Human error is the most common culprit for compromising your data and patient records.

Here are four really easy ways to prevent phishing scams, stolen passwords, etc. Making sure everyone in your office realizes THEY are the key component to protecting client information and data. You are your own best security team. Use the tips below to defend yourself and your data from being compromised.

1. WATCH FOR PHISHING EMAILS

NEVER click on a link in an email or send your password through an email. A lot of scammers pretend to be your boss, coworkers, etc. to force this information from you. 

2. HOW OLD IS YOUR PASSWORD?

Some security experts think it's fine to use the same password for up to one year if it's 15 characters or more in length. If it’s 14 or fewer, they recommend changing it every 90 days. Be aware, though, that extending a password expiration period increases the risk that someone could steal and reuse it to access other accounts owned by the same person. Shorter password expiration periods are always better.

3. NEVER WRITE YOUR PASSWORD DOWN 

If you're notorious for putting your password on a post-it note on your monitor - stop it! No one should know your password. Memorize it. Keep it in your brain.

4. ALWAYS LOCK YOUR COMPUTER SCREEN WHEN YOU WALK AWAY 

If you work in an environment that has private customer data (i.e. medical office, law office, etc.) then leaving your computer unlocked when you get up to get coffee, really sets you up for failure. Keep your computer screen locked while you pour the Folgers. 

If you have been watching the news lately, then the term 'Zero-Day' probably has surfaced a time or two. So, what exactly is this type of attack and how does RealTime protect your business from them?

ZERO-DAY ATTACKS EXPLAINED

Zero-day attacks affect anyone indiscriminately, but most of the damage is suffered by businesses that are not prepared to face such a cyber threat.  And, it's extremely difficult to detect zero-day attacks, especially with traditional cyber defenses.

Traditional security measures focus on malware signatures and URL reputation. However, with zero-day attacks, this information is unknown. Cyber attackers are extraordinarily skilled, and their malware can go undetected on systems for months, and even years, giving them plenty of time to cause irreparable harm.

A ZERO-DAY ATTACK TIMELINE

A Zero-Day attack happens when that flaw (software/hardware vulnerability) is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day.” Here's a quick timeline to explain the process: 

• A company’s developers create software that unknowingly contains a vulnerability.
• The threat actor* spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
• The attacker writes and implements exploit code while the vulnerability is still open and available.
• After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.

Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away and that is why it's important to ensure that your business is protected. 

HOW IS MY BUSINESS PROTECTED?

How does RealTime protect your business and what are some best practices to keep you safe?

• Install Firewalls with advanced security features - this is your first line of defense. 
• Protect yourself with antivirus and antimalware that protects against known and unknown threats. 
• Keep software applications and operating systems up-to-date.
• Create and keep backups in the event something can't be "cleaned".  This is basically your safety net in case the worst happens. 
• Use an Email protection service that filters out junk and spam before it gets to you.
• Practice safe computing practices such as being mindful on what links you click and what websites you are visiting. The 'Human Firewall' is the single biggest factor of whether or not you will get infected. 

Want more information?

fill-out the form below and we will follow-up with you shortly.

*A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security. In threat intelligence, actors are generally categorized as external, internal or partner. - Wikipedia 

WHY CLOUD BACKUP?

5 NO-BRAINER REASONS TO USE THE CLOUD FOR YOUR BUSINESS

With the rise of ransomware, cyber crime and just basic disasterous situations, having a reliable backup is essential to maintaining and protecting your company data. As if you needed more than one simple reason (losing ALL of your data if it's not backed up), we have listed five really good reasons why you should use a Cloud Backup. 

1.     Cloud Standup

In the event of total failure, our solution offers the ability to activate aka "standup" your servers in the Cloud giving you time to address hardware/software failures.

2.     Multisite Replication

Multisite refers to the three or more data storage locations to which the Cloud Backups replicate. This gives you peace of mind knowing that your data is safe three-times-over and recoverable no matter the cause. 

3.     Ease of Scalability

Being able to scale your business when the time comes easily is important. Here, you can grow your backup without worrying about server sprawl; utilization rates or unnecessary lead time to add new equipment.

4.     Speedy Recovery

Things happen unexpectedly so being able to restore backup drives from any location provides fast recovery when you need it the most.

5.     Offsite Access

Offside access couples with speedy recovery, so being able to access your data from any location makes Cloud Backup hassle-free.

What questions do you have about private cloud hosting?

Maybe your business has already decided that it needs cloud backup and data protection? How do you do it? RealTime IT can walk you through the process and get your business setup with your own private cloud. Email us now to get started.

Last week on February 15, 2018

Chrome launched a built-in ad blocker in conjunction with Google last week. Chrome will block ads deemed unacceptable (such as pop-ups, auto-playing video ads, etc) and will not show ads, including Googles, on websites not in compliance with the Better Ads Standards.

So, what does this mean?

Considering that Google serves more online ads than any company on Earth, this is huge news. Chrome has approximately 60% of the desktop browser market share (and growing), sites will likely have no choice than to follow the guidelines. Interested in what the guidelines are for Better Standards? Take a look for yourself: https://www.betterads.org/standards/

Here's what "intrusive advertising” changes will look like for consumers:

1. Pop-up ads – initiated by user actions, such as a mouse click or a mouse-over , a window containing an offer for some product or service appears in the foreground of the visual interface.
2. Prestitial ads – appears on a mobile page before content has loaded, blocking the user from continuing on to the content.
3. Ad density over 30% – when an ad takes up more than 30% of the vertical height of the main page, the result is a disruptive ad experience.
4. Flashing animated ads – rapidly changing background and colors are highly aggravating for consumers, and serve to create a severe distraction
5. Videos set to auto play – if there is audio in the video, users must have the option to play the video or not to
6. Poststitial countdown ads – appears after the user follows a link and it then forces the user to wait a number of seconds before the ad can be dismissed
7. Full screen scroll-over ads – forces the user to scroll through an ad that appears on top of content
8. Large sticky ads – ads that attach to the sideline of a page and often times block content, regardless of a user’s efforts to scroll

www.wikipedia.com, www.google.com, www.androidpolice.com, www.betterads.org, www.chartec.net 

What is Smishing?

SMishing is any type of phishing attempt that involves text messaging. As consumers, we tend to be more trusting on our cell phones, but this is very dangerous. Cyber criminals are able to mimic sms (text) messages making it look like it's from someone you know and asking you to click on a link.  If for some reason you do this, ransomware could possibly be downloaded on your device and could compromise your sensitive information like credit card, social security and account numbers. 

Almost everyone has encountered phishing scams that arrive via spam emails. Someone might claim to be from your bank or pretend like they’re from your phone company looking for personal information like passwords.

Basically, Smishing is the SMS (“SMS” stands for “short message service” and is the technical term for the text messages you receive on your phone) version of phishing scams. Instead of a spammy email, you get a text message on your smartphone.

Now, a lot of people are receiving text messages claiming to be from FedEx or other delivery serviceswith a tracking code and a link to “set delivery preferences.”

Don’t click the link!

If you tap that link on your phone, you’ll end up on a fake site (a phishing site) with a fraudulent “free reward.”

Watch our latest IT Shorts on SMishing now.