Why a Next Generation Firewall is Essential

next generation firewallIf your organization is operating behind last year’s firewall, you are not protected. Don’t believe us?

Traditional networks were like a snake eating its tail; they had a beginning, middle and an end in a closed loop of sorts. Today all kinds of digital devices are accessing your network from anywhere there’s an internet connection. This means your in-house IT team is dealing with a whole host of new security threats. All it takes is one look at tomorrow’s headlines for the latest data breach to figure out that yesterday’s firewalls aren’t doing a great job at mitigating the risk of companies like Equifax, Yahoo!, or Uber. If some of the biggest companies on the planet (JP Morgan Chase, Anthem – need we go on?) are failing to keep their in-house data secure, it calls into question both on-premise networks and the IT teams that run them.

As these threats are evolving, companies are looking to solutions that can shield their network of ever-increasing endpoints. Among the various cyber security solutions available, you will find next-generation firewalls that, according to Gartner, have, “integrated deep packet inspection, intrusion detection, application identification and granular control.”

What Problems Can a Next-Generation Firewall Solve?

“Firewalls have become ubiquitous across enterprises over the past decade, but the combination of new and varied access methods combined with increasingly sophisticated attacks has forced network operators and security professionals to constantly evaluate their defenses.”
Network World

There are three primary areas why next-generation firewalls make sense in today’s hyper-digital environment:

1. Application Monitoring

HP says 84% of hacker breaches occur at the application level. Having application-level control is crucial to stay ahead of these risks. This is granular control down to user-specific rules by application.

2. Mobile Device Controls

2018 is the year of “mobile-first;” user activity on mobile devices and applications will far outpace any other type of digital usage. But these applications are filled with potential vulnerabilities that hackers could exploit. According to HP, 77% of mobile apps have these vulnerabilities.

3. Revolving Environments

Any organization housing data that hackers consider important is at risk. As the volume of our data captured increases, the more attractive we become to hackers. We must monitor advanced persistent threats (APTs), borderless networks, and enterprise risk environments. Traditional firewalls simply cannot keep up with collecting, storing, and analyzing activity data within a network that has no walls.

What to Look for in a Next-Generation Firewall

Network World suggests that a next-generation firewall include some of the following features:

  • Intrusion prevention systems
  • Deep packet inspection
  • SSL inspection

CWPS offers our customers a full cyber security suite of products including advanced next-generation firewall protection from Cisco Meraki. The firewall made Gartner’s latest Magic Quadrant as a best in class security solution for any business. We combine this next-generation product with a secure Internet gateway, NextGen Antivirus protection, and security awareness training that will help protect your organization from what’s next on the hacker’s radar. Contact us to discuss how these tools can keep your data safe.

Network Security for Small Business: Top 4 Tips

Itechnology-servers-server-159282.jpegf there’s one thing your small business needs to understand about cybersecurity in 2018 it is that you are a target for hackers. Small Business Trends shared some important statistics about a year ago that we should probably revisit in order to illustrate our point:

  • 43% of cyber attacks focus on small businesses.
  • 60% of small businesses fail after a cyber attack.
  • 48% of data breaches are tied to malicious software; the rest are tied to human error or system failure.
  • 14% of small businesses say their network security is “highly effective.”
  • After a cyber attack, small businesses spent an average of $879,582 on recovering their data and replacing technology.

Despite these startling statistics, the same study indicated that only 51% of small businesses are allocating any budget toward lessening their risks.

There is one piece of good news in all this gloomy cybersecurity news: there are steps that small businesses can take in order to stay safe.

Best Cybersecurity Tips for Small Business

Cybersecurity is no longer inaccessible to the small business because of tight budgets. Small businesses can now take advantage of the same cloud models that have made software tools both accessible and affordable to even start-up companies.

We have four crucial components to a robust security plan for the small business IT infrastructure. Our best recommendations include:

First, establishing a secure firewall with content filtering, centralized management, and intrusion prevention to help control who and what are accessing your network.

Second, applying top-of-the-line antivirus software that unleashes intelligent automation to respond to cybersecurity threats before a data breach occurs.

Third, using an Internet gateway that blocks malicious sites before the surfer can cause harm, while applying ad and malware blocking, content filtering, protection against botnets, and more.

Fourth, creating security awareness by providing ongoing cybersecurity training and testing for all employees.

This four-pronged approach provides your small business with a robust security framework that can defend against most threats.

