Databranch Monthly Tech Talk
IT Solutions for the Workplace

October | 2022

What's Inside?

01 - Monthly Update from Mike

02 - Introducing Brieanne and Peter

03 - Better Endpoint Protection

04 - Insider Threats

Did you know:


AOL's original business

started out as an online

gaming company called "Control Video Corporation". 

Introducing Brieanne to the Databranch Team!

How did you get into the technology field?


I worked at Verizon Wireless


What do you like best about Databranch?


It was obvious to me almost immediately that everyone here acts with integrity in every situation.

Introducing Peter to the Databranch Team!

How did you get into the technology field?


I was looking for a career change and thought that getting into the technology field would be rewarding and challenging.


Hobbies:


I enjoy watching the Bills, Sabres and Yankees games. I also like going out to dinner.
Click Here to Learn More About Our New Team Members!!

Monthly Update from Mike

All that fancy cybersecurity stuff is for the big companies, right?


Hackers wouldn't be interested in going after your small business.


Well, you couldn't be more wrong.


Turns out, your little business is a prime target.


In fact, small businesses see 350% more social engineering attacks than larger companies do.


Yeah, that’s right.


Hackers don’t just care as much about stealing your company data, they care 350 percent MORE!


If you’re not ready for them, your business may not exist much longer.


Cyberattacks are expensive.


One data breach averages $108,000 for a small business.


Yet many SMB owners still have their heads in the sand about this, with 57% thinking they won’t get targeted.


Why do hackers want to attack your small company?


Here are a few reasons:


  • Less spending on cybersecurity
  • Every business has “hack-worthy” resources
  • May offer entry into larger companies
  • SMBs are often unprepared for attacks
  • Employees usually aren’t trained in cybersecurity awareness


Companies need to stop pretending that if you don’t address the issue, it will go away.


Cybersecurity solutions can be affordable and effective at the same time.


Reply to this email or give us a call at 716-373-4467 x 115 if you’d like to discuss some next steps to ensure your business security.


Regards,

Mike Wilson

President - Databranch

Your Guide for Better Endpoint Protection

Endpoints are the collection of computers, mobile devices, servers, and smart gadgets that make up your company’s network and IT infrastructure.

 

Each of those devices is a chance for a hacker to penetrate a company’s defenses.

 

64% of organizations have experienced one or more compromising endpoint attacks.

 

The following solutions are focused on the protection of endpoint devices.

 

Address Password Vulnerabilities

 

Passwords are one of the biggest vulnerabilities when it comes to endpoints.

 

Poor password security and breaches make credential theft one of the biggest dangers to cybersecurity.

 

Address password vulnerabilities in your endpoints by:

  • Training employees on proper password creation and handling
  • Look for passwordless solutions, like biometrics
  • Install multi-factor authentication (MFA) on all accounts


To learn more about our Password Management solution, Click Here.


Stop Malware Infection Before OS Boot

 

USB drives (also known as flash drives) are a popular giveaway item at trade shows. However, an innocent-looking USB can actually cause a breach.

 

Hackers can use them to gain access to a computer. This is done by plugging in a USB device containing malicious code.

 

There are certain precautions you can take to prevent this from happening, such as ensuring you’re using firmware protection that covers two areas:

  • Trusted Platform Module (TPM)
  • and Unified Extensible Firmware Interface (UEFI) Security.

 

TPM is resistant to physical tampering and tampering via malware. It looks at whether the boot process is occurring properly and also monitors for the presence of anomalous behavior.

 

Additionally, seek devices and security solutions that allow you to disable USB boots.


Update All Endpoint Security Solutions

 

You should regularly update your endpoint security solutions. It’s best to automate software updates if possible so they aren’t left to chance.

 

Firmware updates are often forgotten about but they are just as important for ensuring your devices remain secure and protected.

 

Use Modern Device & User Authentication

 

How are you authenticating users to access your network, business apps, and data?

 

If you are using only a username and password, then your company is at high risk of a breach.

 

Use two modern methods for authentication:

  • Contextual authentication
  • Zero Trust approach (Trust but Verify)


Apply Security Policies Throughout the Device Lifecycle

 

From the time a device is first purchased to the time retires, you need to have security

protocols in place.

 

Examples of device lifecycle security include when a device is first issued to a user. This is when you should remove unnecessary privileges.

 

When a device moves from one user to another, it needs to be properly cleaned of old data and reconfigured for the new user.

 

When you retire a device, it should be properly scrubbed.

 

Prepare for Device Loss or Theft

 

Unfortunately, mobile devices and laptops get lost or stolen. When that happens, you should have a sequence of events that can take place immediately. This prevents company risk of data and exposed business accounts.




Contact us today at 716-373-4467 x 115 or info@databranch.com to see what options we have available to prevent the exposure of company data and business accounts.

Insider Threats are Getting More Dangerous! Here's How to Stop Them.

One of the most difficult types of attacks to detect are those performed by insiders.


An “insider” would be anyone that has legitimate access to your company network and data via a login or authorized connection.


Because insiders have authorized system access, they can bypass certain security defenses, including those designed to keep intruders out.


Since a logged-in user isn’t seen as an intruder, those security protections aren’t triggered.


A recent report by Ponemon Institute found that over the last two years:


  • Insider attacks have increased by 44%
  • The average cost of addressing insider threats has risen by 34%


Four Types of Insider Threats:


  • Malicious/Disgruntled Employee
  • Careless/Negligent Employee
  • 3rd Party with Access to Your Systems
  • Hacker That Compromises a Password


Ways to Mitigate Insider Threats


Thorough Background Checks


When hiring new employees make sure you do a thorough background check.


Malicious insiders will typically have red flags in their work history.


You want to do the same with any vendors or contractors that will have access to your systems.


Endpoint Device Solutions


Mobile devices now make up about 60% of the endpoints in a company. But many businesses aren’t using a solution to manage device access to resources.


Put an endpoint management solution in place to monitor device access. You can also use this to safelist devices and block unauthorized devices by default.


Multi-factor Authentication & Password Security


One of the best ways to fight credential theft is through multi-factor authentication.


Hackers have a hard time getting past the 2nd factor.


They rarely have access to a person’s mobile device or FIDO security key.


Employee Data Security Training


Training can help you mitigate the risk of a breach through carelessness.


Train employees on proper data handling and security policies governing sensitive information.


Network Monitoring


Use AI-enabled threat monitoring. This allows you to detect strange behaviors as soon as they happen.


For example, someone downloading a large number of files. Or someone logging in from outside the country.


What You Can Do


While insider threats can certainly come from an employees trying to do your business harm, it is important to remember that insider threats can also result form human error.


In fact, 92% of data breaches are caused by human error. That's why we offer solutions that empower your employees through training and education. Click here to learn more.


You can also contact Databranch today at info@databranch.com or 716-373-4467 x 115 if you would like to set up a meeting with one of our experienced team members.




Article used with permission from The Technology Press.

Technology Trivia


What was the first book

sold on Amazon?


The first person to email us at info@databranch.com and give a correct answer gets a $25 Amazon Gift Card!

What's Forrest Gump’s password?


1forrest1

 
If you were forwarded this email from one of our great Databranch clients and would like to receive future updates, reply to this email and we will add you to the list!

Databranch  www.databranch.com
Facebook  Twitter  Linkedin  
Databranch | 132 North Union Street, Olean, NY 14760
Unsubscribe bprince@databranch.com
Update Profile | Constant Contact Data Notice
Sent by info@databranch.com powered by
Trusted Email from Constant Contact - Try it FREE today.
Try email marketing for free today!