Cyber security is a vital component of any company, no matter the size or what products/services they provide. Cyber security is important for every business and individual. While antivirus and firewalls are a good start, they cannot protect a business from all the digital threats it will face. As the already massive and turbulent nature of the digital space continues to expand, cyber security needs to keep up with it. In order to provide a greater presence Lighthouse IT Solutions is happy to announce that it has partnered with Defendify to make Cyber Security easy to understand and implement.

Defendify is an all-in-one cyber security platform that has been specifically designed for small businesses. It focuses on creating a strong foundation to foster a culture of security within a company and uses its own technologies to expand a company’s existing cyber security setup.

Many companies have experienced phishing scams in which a hacker (claiming to be a contractor) requests a change in bank accounts. They end up stealing funds and even make phony calls demonstrating knowledge about the project. Coupled with fake emails and bank account records, they are able to convince those managing the project to redirect all future payments to this false bank account. In the first half of 2019 alone, a Datto survey found that 56% of MSPs reported ransomware attacks against their clients. 15% of MSPs reported multiple ransomware attacks in a single day. Now that's a lot of attacks... And as a tech company, we have been seeing a huge growth in ransomware efforts in Northwest Ohio. In fact, the Ohio Facilities Construction Commission (The OFCC is responsible for guiding capital projects for the state.) has reported that numerous school districts, contractors, business owners and more are often contacted by these hackers who try to learn information about the project, effectively creating a more believable scam. "Some of these suspicious attempts to obtain the list of project contacts was portrayed as a small research project that would favorably highlight the benefits from the completed project." - OFCC

We hope that you didn't forget about National Cybersecurity Awareness Month! We wanted to discuss some elements of cybersecurity that you may not be familiar with. Cybersecurity is a lot more than just dealing with viruses and not clicking on spam emails. The true definition is "the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this." This means that anything you do to help protect against getting your data stolen can be considered cybersecurity. So let's go through some of the methods often overlooked and skipped.

Endpoint Protection

Firstly, it is important to make sure that all devices on your network have adequate protection, especially the ones you don’t normally think about. And if your computer is mobile, it is a good idea to make sure that device is encrypted and has a strong password on it. Encrypting devices that will be leaving work often, like company laptops, will help ensure company data isn't access when something is lost or stolen. Keep everything that is connected to the internet and your network in mind.Learn more about this in our "How secure is your network?" post.

Lighthouse IT hopes you find yourself cyber-safe during this spooky October...

Especially considering it's National Cybersecurity Awareness Month!

However, if you are worried that you do not know enough about cyber security or maybe you are not sure that your company is set up to protect themselves, then here are some helpful tips that should guide you towards peace of mind.

Everyone knows that if you want something to be locked behind a gate, you need a password and that password needs to be strong. While it is smarter to make your passwords longer (no password should be shorter than eight characters), there are other ways to increase the strength of them. Using a mix of uppercase and lowercase letters, numbers, and symbols is a great example of this, but believe it or not, there are more tactics!

MFA and Two-Step

There are also requirements you can set to add a second level of protection to your accounts. This is called multi-factor authentication or two-step authentication. This can include things such as using authenticator tools, like Duo Security, which provides you with random one-time codes needed to login, or push notifications on your phone to confirm your identity. Alternatively, if you want to truly ensure that only you can login, you could use biometric verification. Things like fingerprint readers, facial recognition software, or even retinal scanners can replace the need for a password all together!