While executing these tips may seem like a huge expense, advances in technology have also made security more affordable. Cloud based security solutions, for example, makes it much easier and practical for small businesses to protect their data.

Why Security in the Cloud?

Applying security in the cloud means that your small business will mitigate cybersecurity risks. Some of the benefits of cloud security include:

  • Lower costs
  • Scalability to add more users quickly
  • Constantly upgraded as new threats emerge
  • Easy go-live
  • Peace of mind

CWPS has teamed up with some of the biggest names in the technology sector and cybersecurity industry, including Cisco and Cylance, to provide even the smallest client with the biggest of tools to protect their data.

The CWPS cloud security bundle can be configured to fit your unique situation and can be managed through one secure portal. Contact us to find out more.

New Call-to-action

Cyber Security Risks - Everything You Need to Know about the Equifax Hack

security-protection-anti-virus-software-60504.jpegLast week, 143 million Americans had their Social Security numbers hacked from the Equifax data warehouse. If you haven’t heard about this, it’s time you paid attention. This hack could lead to even more cyber security risks if your data is sold on the open market.

Equifax is one of the large corporations that report on your credit rating. When you go for a loan, this is one of the agencies where retailers can check your credit worthiness. 

Equifax keeps lots of your sensitive information on file: driver license numbers, addresses, credit card numbers, and birth dates, in addition to Social Security card data. The theft of this sensitive information is very dangerous and potentially could cause a host of problems for hundreds of thousands of people in the U.S.

Here’s what you need to know about this latest round of cyber security risks.

When Did the Breach Occur?

Equifax discovered the data breach on July 29th.  They alerted consumers and the public on September 17th. The company issued an apology and suggested that a review of their security systems was being undertaken to mitigate future risk. The company did not say why more than a month elapsed before letting consumers know that there was a problem.

Were You Affected?

Equifax set up a website at https://www.equifaxsecurity2017.com for consumers to check if they were affected. You can also sign up for free data monitoring at the Equifax site.

But Brian Krebs of Krebs on Security says credit monitoring is basically too little too late, because, “Credit monitoring services rarely prevent identity thieves from stealing your identity. The most you can hope for from these services is that they will alert you as soon as someone does steal your identity.”

Krebs also points out that Equifax is offering free credit monitoring from their very own service line. What happens with the “free credit monitoring” runs out? Equifax will ask you to continue the service – for a fee, of course.

Krebs concludes his comments by saying, “The credit bureaus…have for the most part shown themselves to be terrible stewards of very sensitive data, and are long overdue for more oversight from regulators and lawmakers.”

Mitigating Cyber Security Risks

Now that you’re worried about your personal data, here are four things you can do immediately to mitigate your risk:

  • First, check the Equifax site to see if you were affected. If you were, sign up for the free credit monitoring service.
  • Second, check your free credit report here. You’re looking for pings that show someone checked your credit, for example, if an identity thief tried to open a new credit card account.
  • Third, place fraud alerts on your credit. Go here to find out how.
  • Finally, consider placing a security freeze on your credit files. There is a small fee to do this, and it can be unwieldy to manage. The benefit is that no one can look at your data to issue a new line of credit without your knowledge and consent.

The Equifax hack is just one more example of a rising tide of corporate cyber breaches. To combat this increase in sophisticated cyber security attacks, businesses need to develop a comprehensive cyber security strategy and train their employees to be on the lookout for threats. Contact us to discuss how managed IT services can help your company combat cyber security risks.

Guide to Keeping company's data safe

Cyber Security Threats – Pegasus for Android and iOS

cyber_security_breaches.jpgThe Pew Research Center tells us 72% of all the adults in the Unites States own a smartphone, and most use that phone for work. That number should make the average network administrator cringe a little because the popularity of these tools virtually ensures that the cyber security threats to these devices will increase.

Hackers are increasingly targeting vulnerabilities in security controls, architectures, and applications used by our mobile devices. Whether it’s ransomware, identity theft, or call interception and monitoring, the cyber security threats to our handheld digital devices are on the rise.

This article will look at the latest iteration of cyber security threats, the Pegasus virus, that’s been infecting both Android and iOS operating systems.

