Five for Five: 5 Updates You Can Read in 5 Minutes
Check out these 5 highlights from September!
If You Are Still Using Windows 7- You Have a Major Vulnerability on Your Network
Windows 7 will be 84 years old in October. Ok...that is in dog years. But Windows 7 is still really old.
Support for Windows 7 ended in January of 2020. Which means if you are still using Windows 7, you have a major vulnerability sitting on your network.
As technology progresses, Windows 7 is being left in the dust. The tools that we use to manage and protect you, no longer operate at their full capacity on Windows 7, which puts you at an even greater risk. This is not the first time we have talked to you about replacing your Windows 7 machines, but hopefully it will be the last.
We care deeply about seeing you and your business succeed. And we also care deeply about providing amazing service to you. To continue to allow you to use Windows 7, without strongly urging you to replace it, would be a huge disservice to you. You have put your trust in The IT Company to help secure your business, so please listen to us now.
The Threats Around Using Consumer and Otherwise Products in Business Environments
You may think your IoT devices does not contain enough valuable information to be worth a hackers time. But think again.
In the first 6 months of 2021 there has been over 100% increase of the number of cyberattacks on IoT devices then in the second half of 2020. There have been 1.5 billion detected attacks on IoT devices since January. That number and the increasing amount of attacks is alarming.
With more people continuing to work from home, there has been an increase of employees using personal devices at home, to log into corporate networks. So while cyberattacks on a personal IoT device may not seem as threatening, the reality is- an attack on a personal IoT device can be a huge gateway for cyber criminals to steal both personal and corporate data.
The security holes in most law firms, make their organization a hackers dream. If cyber criminals can take this security holes and use them as a way to get in- they have a party on their hands. We know that is something you want to avoid.
We've listed 10 major security holes we see in almost every law firm. Read them and identify how many of them apply to your firm. If you have even one of these security holes, it is time to take action.
No defined security permissions on file shares.
Users have local admin rights without separation of privileged accounts.
No two-factor authentication (2FA) for M365 and VPN.
No conditional access on M365.
No email logging and security event management.
No security event management on the VPN and firewall.
No end-point detection system.
No ongoing security awareness testing and training.
Lack of Internet Content Control and DNS Level Filtering.
Lack of policies and procedure, and the requisite testing of those P&P is an issue.
Just as much as you don't want cyber criminals throwing a party at your expense, we don't want them throwing a party at your expense either.
The goal is to think/assume incident/breach. Don't be naive in assuming you can stop it – instead assume it will happen, and put all of the pieces in place to: mitigate, respond and recover.
New to Made Right Here? We're bringing you the stories of East Tennessee founders, builders and creators! From the idea behind it, to the impact it had on their employees, the community and their personal lives, we are taking you behind the scenes of the movements they built. Made Right Here is available on Apple,Pandora,Simplecast, Spotify and Google Podcasts, as well as YouTube. Be sure to follow Made Right Here on LinkedIn, Facebook, Instagram, and Twitter for updates and links to the episodes!
Where Can You Find The IT Company?
Community involvement is extremely important to us at The IT Company and we love finding ways to support the Knoxville community. Keep an eye out for us a these local events in the upcoming month!