Don’t be a Statistic: Protect Your Manufacturing Business Against Cyberattacks by Establishing a Policy of Cyber Resilience

Last year, the United States faced a staggering financial toll of over $10 billion due to cyberattacks. Alarmingly, a considerable portion of these losses impacted the manufacturing sector, making it the second most targeted industry for cybersecurity threats. The concept of cyber resilience—preparing for, responding to, and recovering from cyber incidents—has never been more critical for manufacturers. In this blog, we offer a foundational guide for manufacturers to fortify their operations against cyber threats.

What is Cyber Resilience?

Defined by the National Institute of Standards and Technology (NIST), cyber resilience is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Consider cyber resilience as the protective armor your company dons against cyberattacks. While it may not prevent an attack entirely, it can mitigate the damage and help your organization recover more efficiently.

Why is Cyber Resilience Important for Manufacturers?

While technological advancements are revolutionizing every sector, they also introduce new vulnerabilities. For manufacturers, this means an increased number of entry points for cyber threats. A Deloitte report reveals that 40% of manufacturers have fallen victim to a cyber incident, and 38% of these incidents led to financial damages exceeding $1 million.

Further emphasizing the urgency is research from Statista, which shows the manufacturing industry was the target of 23% of all cyberattacks in 2021, making it the second most targeted sector. The FBI’s Internet Crime Complaint Center (IC3) 2022 Internet Crime Report indicates a 20% increase in reported cybercrime incidents affecting the manufacturing sector over the past year.

Given these alarming statistics, cyber resilience is no longer just a security measure; it’s a business imperative or manufacturers. Building a cyber resilient manufacturing ecosystem can mitigate the impact of these threats, ensure operational continuity, safeguard sensitive data, and ultimately protect your financial health.

5 Essential Elements of Building a Cyber-Resilient Manufacturing Ecosystem

1. Risk Assessment

The foundation of a robust cybersecurity strategy lies in a thorough risk assessment. While it’s impossible to foresee every potential risk, identifying vulnerabilities in your manufacturing system is a critical first step. Leveraging established frameworks, such as NIST’s Cybersecurity Framework, can provide a structured methodology for this assessment. These guidelines are designed to be adaptable across various industries, including manufacturing, and can serve as a valuable roadmap for your organization.

2. Employee Training

The human element is often the weakest link in cybersecurity. According to the 2023 Verizon Data Breach Investigations Report, human error was a contributing factor in 74% of all data breaches. Employee training is not just beneficial but essential for bolstering cybersecurity in manufacturing.

The IBM Cost of a Data Breach Report 2023 further highlights the importance of employee training. Organizations that invested in comprehensive training programs saw a significant reduction in the average cost of a data breach—by as much as $1.5 million or 33.9%. This underscores the financial and operational benefits of incorporating cybersecurity into both employee onboarding and ongoing education.

3. Data Backup and Recovery

Data is the cornerstone of modern manufacturing, driving insights that enhance production efficiency and quality. Losing access to vital data can have severe repercussions, from production halts to financial losses and damage to your reputation.

A well-structured data backup and recovery plan serves as a safety net, enabling quicker restoration of operations in the event of a cyber incident. It’s not merely about preventing downtime; it’s about maintaining the integrity of your manufacturing processes and retaining customer trust. In essence, a robust data backup and recovery strategy is indispensable for any manufacturing company aiming for cyber resilience.

4. Incident Response Planning

IBM reports that only 46% of organizations have specific incident response plans for different types of cyberattacks. This leaves a majority of organizations vulnerable, lacking a structured plan should they experience a cyberattack. An effective incident response strategy should encompass preparation, identification, containment, eradication, recovery, and lessons learned.

NIST also offers valuable guidelines, suggesting that an incident response plan should be a set of instructions designed to detect, respond to, and mitigate the impact of cyberattacks against an organization’s information systems. Whether you consult with your internal IT department or partner with a Managed Services provider, implementing a comprehensive incident response plan is essential for safeguarding your digital assets and ensuring operational continuity.

5. Regular Updates and Proactive Patch Management

Outdated software is a glaring vulnerability, akin to an unlocked front door for cybercriminals. Software developers routinely release updates and patches to address security vulnerabilities. Neglecting these updates can expose your manufacturing operations to a myriad of risks, including data breaches and system failures, as emphasized by Stay Safe Online.

To bolster your manufacturing ecosystem, it’s imperative to have a proactive patch management strategy. This involves not only updating your software but also vigilantly monitoring for new vulnerabilities and applying patches as they become available. In doing so, you’re not merely patching up security gaps; you’re constructing a more resilient and secure operational environment.