Pegasus – Greek God and Smartphone Killer

Just like the ancient Greek god, the Pegasus malware can bring some lightening and thunder to your cell phone. According to Tech Target, Pegasus was first identified in 2016, as a malicious software code targeting Apple iOS. According to Forbes, the Pegasus malware was created by the Israeli tech firm NSO Group Technologies. Calling it, “some of the most astonishing attacks yet seen in the world of private espionage,” Forbes said the NOS was able to exploit iOS vulnerabilities, creating a virus that copies all your data, including Wi-Fi passwords, and Skype, Facebook, Gmail, and other communications.

Since then Apple patched the vulnerability with iOS 9.3.5, but Pegasus wasn’t done. It turns out the mobile spyware was busy working on Android applications in 10 or 11 other targeted countries. The Android virus operates in similar ways to what we saw with iOS; logging keystrokes, taking screen shots, snagging messages, and browser histories. The hackers can control the activity remotely, via text, and the virus will pull itself out of your phone if it senses you’re on to it. 

Interestingly, it appears that it’s easier for Pegasus to deploy on an Android device, which doesn’t require a zero-day vulnerability (or application vulnerability point) to deploy.

Fighting Back Against Cellphone Cyber Security Threats

Keeping the operating systems of mobile devices up-to-date is crucial to preventing cyber security threats. Cyber criminals are now targeting phone apps, so protecting yourself in this current climate is crucial.

Cloud providers are constantly updating against the latest threat, so if you don’t stay current with the latest patches, you’re at risk. This protocol is just as important on your smartphone as it is on your desktop.

Creating a culture of security in your organization is critical for defending against attacks like Pegasus. That training needs to include mobile device security – including ways to prevent security breach if the handheld device is lost or stolen, something that is all too common these days. Establishing guidelines related to how mobile devices access corporate data, what applications are downloaded on corporate-sponsored devices, and establishing how sensitive data is stored are all important parts of a strong cyber security strategy for your business.

With mobile workforces on the rise, device management is a crucial part of outsourced IT managed services. Contact CWPS for help with a business continuity and cyber security plan to manage all of your corporate-connected devices.

Guide to Keeping company's data safe

Secure Your Emails with Encrypted Email Service

Email encryptionIf you’re the owner of a small to mid-sized business, you may be thinking that encrypted email is out of your reach. For those of you who’ve heard the term but don’t quite understand it, encrypted email is a methodology to scramble business communications so that only the intended recipients can read it.

But the Internet is the great equalizer when it comes to technology services, and encryption is no exception to this rule. Today, you can work with firms to help you secure your email, which is crucial not only for your peace of mind but also for compliance in a lot of industries. 

Review of Encryption Services

If you have an on-site email server, the increasingly heavy regulatory environment in fields like accounting and healthcare require encryption for compliance with local, state, and federal rules. This makes it increasingly difficult for some businesses to be able to afford email encryption.

In the old days, both the sender and receiver of email encryption had to share the same service to access messages. Today, that is no longer the case. However, how we use email has gotten more complicated, with messages flying between mobile and desktop devices on a variety of cloud-hosted and on-premise servers.

Fortunately, there are a number of software providers on the market that are fairly low cost and offer an alternative to some of the bigger players in the market:

Symantec has a product called PGP Desktop Email which is a little unwieldy, but workable. Installing the software allows users to receive files via an encrypted attachment. The software then sends the users the “key” to unlock it. The problem here, of course, is that the code must still be sent between users who may reside outside your firewall.

Hushmail is decent encryption software that works well for any digital device. Hushmail focuses on several industry sectors, including the law, healthcare, and nonprofits. In addition to encryption, it uses two-step authorization; touch ID, and aliases to secure your data. Hushmail syncs well between your webmail and their iPhone app. On the flip side, sometimes you get what you pay for, and Hushmail is fairly basic and therefore, not bulletproof.

AppRiver CipherPost Pro offers both web-based email and an encryption service. It offers a plug in for Outlook if you don’t want to change your existing provider, and it offers a number of security-based mobile apps for any phone. There’s a nice admin portal that lets you add or revoke users. The drawback here is it’s complicated to install and there is a 5GB attachment limit on encrypted messages.

Mimecast Secure Messaging is the most sophisticated encryption solution on this list and the best option for small to medium-sized companies. This is a cloud-based solution that not only makes it easy to send encrypted emails, but also offers a wealth of email management tools for administrators.

Managed Service Providers and Encrypted Email Service

Managed IT providers are a great resource for those seeking encrypted email service. CWPS offers technology support for all of your cloud-based or on-premise data storage, email security, and compliance needs. We offer full-service solutions for a variety of industries and help you find the lowest cost, yet most secure options for email encryption.

