March Tech Talk Newsletter

Databranch Monthly Tech Talk

IT Solutions for the Workplace

March | 2021

What's Inside?

01 - Monthly Update from David

02 - Testimonial of the Month

03 - Phishing Attacks: How to Recognize Them and Keep Business Data Safe

04 - Please Don't Give Everyone Access to Everything

05 - Turn Your Biggest Cyber-Security Threat Into Your Best Line of Defense

Did you know?

The first chatbot was developed by MIT professor Joseph Weizenbaum in 1966. Called ELIZA, it was driven by a script called DOCTOR and replied to people like a psychotherapist would.

He was shocked by how many people opened their hearts to ELIZA. His secretary even asked him to leave the room when she was speaking with it...

Testimonial of the Month

“Jeff, Karyn, and Josh were so very helpful through the whole process. It was a top notch experience. Every time I’ve contacted Databranch I feel listened to and have experienced prompt attention to whatever issue I have. I am looking forward to beginning Phase 2 of our project soon. Thank you so much.”

Carla Woodside, Director at Tionesta Library

MONTHLY UPDATE

FROM DAVID

Do you remember how we used to collaborate on documents in the bad old days, about 10 years ago?

I’d write a document and email it to you.

You’d save it, adding “v2” to the filename. Make some changes. And then email it back to me.

I’d save a “v3”, make my changes and email it back…and the pattern would continue.

If there’s been one benefit to this pandemic, it’s that the collaboration tools have gotten better and more of us are using them.

Whether you use Teams, Slack, Google Docs or one of the many hundreds of pieces of clever software around, the benefits to your team working in the office and remotely are significant.

I think we’ll start to see these software packages integrating more closely with other software you rely on. For example, Outlook reminders now have a “join meeting” button to launch a Teams video call.

Microsoft is already well integrated, and it’s moving further down this route at speed. Others will follow. The more your various pieces of software are integrated, the less friction there is for you. We have fully integrated Microsoft Teams in our office at Databranch and are using it daily to collaborate and communicate.

I’d always love to talk about your business!

You can reach me at dprince@databranch.com or 716-373-4467 x 12 to connect about collaboration or any other areas we can assist your team to utilize technology to work more effectively.

Phishing Attacks: How to Recognize Them and Keep Business Data Safe

Cyber-crime is on the rise, and hackers are using any opportunity to take advantage of an unknowing victim to gain access to personal information for financial gain. The new ‘work from anywhere world’ makes everyone at risk to cyber attacks, especially because threats are harder to track over home networks. The blurred lines between home and work create security nightmares if safety protocols are ignored, or don’t exist.

One commonly used tactic is phishing. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing a person’s sensitive data. If your employees fall prey to phishing scams while working from home, it can affect your company network by transferring malware and viruses over internet connections.

One phishing email has the power to cause downtime for your entire business and unfortunately the scams are getting more sophisticated on a daily basis, thus harder to detect.

Here are five different types of phishing attacks to avoid:

Spear Phishing: Attackers pass themselves off as someone the target knows well or an organization that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is used to exploit the victim.
Whaling: Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organization, to boost credibility. This approach also targets other high-level employees within an organization as the potential victims and includes an attempt to gain access to company platforms or financial information.
Mass Campaigns: Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated.
Ambulance Chasing Phishing: Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic. According to Google, it has been reported that cybercriminals have sent an estimated 18 million hoax emails about COVID-19 to Gmail users every day.
Pretexting: Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail) to set an expectation that they’ll be sending something seemingly legitimate in the near future only to send an email that contains malicious links.

If you would like to learn more about how to protect your organization from phishing scams, please reach out to Amanda at 716-373-4467 x 15 (alasky@databranch.com) or your dedicated Databranch Account Manager!

Please Don't Give Everyone Access to Everything

With so many potential vulnerabilities in every business IT system, there is no “silver bullet” - no single safety measure that will let you sit back and relax, knowing your IT is safe and data is secure.

Most of the risks are ongoing and constantly changing. You need an active approach to stop your business from falling victim to a data breach or malicious cyber-attack.

