Contact Sales:| Support:| Pay My BillClient SupportLet’s Talk!
A Message From Our CEO
Protecting Your Business: Cybersecurity and Beyond
We are almost half way through 2021 and as we look back we see that many of our customers are seeing business return. We see their employee numbers growing again which is a great sign. The bubble of pent-up demand is bursting with investments in infrastructure and new technology projects. Even so, we realize some industries are still recovering and hardships persist. We will continue to do what we can to help you through.
As for Iconic IT, we are seeing more of our team returning to the office and we look forward to a grand re-opening of our offices after the 4th of July holiday. We are offering a great deal of flexibility for our staff during this transition back to the office. However, we certainly look forward to being together again. We remain thankful that while several Icons have been infected with COVID-19 over the past 18 months, we have seen 100% recovery.
I wanted to shift now to the big news of the day. As you have probably heard, the U.S. has had 2 big cyberattacks that affected gas and oil and the other affected a meat processor. But the largest in the world cyber-attack was the SolarWinds breach that occurred earlier this year. In the SolarWinds case, an intern’s password was guessed by the hackers. The password was “solarwinds123”. Clearly having a more complex password policy in place these days is a necessity. In this case the hackers waited 18 months after gaining access to inflict mayhem.
Many of the breaches we see are from phishing emails where someone is tricked into entering their passwords on fake sites. The other method used is when hackers steal your password from some 3rd party and you use the same or similar password for your business systems. Breaches are happening every day to small and large companies. Hackers even target the smaller companies more often now because many don’t the appropriate security in place and they know they can get a quick payment from your insurance company and move to the next victim.
I realize you are probably tired of hearing about security risks from our industry but I feel compelled to continue the discussion. Many of you are well beyond this but some are still not, so I am going to remind you of a few things that you should consider implementing immediately.
Multi-Factor Authentication (MFA) – Even if they steal your password, with MFA enabled they would need your cell phone or key fob to access your account. While considered optional by some in the past, those days are gone. (Personal note… If your online bank account doesn’t require multi-factor authentication, find a new bank.)
Dark Web Monitoring – this service tells you if the bad guys already have your passwords. If they do, you need to change your passwords.
Employee Training and Simulated Phishing Attacks – User error causes most breaches. Training is the best way to reduce these risks. Short training programs every month and simulated phishing attacks keep employees aware and on their toes.
Managed Detection and Response (MDR) – this service looks for threats that already exist or sneak by preventive security tools. It also helps mitigate the effects of an attack. It is an advanced service provided by our partners who were former NSA cyber operators. They are often engaged post cyber-attack to do forensic work, but are best engaged as a preventative service.
The services mentioned above are fairly simple to implement and very cost-effective. They can be added to any Iconic IT service plan and most are standard in our new service plans. I have asked our strategic services managers and general managers to ensure they are discussing these types of security options and some of the more advanced options with you. And please don’t hesitate to contact me or your vCIO if you have questions.