Guide to Keeping company's data safe

You Should Never Have to Hire a Data Recovery Services Company (Here's Why)

cyber-attack-data-breach.jpgWhat would happen if you lost a portion of your business data? What critical business functions would be affected? How would it affect your clients? 

The Disaster Recovery Preparedness Benchmark survey says three out of every four companies are at risk of having no data recovery plan in place. In 2014, more than one-third of the organizations surveyed lost one or more crucial data applications over the year. Those outages ran from hours to days, according to the survey.

With ransomware and phishing emails increasing, your critical business data is at risk. Data recovery services are standing by to help you recover, but are they really necessary if you have a strong data recovery mechanism in place? 

Here’s the number one reason why you shouldn’t need to hire a data recovery services company: Your disaster recovery plan should include robust and constant data backups in the cloud. 

Data Recovery Services – Unnecessary in the Cloud

Data loss is a serious threat to any business. Whether it’s a data breach from cybercriminals or a natural disaster, housing your data onsite without offsite redundancies can be a risky proposition.

Typical scenarios that could affect your data include:

Hardware failure, such as the loss of an email server, could wipe out communications across your business. If you’re still running an email server in-house, do you have redundancies built into the infrastructure to counteract equipment failures?

Human error may be the most common reason for data loss. If you’ve ever trashed a document that you meant to save, or forgotten to save it in the first place, you know how easy it is to make a mistake.

Even worse, human error is the most frequent cause of malware infections; one click on a phishing email could infect your network with a virus. According to Barkly, every 1 in 131 emails contains malware.

via GIPHY

Creating a data recovery plan incorporating cloud technology is an important way to counteract all of these potential problems. Backing up your data – all of your data – is an important component of this approach. Some of the benefits of cloud backups include:

  • They occur constantly, and your data can be fully encrypted in transit and at rest in remote off-site data warehouses.
  • The infrastructure is state-of-the-art and backed by an enterprise-level multi-regional secure architecture.
  • Virtual machines can be developed in the cloud that allow you to continue to access your functions, even if you are in the thick of a weather-related disaster or man-made crisis.
  • Data storage is efficient, redundant, and backed by the best security features today, making the cloud more secure than most on-premise IT infrastructures.

 Managed service providers like CWPS can help your company migrate to the cloud and create a data backup and recovery plan that will ensure you never have to hire a data recovery services company. Data backups, secure cloud connections, and the development of virtual machines, are all important functions provided by managed service providers. Contact us today to find out how we can ensure the security of your data in the cloud.

Guide to Keeping company's data safe

The Pitfalls of an On-site Secure Mail Server

Onsite secure email serverTo get right to the point: most businesses don’t need an on-site mail server. Setting up an on-site server can be an expensive and time-consuming and there are so many great virtual alternatives, that a secure mail server in the cloud makes sense for most businesses.

Let’s look more closely at some of the pitfalls that can arise if you elect to set up, utilize and maintain an on-site secure mail server. 

It Takes a lot to Secure a Mail Server

”Email functions in a poisoned and hostile environment, flooded
by viruses and spam. The seemingly simple exchange of text-based
messages operates under complex rules with complex tools, all
necessary to keep the poison out and the system functioning
and useful in spite of the abuse it’s constantly under.”
How to Run Your Own Email Server with Your Own Domain
arsTechnica
Lee Hutchinson

Email is the primary infection vector for many if not most cyber threats. Phishing emails, malware infected emails, and other threats have become incredibly common, which means that you need an email infrastructure that is up-to-date and utilizes the latest solutions in order to keep your data safe. If you can’t commit to this, then it’s better to avoid an in-house email server.

Setting Up an Onsite Email Server Isn’t Easy

The set up and maintenance of an on-site secure mail server can be a complicated affair. Some of the components you’ll be configuring include:

Mail Transfer Agent (MTA) is software designed to handle SMTP or Simple Mail Transfer Protocol. To put it simply, MTA software allows your server to send and receive mail.

Mail Deliver Agent (MDA) software takes mail as it comes in and sorts it into the correct email inbox.

IMAP or/and a POP 3 Server includes programming protocols that allow multiple people to connect to email simultaneously. It also helps route emails appropriately between servers and users.

AntiVirus protection is a necessity these days; cyber security is serious business.

Spam Filters work to keep your email free of junk mail that could include dangerous phishing emails that contain malicious software. Spam filters can be set to different levels and can be added to both incoming and outgoing mail.

