We are issuing an urgent security warning to businesses and individuals. With many people working from home, there has been an explosion of Cyber Criminals trying to take advantage of potential holes in corporate networks.
As many of us are trying to balance work, kids at home and other interferences, there is a growing risk of distracted computer users falling victim to phishing attacks and other security intrusions.
The following is a critical checklist that you must have in place:
✓ Multi-factor authentication on your email
✓ Anti-spoofing setup to stop someone impersonating the CEO
✓ An advisory on external emails saying they’ve originated outside your company
✓ Training staff through fake phishing attacks to see if they click on sketchy links
✓ Password policies to force strong passwords and change them regularly
✓ The correct Microsoft licensing in place (Microsoft 365)
✓ Ensure computers are on the latest operating system software (I.e. no Windows 7) and routinely run updates
✓ Ransomware-proof backup
✓ Executives use password keeper software instead of the same password across multiple sites
✓ Documented wire transfer process that includes multiple people, security dongles and verbal confirmation
✓ Use only company-owned computers, especially when accessing from home
✓ Monthly review of security settings to make adjustments according to best practices
✓ Monthly review of all of the above to make sure nothing has fallen through the cracks
Without the above in place, we have seen businesses fall victim to wire fraud and Ransomware (which can cost hundreds of thousands of dollars) or smaller scams like buying a few hundred dollars in gift cards.
If you would like more information about why any of the above recommendations are needed, please don’t hesitate to reach out.