It would take a lot more space than is available in this newsletter to talk about all the risks you may face.

So instead, we can talk about two of the most important things you can do to stay safe.

1 - Make Sure Your Team Only Has Access to the Data They Need

Keep an eye on who has access to what, and whether they need it.

The more people have access to sensitive data, the more potential routes there are for the wrong people to get access to it.

If you give everybody access to everything, all it will take is for one account to become compromised, and before you know it criminals armed with malware will have access to your systems.

Just as important is how you manage the IT accounts of people who leave the business or change jobs internally. For example, if an employee switches from accounting to a management job in a completely different part of the business, they probably won’t need to keep access to all the data they needed for their last role.

Failing to adjust permissions only adds to your level of risk.

When people leave your business, you must immediately restrict their access to your systems and data. Implement appropriate policies and processes to reduce the risk of something slipping through the net.

2 - Keep Your Devices Secure

Another important thing to watch out for is how frequently you’re installing updates on devices. This includes tablets and phones, as well as computers.

They must all be kept updated with the latest security patches. Because all it takes is one weak link for your whole business to potentially be compromised.

Make sure that you replace old devices that are no longer getting updates or can’t support the latest versions of software.

And of course, it’s also important to make sure that all devices are backed up in real time, as well as encrypted. Encrypting makes the data unreadable if the wrong person gets hold of your device.

Databranch can help you review your data policies and ensure your devices are patched and up-to-date through our Foundation Security Platform. Click here to get started or give us a call at 716-373-4467 x 15!

Turn Your Biggest Cyber-Security Threat Into Your Best Line of Defense

Your employees are your number one cyber-security threat. A sad fact, but true.

They are often the main gateway through which hackers try to work their way into your business. After all, it can only take one click on one wrong link in an email for cyber-criminals to get in.

But your staff can also be your best protection against threats.

Turning your team from a security risk into your most important line of defense is not as difficult as you may think.

The most important step is to train them all properly. Cyber-security training, whether it’s delivered through an e-learning module or face-to-face session, should be a compulsory part of their on-boarding process – with ongoing training and refreshers.

Building a culture of awareness and vigilance is one of the best things you can do to protect your business.

For example, educating staff on the risks of opening suspicious email attachments will make them pause and think twice before opening emails they’re not 100% sure about. It can also be useful to share details about attempted attacks so they can see the risks are real, ongoing, and what they look like.

It’s also a good idea to write a formal information security policy that all employees need to read and sign. This should set out, in clear and direct terms:

Best practice
What needs to be avoided
The procedures employees need to follow to reduce data security risks.

Your policy should also explain what actions people need to take if they suspect there’s been a cyber-security incident.

It’s key to act fast and make the right people aware the moment anything suspicious happens. Steps can then be taken to reduce the risk of a serious incident developing by fixing gaps in your systems, or making other employees aware of an emerging threat.

This can be especially important if criminals are targeting individuals by impersonating somebody known to the business, like a senior manager or a major supplier. Attacks like this have a nasty habit of hitting several people at the same time with similar techniques.

Databranch offers a continuous end-user security platform to provide your users with a foundation knowledge of best security practices and weekly micro-trainings to build on their knowledge and keep security top-of-mind. Click here to learn more or email info@databranch.com for more information!

WE LOVE REFERRALS

The greatest gift anyone can give us is a referral to your friends. Referrals help us keep costs down so we can pass the savings to our clients.

If your friend ends up becoming a client - we’ll gift them their free first month of service (for being a friend of yours) AND we’ll gift you a $100 Amazon Gift Voucher.

Simply introduce me via email (dprince@databranch.com) and I’ll take it from there. I personally promise we’ll look after your friend’s business with a high level of care and attention (just like we do with all our clients).

Technology Trivia

It may be hard to believe now, but Amazon started life selling only one product. Do you know what it was?

The first person to email us at info@databranch.com and give a correct answer gets a $25 Visa Gift Card

NEED A LAUGH?

Why did Wi-Fi and the laptop get married?

Because they had a connection.

If you were forwarded this email from one of our great Databranch clients and would like to receive future updates, click here to sign up for our newsletter/weekly tech news!