October is Cyber Security Awareness Month

APP SECURITY

Keep tabs on your apps

Have you noticed that apps you recently downloaded are asking for permission to access your device’s microphone, camera, contacts, photos or other features? Or that an app you rarely use is draining your battery life?

Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved - gathering your personal information without your knowledge while also putting your identity and privacy at risk. Don’t give your apps an all-access pass. The following are some steps to avoid “over-privileged” apps:

• Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use.

• Learn to just say “no” to privilege requests that don’t make sense.

• Only download apps from trusted sources.

Enable automatic app updates in your device settings or when they pop up, because having the most up-to-date software doesn’t just make things run smoother—it helps keep you patched and protected against ever-evolving cyber threats!

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

As Hurricane Michael makes its way towards Florida and the Southeast U.S., now is the time to take action and be prepared to protect your computers, printers, files and data.

1. ENSURE YOU HAVE A BACKUP

• Don't wait until the day before a hurricane to backup your files! It's good practice to frequently backup your data files. We recommend a hybrid-cloud image-based backup that can be used to restore data and applications even if your server is destroyed, and that can restore data from different points in time.

• Print a copy of your important/emergency contacts and take them with you if you do not have access to them from your phone or computer, you'll have them available to use via a landline.

• RealTime Clients: Everyone who is on our Business Continuity Service – Your servers are backed up and replicated offsite daily. If there is a problem, we correct that as part of the service. As hurricanes approach your physical location, we’ll be talking with you and confirm things are backed up and replicated prior to you shutting your operations down as part of your storm prep.

2. SECURE YOUR EQUIPMENT

• COMPUTERS

  • Shutdown the operating system.

  • If connected to a surge protector or UPS - unplug from the wall outlet (or unplug power cables from the surge protector or UPS if wall outlet isn't accessible).

  • Unplug Ethernet cable from the back of computer or docking station.

• PRINTERS

  • Power off the printer.

  • If connected to a surge protector - unplug as described above.

  • Unplug the Ethernet cable from the back of the printer.

  • Unplug the phone cable from the back of the printer (if a fax line is connected).

• SERVERS AND NETWORK EQUIPMENT

  • Perform a normal shutdown of the servers. RealTime clients: Please coordinate with RealTime service desk. 

  • Unplug all connections - Take photos to document how things were prior to the event. 

  • Firewalls, Switches, Access Points - unplug them from power. Unplug the firewall from the internet connection as well. Ideally, unplug all the network connections (surges can travel through the network cabling).

  • Battery backups - power these off and then unplug them.

  • Phone systems - Check with your vendor to see what steps you can take to protect it.
     

3. PROTECT FROM WATER/WIND

When a major storm is predicted, elevate your CPUs, printers, servers, and other network devices, as well as other electrical appliances like space heaters, off of the floor.  For high winds, move computers away from windows.  If there is a possibility of water leakage, cover computer equipment with plastic.

4. CONTINUING OPERATIONS AFTER THE STORM

•  If you are in the path, power and internet connectivity may be hard to come by for a few days. Generators can provide enough power to run your critical computer equipment – just be sure you are connecting up to something that can deal w/ the power fluctuations many generators have. Please ask RealTime before connecting things up to generators as they can damage sensitive equipment. Modern battery backups may have the capability to condition the power off of a generator – check with the manufacturer to confirm before trying this.

• 4G USB modems or Mifi can get you connected in an emergency. Everything you do may not work, but basic web browsing.

• Forward your phones – If the office is expected to be out a few days, most phone service providers have a way for you to forward calls to your business to a cell phone or alternate number. Get the steps now, before you need them.

5. BE PREPARED

Knowing what steps to take ahead of time will help you be prepared in the worst-case scenario. RealTime is committed to ensuring our clients are prepared with the proper technology to meet their current/future needs as well as advising them about safeguarding their business from weather-related, cyber and other disasters. 

If you would like further information about RealTime managing Information Technology for your business, contact us at info@realtime-it.com.

Human error is the most common culprit for compromising your data and patient records.

Here are four really easy ways to prevent phishing scams, stolen passwords, etc. Making sure everyone in your office realizes THEY are the key component to protecting client information and data. You are your own best security team. Use the tips below to defend yourself and your data from being compromised.

