug as described above.

  • Unplug the Ethernet cable from the back of the printer.

  • Unplug the phone cable from the back of the printer (if a fax line is connected).

• SERVERS AND NETWORK EQUIPMENT

  • Perform a normal shutdown of the servers. RealTime clients: Please coordinate with RealTime service desk. 

  • Unplug all connections - Take photos to document how things were prior to the event. 

  • Firewalls, Switches, Access Points - unplug them from power. Unplug the firewall from the internet connection as well. Ideally, unplug all the network connections (surges can travel through the network cabling).

  • Battery backups - power these off and then unplug them.

  • Phone systems - Check with your vendor to see what steps you can take to protect it.
     

3. PROTECT FROM WATER/WIND

When a major storm is predicted, elevate your CPUs, printers, servers, and other network devices, as well as other electrical appliances like space heaters, off of the floor.  For high winds, move computers away from windows.  If there is a possibility of water leakage, cover computer equipment with plastic.

4. CONTINUING OPERATIONS AFTER THE STORM

•  If you are in the path, power and internet connectivity may be hard to come by for a few days. Generators can provide enough power to run your critical computer equipment – just be sure you are connecting up to something that can deal w/ the power fluctuations many generators have. Please ask RealTime before connecting things up to generators as they can damage sensitive equipment. Modern battery backups may have the capability to condition the power off of a generator – check with the manufacturer to confirm before trying this.

• 4G USB modems or Mifi can get you connected in an emergency. Everything you do may not work, but basic web browsing.

• Forward your phones – If the office is expected to be out a few days, most phone service providers have a way for you to forward calls to your business to a cell phone or alternate number. Get the steps now, before you need them.

5. BE PREPARED

Knowing what steps to take ahead of time will help you be prepared in the worst-case scenario. RealTime is committed to ensuring our clients are prepared with the proper technology to meet their current/future needs as well as advising them about safeguarding their business from weather-related, cyber and other disasters. 

If you would like further information about RealTime managing Information Technology for your business, contact us at info@realtime-it.com.

Human error is the most common culprit for compromising your data and patient records.

Here are four really easy ways to prevent phishing scams, stolen passwords, etc. Making sure everyone in your office realizes THEY are the key component to protecting client information and data. You are your own best security team. Use the tips below to defend yourself and your data from being compromised.

1. WATCH FOR PHISHING EMAILS

NEVER click on a link in an email or send your password through an email. A lot of scammers pretend to be your boss, coworkers, etc. to force this information from you. 

2. HOW OLD IS YOUR PASSWORD?

Some security experts think it's fine to use the same password for up to one year if it's 15 characters or more in length. If it’s 14 or fewer, they recommend changing it every 90 days. Be aware, though, that extending a password expiration period increases the risk that someone could steal and reuse it to access other accounts owned by the same person. Shorter password expiration periods are always better.

3. NEVER WRITE YOUR PASSWORD DOWN 

If you're notorious for putting your password on a post-it note on your monitor - stop it! No one should know your password. Memorize it. Keep it in your brain.

4. ALWAYS LOCK YOUR COMPUTER SCREEN WHEN YOU WALK AWAY 

If you work in an environment that has private customer data (i.e. medical office, law office, etc.) then leaving your computer unlocked when you get up to get coffee, really sets you up for failure. Keep your computer screen locked while you pour the Folgers.