Conclusion

The concept of cyber resilience—preparing for, responding to, and recovering from cyber incidents—is no longer optional; it’s a business imperative. From conducting comprehensive risk assessments and employee training to implementing robust data backup and recovery plans, incident response strategies, and proactive patch management, each component plays a critical role in building a cyber resilient manufacturing ecosystem.

These measures not only protect your digital assets but also ensure the continuity of your operations, thereby safeguarding your reputation and financial stability. If you find yourself overwhelmed by the complexities of achieving cyber resilience or simply wish to fortify your existing cybersecurity measures, don’t hesitate to contact Back To Business IT. Our team of experts is here to guide you through every step of the process, ensuring that your manufacturing operations are as secure and resilient as they can be.

5 Essential Cybersecurity Tips for Small Business Owners

Photo of Cybersecurity button and a person pressing on a graphic of a lock

In the modern business landscape, reliance on technology by small business owners is increasing, fueling both growth and efficiency. Technology tools add many essential benefits but also introduce complex challenges with cybersecurity. A survey conducted by Connectwise in 2022 revealed a startling trend: 76% of small businesses had fallen victim to at least one cyberattack, a significant surge from 2020 when only 55% reported such an experience. The data underscores the critical importance for small business owners to safeguard digital assets.

Cybersecurity is a vast and complex field, with numerous aspects for businesses to consider. The task of shoring up security may seem overwhelming and daunting. To simplify this challenge, here are five actionable steps to enhance small business cybersecurity.

1. Inventory Technology Assets

Begin with identifying vulnerabilities potential threats can exploit to access business data. Understanding the technology, you have in your small business is the foundation of a robust cybersecurity strategy.

Why it’s vital: Knowing what devices are connected to your network helps you monitor and control access. Neglecting this can lead to unauthorized access, resulting in data loss or manipulation of sensitive information.
How to do it: Create a detailed inventory list of all devices, including their make, model, and purpose. Regularly update this list to reflect any changes.

2. Ensure Technology is Up to Date

Once you know what technology you have within your business, keep it current. Keeping technology up to date is a critical cybersecurity measure for small businesses.

Why it’s vital: Hackers often exploit known vulnerabilities in outdated systems. Keeping technology up to date ensures that you have the latest security patches. Failure to update can lead to financial loss due to cyberattacks.
How to do it: Regularly check for updates for your operating system, antivirus software, and other critical applications. Enable automatic updates where possible.
Checking for Updates: Most operating systems and software have an option to check for updates in the settings or preferences menu. For hardware, consult the manufacturer’s website or support for firmware updates.

3. Implement Multi-Factor Authentication and Unique Passwords in Your Small Business

Passwords and logins are often the first line of defense in small business cybersecurity.

Why it’s vital: Simple or reused passwords can be easily cracked. Multi-factor authentication adds an extra layer of security. Ignoring this can lead to reputational damage if personal or financial information is compromised.
How to do it: Encourage employees to use strong, unique passwords for different accounts. Implement multi-factor authentication wherever possible.
Understanding Multi-Factor Authentication (MFA): Multi-factor Authentication, also known as MFA or Two-Step Verification, is a security process that requires more than just a username and password to verify the user’s identity. Traditional authentication methods that rely solely on usernames and passwords are often inadequate, as usernames can be easily discovered, and passwords may be simple or reused across different sites. MFA adds an additional layer of security by requiring a second “factor” to prove who you are. This second factor can be something you know (like a password or PIN), something you have (like a smartphone or secure USB key), or something you are (like a fingerprint or facial recognition).

Image of Cybersecurity Multi Factor Authentication Types of Factors. Text reads, "Types of Factors: Something You Know (Examples: PIN, Password), Something You Have (Examples: Code sent by text, MFA app), Something You Are (Examples: Face scan, Fingerprint)

4. Install a Firewall for Your Small Business

A firewall is a fundamental cybersecurity measure for small businesses. Implementing a firewall can prevent DDoS attacks, which saw a 60% increase in malicious attacks in the first half of 2022.

Why it’s vital: Firewalls filter incoming and outgoing traffic. Without a firewall, networks are exposed to potential threats.
How to do it: Consider both software and hardware firewalls. Ensure that remote employees also have adequate protection.
Understanding Firewalls: A firewall is a crucial component of cybersecurity, especially for small businesses. It serves as a virtual barrier between your internal network and the external internet, monitoring and controlling the flow of traffic based on predetermined security rules. There are two main types of firewalls: hardware firewalls and software firewalls. A hardware firewall is a physical device that sits between a network and the internet, while a software firewall is installed on individual computers within a network.

