Equifax Data Breach – 9 Ways to Protect Your Business

4 10 2017

Consumers have been the target of most of the fraud prevention measures the Equifax breach highlighted. However, there are many things business owners should also put into place in highlight of this case.

Here are nine steps you can take to help protect your business. The first step is to act quickly and review your current security protocols and measures.

Keep reading … 

Equifax Data Breach – 7 Ways to Protect Yourself

4 10 2017

There has been quite a bit written about the Equifax data breach – why it happened; how it happened; and what you can do about it.


The most important thing for our clients is the what you can do about it. We’ve listed several steps you can take to help protect your credit report, as well as put some measures into place that may protect it in the future.


What is Ransomware?

22 12 2015

Ransomware is one of the more dangerous types of malware. It can be downloaded from a compromised website or received as an email with a link or attachment. Once executed it can lock the computer or encrypt the files (documents, spreadsheets, PDF’s & pictures) on your computer and pop-up a message saying to recover your files you need to pay a ransom through some type of online payment method.

If your files have been encrypted, you are in trouble. Usually it is not possible to unlock the files because the decryption key is stored on the cybercriminal’s server. You could pay the ransom. I DO NOT recommend doing this. It does not guarantee that the criminal will unlock your files. The other option is to restore from a backup. This is one reason you should be backing up your important files regularly.

The first step in preventing ransomware from hitting you is to be cautious browsing online. Don’t open unexpected email attachments and be cautious when clicking on a suspicious web page or link. Installing a free browser extension like Web of Trust (www.mywot.com) will help you determine which websites you can trust when doing internet searches.

Add an extra layer of protection by keeping your computer Operating System up-to-date with the latest Security patches using Microsoft Updates and have anti-virus software installed and up-to-date to help protect from the latest viruses and malware.

Backup important files regularly either with an online service or to a local backup device. When using local backup devices, keep at least three backup copies of your data, each on a different media (hard drive, flash drive, etc.) and the third at an offsite location.

Andy 2013

Submitted by Andy Koetter, RBSK IT Consultant

Password Security

2 10 2015

You may hear from time to time that someone’s email has been “hacked” and is sending out spam. The term “hacked” sounds scary, and it can be, but typically when someone’s email has been “hacked”, it is nothing more than an automated system that guessed your password. A simple password change will resolve the issue. Most of the time an attacker has gathered a list of email addresses that are loaded into a computer or server and then the automated system runs a dictionary attack on those accounts. A “dictionary attack” is a technique used to try and guess the password of an account by trying multiple combinations of passwords containing words that you may find in a dictionary. When your password is a single, common word, and maybe a number or two thrown on the end, the system will figure that out. Now they have your email credentials. Attackers then utilize this account information to send spam to your contacts and others on your behalf. This allows them the opportunity to sometimes bypass spam filters and also hide their tracks. So, by definition, yes you have been hacked, but not in the sense most people think of when they hear the phrase, “you’ve been hacked.”

This leads me to password security. According to gizmodo.com, the top 3 password in 2014 were 123456, password, and 12345. If any of these are your personal email passwords, I can guarantee you that your email credentials will be compromised at some point, if they haven’t been already. When creating a password, never use your name, a family member’s name, all numbers, or any word that personally identifies with you that may be easily guessed. Even when you think you are being tricky by making an “a” and “@” symbol or making an “O” a “zero”, sophisticated password cracking tools will figure those out. These are easily guessed by a dictionary attack, or maybe someone that knows you and may have more malicious intent than sending some spam from your email account.

It is best to use what is called a passphrase, rather than a password. A passphrase is a string of words that make up a phrase. Passphrases are much more difficult to guess and are often easy to remember. To most, Ilovecatpictures is easier to remember than C@t$2015, and is more secure. According to howsecureismypassword.net, it would take a desktop pc 22 billion years to crack the Ilovecatpictures passphrase, and just 3 days to crack C@t$2015! While these numbers might be a bit exaggerated, you get the picture. I used this site for educational purposes. It is not recommended to enter your real password; I mean passphrase, into the website to check its strength.

Another great way to create and manage secure passwords is to use a Password Manager such as LastPass or RoboForm. These tools, which are password protected themselves, will allow you to create secure passwords for all of your online accounts and they will remember them for you. They also include a feature that will auto generate a super secure password that you could never remember, but you don’t have to!

Oh, and one last thing, don’t tell anyone your passwords or write it on a sticky note near your computer!

Brian McReynolds

Submitted by Brian McReynolds, IT Consultant, RBSK Partners