OMG - Counter Productive Persistence
By in

OMG - Counter Productive Persistence

Hey guys attila here from Cylanda in this quick short on OMG otherwise known as one minute growth ideas for you and your business we’re going to talk about a very fun word two words that I really like it’s called counterproductive persistence counterproductive persistence there you go two words counterproductive persistence is something that we come across all the time is when we keep trying to solve that problem trying to finish that task keep trying to do the same thing over and over and over again and as we know doing the same thing over and over sometimes leads to insanity counterproductive productive persistence is recognizing that you’re stuck in a loop or maybe your co-workers or your team is stuck into it and it’s time to maybe just take a quick moment reset maybe take a minute of silence give yourself a little bit of stepping away from the problem to go back and come back had it stronger with a better perspective and to make better choices so remember counterproductive persistence it’s something that you and your team may be encountering every day and now you know what to do about it and that it really does exist stay safe out there I’m Attila with Cylanda

The Importance of Strengthening Your Cyber Security Culture
By in

The Importance of Strengthening Your Cyber Security Culture

A once widely held belief that IT is in charge of all things cyber security is changing across industries. Cyber security culture now must include everyone who has access to data. However, how clear is the understanding of this culture to every department in your organization? A report from ISACA and CMMI Institute found that only 34% of employees know what their role is where cyber security is concerned. This would indicate that the cyber security culture that is supposed to be all-inclusive is not hitting the mark. This is concerning when employees represent the weakest link in a cyber security plan–they leave “doors” open that cyber criminals easily detect. This happens mainly with poor password hygiene and the ease with which employees click on links that contain viruses. All of this can be prevented with a better education campaign.

Changing the Culture While a true culture change within an organization can take years, cyber security culture can’t wait that long. Everyone must share the same beliefs that are inherent in a high-functioning cyber security strategy. This will require commitment to change, which can be among the most difficult aspects of any shift in company culture. The process can be improved by offering a cause and effect scenario, which outlines various situations in which an employee can be the source of a disruption.

Basically, it comes down to accountability. Know Your Role If everyone knows the risks, do they also know what they can do to help? Do they have a distinct definition regarding their role in the strategy to prevent getting hacked? Some organizations have taken to regular “fire drills” where they initiate a staged event and everyone leaps into action. In this case, employees are each tackling their specific task and memorizing the steps they need to take. This will enable them to know exactly what to do if and when something actually does go awry.

Communication Your security team should be a sounding board for potential and current issues. People will make mistakes, and they should be encouraged to openly discuss them with the appropriate people without fear of retribution. Accountability is important, and by establishing a sense of trust, the organization will benefit. An option that could help shift the cyber security culture in your organization is going to a third party for the tools and services that improve safety, reduce risk and help define a more comprehensive strategy. Getting this assistance puts less pressure on your security team, giving them the flexibility to handle on-premise situations that can also lead to better security practices. Contact us today to learn more.

9 website security tips from experts
By in

9 website security tips from experts

Here are 9 website security tips that can make a big difference if you take a day to work on them. Statistically, a regular small business website is attacked 44 times per day.
We see a lot of articles about simple 10-step tips on how to improve web security and how to make sure your website is safe from hackers, but sometimes it takes a bit more than good passwords and frequent updates.
1. Start with password management tools. Every account should have a different password, so an evil-minded attacker can’t access all your accounts when one of them gets compromised.
Let your password manager calculate a strong password for you so that it would be extremely hard to brute force them. And of course – use two-factor authentication wherever you can.
2. Choose a good hosting provider for your website. Sometimes your website can be secure but if the host is targeted and their security is low it can get your website compromised as well.
Try managed hosting providers if you don’t feel confident enough to build a good technical environment for the site. Make sure to read the reviews.
Read more about if you should rely on hosting security here and learn about the dangers of shared hosting here.
3. Avoid running multiple sites on one server. Also, create a separate database for each site instead of using different prefixes. This will help you keep the sites isolated and will save you a lot of money if one of them gets hacked.
4. Back up your website regularly. Some hosting providers do it for you but no matter how secure your website is, there is always room for improvement.
At the end of the day, keeping an off-site backup somewhere is perhaps the best antidote no matter what happens.
5. Separate database from the file server. Experts recommend maintaining separate web servers and database servers for better website security. Though the cost may be prohibitive for small organizations, it does make sense when you have to handle customer credentials and other data.
6. Use HTTPS/TLS to encrypt data. There are more reasons than security in that but keeping your visitors/customers data secure should be your number one priority.
Change the admin username – During WordPress, Joomla or other CMS installation, you should never choose “admin” as the username for your main administrator account. Also, Disallow file-editing inside the CMS.
7. Disable features you don’t use. For example: disable registrations and commenting on your website if you’re not benefiting from them.
Remove all the plugins and themes that are not critical for your website functionality (especially the ones that are disabled or inactive).
8. Always patch regularly. Know what software your website is running, regularly check if there are any new vulnerabilities on any of your software and always update/patch them as soon as possible.
9. Build layers of security around your site. Just as you lock your doors before leaving your house and install antivirus software on your desktop computer before browsing the web, you should also have a security system to serve as your website’s first line of defense against hacking attacks.
We all agree – to achieve success in today’s world it is necessary to maintain an online presence, but it is equally as important to preserve it as well. Nowadays it’s more than important to invest in security.

Dangers of using USB Flash Drives
By in

Dangers of using USB Flash Drives

Malicious USB sticks are leveraged where an attacker needs physical access to a computer.
The first notorious incident was observed back in 2010 when the notorious Stuxnet worm was distributed via USB sticks to launch attacks on the networks of an Iranian facility.
Plugging an unattended USB flash drive to a host system or network is no less than a threat. Such drives can be infected with viruses and ransomware which later can be used to disrupt the operation of a business.
Purpose of using malicious USB sticks
Malicious USB sticks are leveraged where an attacker needs physical access to a computer. The first incident was observed back in 2010 when the notorious Stuxnet worm was distributed via USB sticks to launch attacks on the networks of an Iranian facility.
Other malware that used USB flash drives for propagation include:
The Duqu collection of computer malware.
The Flame modular computer malware.
What can a bad USB stick do?
A malicious device can install a wide range of malware such as backdoors, trojans, and information stealers. They can also install browser hijackers that will redirect a victim to the hacker’s website of choice, which could host more malware, or inject adware, spyware or greyware on target computers.
How to protect systems from malicious USB drives?
Do not plug unknown flash drives into computers that are critical to an organization, This is a social engineering tactic where the attacker relies on the curiosity of people.
Don’t use the same flash drive for home and work computers. This can reduce the risk of cross-contaminating your computers.
Always enable security features such as fingerprint authentication to secure USB drives. This will help protect the device from hackers.
Keep the software on your computer up-to-date as the update includes crucial patches for known vulnerabilities.