Webmail is software that allows you to access email via a web browser.

Unfortunately for you, these are just the highpoints of the software that is needed for an in-house secure mail server. You also need a domain name, DNS records, and an SSL certificate.

Email Server.jpg

Email Servers Need to be Maintained

If you don’t keep up with server maintenance, your chances for being hacked go up exponentially. Updating your systems, including antivirus and spam, will be high on your list of priorities. You’ll also need to monitor to make sure your server isn’t placed on a spam block list, which happens if your DNS is configured wrong or if it’s determined that you’re a serious spammer. 

Then there’s the troubleshooting that comes with maintaining an on-site email server. What happens if emails stop sending? Where do you even start to troubleshoot such a complex situation?

Of course, there are some situations in which it may make sense to have an in-house email server. If you need to have additional control over your emails for compliance reasons, for example, then you may need to go with an on-premise solution. Companies that constantly face litigation also benefit from an on-premise solution, since they need to pull large numbers of emails from the system on a regular basis. For most organizations, however, a cloud-based approach to email like Microsoft Office 365 will be a better fit.

New Call-to-action

The Importance of Cloud Computing to Your Cyber Security Strategy

security-cyber.jpegMoving your data to the cloud is more secure than keeping it on-premise – not less. That’s why it’s increasingly the foundation of a cyber security strategy for a growing number of businesses.

Cloud computing has been around for more than a decade, and service providers have developed some unprecedented techniques using sophisticated IT security detection and mitigation processes that are simply not within reach of most businesses.

From the physical security of servers in data warehouses to using machine learning algorithms to detect network probes by hackers, today’s cloud service providers meet and exceed all of your expectations for an airtight cloud implementation.

On-Premise Doesn’t Always Mean More Secure

For years, the common perception is that an on-premise implementation is always the most secure way to keep your data safe. The problem is that this is not always that case. All it takes is one phishing email or the failure to update an important piece of software for your data to be breached. All we need to do is name some of the latest corporate security breaches: Equifax, Target, Sony, JPMorgan Chase -- and you’ll start to understand that on-premise solutions aren’t always able to defend against cyber security threats.

An article from the Columbia Business School spells it out:

The truth is that applications and data maintained in the cloud can be
more secure than data held in on-premises corporate systems. That’s
because moving to the right kind of advanced cloud system represents
a more dynamic approach to risk. The security of the barriers is
based not just on keeping people out, but on watching people who come in.
You learn from every use of your data, and even from any attempted attack.

Your Cyber Security Strategy Should Start with Cloud Computing

You already understand that cloud computing models lower costs, increase accessibility, and improve the scalability of your most basic functions. But that scalability means massive computing horsepower– and that same bandwidth is important for monitoring cyber threats.

If you have big data, you need the kind of big security found in cloud models. Not only will your data be housed in secure data warehouses with restricted access to physically keep your data safe, but there are also software and hardware controls in place to monitor the network 24/7/365.

Cloud providers also utilize advanced monitoring solutions in order to keep an eye on your data and defend against threats. In some cases, these providers use machine learning algorithms to detect and deter threats as they arise. Picture computer code that runs pattern recognition to look for behaviors across all corporate activities from marketing and ecommerce to logistics and customer care. Cloud computing models monitor and learn from the behavior of anyone that interacts with your company.

Also, your on-premise server room can’t always keep up with the changing threats. With the cloud, vulnerabilities are detected and patched immediately, which is crucial to mitigating security risks. Remediation is as close to instantaneous as you can get. 

These are all great reasons why your cyber security strategy should lean heavily on cloud models. To find out how your business can migrate and secure your data in the cloud, contact CWPS today.

Guide to Keeping company's data safe

How to Develop an Information Security Policy

information security policyIn a small to mid-sized business, you get to wear a lot of hats. We understand the challenges of staying on top of marketplace changes, competition, distribution disruptions, cash flow, and all the other myriad tasks competing for your attention.

That’s why you’re probably going to sigh when we tell you that a must-have for your business in 2018 is an information security policy. Beyond being one more task that you have to take on, an information security policy could help protect your business from cyber breach, including protecting critical corporate data for both you and your clients.

This article looks at the elements of an information security policy and how it will help protect the technology and data that make up your most critical business functions.