1. WATCH FOR PHISHING EMAILS

NEVER click on a link in an email or send your password through an email. A lot of scammers pretend to be your boss, coworkers, etc. to force this information from you. 

2. HOW OLD IS YOUR PASSWORD?

Some security experts think it's fine to use the same password for up to one year if it's 15 characters or more in length. If it’s 14 or fewer, they recommend changing it every 90 days. Be aware, though, that extending a password expiration period increases the risk that someone could steal and reuse it to access other accounts owned by the same person. Shorter password expiration periods are always better.

3. NEVER WRITE YOUR PASSWORD DOWN 

If you're notorious for putting your password on a post-it note on your monitor - stop it! No one should know your password. Memorize it. Keep it in your brain.

4. ALWAYS LOCK YOUR COMPUTER SCREEN WHEN YOU WALK AWAY 

If you work in an environment that has private customer data (i.e. medical office, law office, etc.) then leaving your computer unlocked when you get up to get coffee, really sets you up for failure. Keep your computer screen locked while you pour the Folgers. 

If you have been watching the news lately, then the term 'Zero-Day' probably has surfaced a time or two. So, what exactly is this type of attack and how does RealTime protect your business from them?

ZERO-DAY ATTACKS EXPLAINED

Zero-day attacks affect anyone indiscriminately, but most of the damage is suffered by businesses that are not prepared to face such a cyber threat.  And, it's extremely difficult to detect zero-day attacks, especially with traditional cyber defenses.

Traditional security measures focus on malware signatures and URL reputation. However, with zero-day attacks, this information is unknown. Cyber attackers are extraordinarily skilled, and their malware can go undetected on systems for months, and even years, giving them plenty of time to cause irreparable harm.

A ZERO-DAY ATTACK TIMELINE

A Zero-Day attack happens when that flaw (software/hardware vulnerability) is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day.” Here's a quick timeline to explain the process: 

• A company’s developers create software that unknowingly contains a vulnerability.
• The threat actor* spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
• The attacker writes and implements exploit code while the vulnerability is still open and available.
• After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.

Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away and that is why it's important to ensure that your business is protected. 

HOW IS MY BUSINESS PROTECTED?

How does RealTime protect your business and what are some best practices to keep you safe?

• Install Firewalls with advanced security features - this is your first line of defense. 
• Protect yourself with antivirus and antimalware that protects against known and unknown threats. 
• Keep software applications and operating systems up-to-date.
• Create and keep backups in the event something can't be "cleaned".  This is basically your safety net in case the worst happens. 
• Use an Email protection service that filters out junk and spam before it gets to you.
• Practice safe computing practices such as being mindful on what links you click and what websites you are visiting. The 'Human Firewall' is the single biggest factor of whether or not you will get infected. 

Want more information?

fill-out the form below and we will follow-up with you shortly.

*A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security. In threat intelligence, actors are generally categorized as external, internal or partner. - Wikipedia 

WHY CLOUD BACKUP?

5 NO-BRAINER REASONS TO USE THE CLOUD FOR YOUR BUSINESS

With the rise of ransomware, cyber crime and just basic disasterous situations, having a reliable backup is essential to maintaining and protecting your company data. As if you needed more than one simple reason (losing ALL of your data if it's not backed up), we have listed five really good reasons why you should use a Cloud Backup. 

1.     Cloud Standup

In the event of total failure, our solution offers the ability to activate aka "standup" your servers in the Cloud giving you time to address hardware/software failures.

2.     Multisite Replication

Multisite refers to the three or more data storage locations to which the Cloud Backups replicate. This gives you peace of mind knowing that your data is safe three-times-over and recoverable no matter the cause. 

3.     Ease of Scalability

Being able to scale your business when the time comes easily is important. Here, you can grow your backup without worrying about server sprawl; utilization rates or unnecessary lead time to add new equipment.

4.     Speedy Recovery

Things happen unexpectedly so being able to restore backup drives from any location provides fast recovery when you need it the most.

5.     Offsite Access

Offside access couples with speedy recovery, so being able to access your data from any location makes Cloud Backup hassle-free.

What questions do you have about private cloud hosting?

Maybe your business has already decided that it needs cloud backup and data protection? How do you do it? RealTime IT can walk you through the process and get your business setup with your own private cloud. Email us now to get started.