Information Security Policy – Your Best Risk Mitigation

The first reason to develop an information security policy is that it will help you fight back against cyber crime. These policies are designed to ensure personal and corporate data by preventing unauthorized access. That’s why your written information security policy should encompass the entirety of your IT structure, from on-premise servers to data housed on laptops and cell phones, to cloud security policies.

But developing an information security policy also shows your commitment to protecting client data. This could be important for federal and state compliance, certainly, but it also illustrates that you’ve completed due diligence around IT security risks, something any service provider – or any client, for that matter -- should be paying attention to. 

In the long run, developing a documented information security policy that is distributed to employees and vendors is also a way to instill trust and potentially win over new business partners. It will certainly help you comply with the requirements of most government contracts, HIPAA or other healthcare compliance rules.

So what are the elements of a solid information security policy?

1. The policy should define the risks to your data, whether it is digital or on paper. It should mitigate these risks by defining a variety of safeguards to protect this data.

2. It should define how users access the data, whether on site on digitally.

3. It should also define a series of consequences for violating these policies.

4. It should detail how employees will be trained to defend against a cyber attack.

5. It should mitigate risk by defining what happens in the event of a cyber breach, employee theft, or any other event that causes a loss or threat to data.

6. It needs to detail which solutions your organization will use to defend against threats.
Finally, it should establish governance for the policies and how often they should be reviewed.

While an information security policy can be incredibly complex at the enterprise level, a smaller business could have a much simpler, but still effective mechanism in place.

What all of these information security policy documents have in common, no matter the size of the business, is a baseline assessment of your company’s policies around your IT systems, how they operate, and how your employees handle access to corporate data. This assessment shows us vulnerabilities in existing technology systems in a proactive approach designed to protect your business.

CWPS is committed to helping you develop secure IT infrastructures. Contact us today for a confidential technology assessment.

Guide to Keeping company's data safe

Must-have Cyber Security Essentials for Your Business

cyber_security_tips.jpgManaging cyber security for your business should be a top priority for 2018. That’s because the threats from hackers are multiplying, whether your business is small or enterprise-sized.

It’s not melodramatic to suggest that your employees are all that stands between you and malware; every day they are one click away from infecting your company. That’s because the volume of phishing emails are the highest they’ve been in years. 

The threats are real, and your corporate information is vulnerable – unless you arm yourself with cyber security essentials to protect your data.

Cyber Security Essentials for 2018

“Malicious emails were the weapon of choice for a wide range
of cyber attacks during 2016, used by everyone from state- sponsored
cyber espionage groups to mass-mailing ransomware gangs.
One in 131 emails sent were malicious, the highest rate in five years.”
Symantec Corporation
Internet Security Threat Report, April 2017

From cyber attacks on political parties in the United States to a hack this month of 143 million Social Security numbers from the number one credit-reporting firm, incidents of data theft are all over the news. These are high-profile cases so you may believe that the data housed in your small to mid-sized company could simply fly under the radar of hackers.

We wish that were true. The New York Times reports 60% of all online attacks targeted the small to mid-size company.

Installing cyber security essentials for the small to mid-size business does not have to be expensive. Partnering with a managed services firm in a monthly subscription can be an affordable way to increase security. Whether you choose the help of an expert or do-it-yourself, here are seven cyber security essentials: 

1. Cyber security needs to be a part of your corporate culture. This means that you need to train employees in how to avoid physical and digital risks. This could include everything from teaching employees how to detect phishing emails, to never leaving a company laptop in your car, to how to select a secure password.

2. Develop a cyber security strategy that defines who is responsible for what in the event of a breach or attack.

3. Keep your operating systems up-to-data with the latest upgrades and patches. If you’re using software-as-a-service or storing your data in the cloud, security updates happen constantly as new threats emerge. But what if you have an email server tucked away in a back closet? When was the last time the operating system was updated?

4. Have a strong firewall and hide your data behind it. If your employees work from home, be sure they aren’t opening a backdoor to your data every time they dial in.

5. Backup all data in the cloud. Backups can be the best protection from ransomware.

6. Create and follow an action and security plan for cell phones. Users should encrypt their data, password protect all devices, and install security apps that prevent theft when accessing public networks.

7. Control access by creating user accounts with strong, frequently changing password protection.

8. Secure and encrypt all Wi-Fi connections.

Staying on top of data security is something you won’t have to worry about when you work with a managed service provider like CWPS. Contact us for a confidential assessment of your data vulnerabilities and the cyber security essentials to keep your company safe.

Guide to Keeping company's data safe