5. Educate Staff on Cybersecurity in Your Small Business

Your employees play a crucial role in any small business cybersecurity strategy. In fact, according to Gartner, “82% of data breaches were a result of employee behaviors that were unsecure or inadvertent.”

Why it’s vital: Human error can lead to breaches. Educating staff about common cyber threats and safe practices can prevent many potential attacks.
How to do it: Conduct regular training sessions and education, including:
Workshops and Seminars: Regularly conduct workshops to educate employees about the latest threats and safe online practices.
Online Resources: Share informative articles, videos, and tutorials.
Simulated Attacks: Conduct simulated phishing attacks to test employees’ awareness and provide feedback.
Regular Reminders: Send regular email reminders about safe practices, updates, and company policies.

Cybersecurity is not just a concern for large corporations; it’s a vital consideration for every size business. By taking these five actionable steps, you can significantly enhance the cybersecurity posture of your small business. For a more comprehensive list of things you can do to protect your business, download our Cybersecurity Essentials Checklist for Small and Medium Sized Businesses.

At Back To Business I.T., we offer comprehensive cybersecurity services tailored to your needs. If you are looking for assistance with your cybersecurity strategy, contact us today.

What to Expect When Applying for Cyber Insurance

Several years ago, cyber insurance was just an add-on to larger policy discussions, but with the rise of malicious online attacks, it’s jumped to the forefront and has become one of the most expensive policies under a company’s insurance coverage. Here’s how to ace your application and get the best rates.

Cybercrime is a multibillion-dollar industry. Even with careful security measures in place, it remains a constant struggle for businesses to stay one step ahead of hackers looking to extort them. Phishing emails, malware, security breaches, network security issues, and computer system breakdowns are just a few examples of the kinds of cyber risk that can cause serious liability or revenue loss. That’s why proper cyber liability insurance remains a vital risk-transfer tool for organizations of all sizes.

For businesses attempting to acquire cyber insurance, the application process itself can be daunting. Application forms aren’t standard and can be very complex — what used to be a seven-question application has evolved over the last few years into a multi-page document broken out into various categories. Truth be told, it can read less like an application and more like an audit questionnaire. (Check out a sample cyber insurance application here.)

Insurers want to be as thorough as possible when evaluating an organization’s cybersecurity infrastructure and deciding their level of risk. They depend on the detail contained in the application to determine how well the people, processes, and technology can protect and respond to cyber threats. Any vagueness or incorrect information can create major issues later on if (or when) a claim is filed.

If you’re planning on applying for cyber insurance, it’s important to identify your company’s cyber risks prior to submitting the application. Specifically, insurers will ask for:

The basics — What industry you operate in, as well as how much and what type of information your organization stores, processes, and transmits. In addition, underwriters want to see how you manage data security and who oversees cyber-related matters.
Information security — Do you have a formal program in place to test and audit security controls? Underwriters also typically look to see if you have basic controls in place, including firewall technology, anti-virus, and intrusion detection software.
Breach history — Have you been breached before? Is the data you house vulnerable? How effective are your data security techniques moving forward?
Data backup — Underwriters want to know if you back-up all your valuable data on a regular basis, if you utilize a redundant network, and if you have a disaster recovery plan in place.
Company policies and procedures — What type of cybersecurity and incident response policies do you have in place? For example, how do you handle password updates, the use of personal devices, and revoking network access to former employees?
Compliance with legal and industry standards — Failing to comply with cyber-related legislation can be incredibly costly, and insurers want to know how you handle compliance. Specifically, whether you are compliant with applicable regulatory frameworks, are a member of any outside security or privacy groups, or utilize out-of-date software and hardware.

Although the cyber insurance application is more rigorous than most insurance applications, you can secure the best rate by doing your due diligence and prepping ahead of time. Being honest about the risks and vulnerabilities your company may face from cyber threats will also help you get the right policy coverage.

Need help applying for cyber insurance or meeting specific criteria? Talk to an expert at Back To Business I.T. today!

Benefits of Robotic Process Automation (RPA)

If you’re thinking about ways to implement automation in your company, you’re not alone. A recent study entitled “The State and Fate of Small and Medium Business” conducted by Xerox with Morning Consult surveyed 1,200 business decision makers from companies with 25-1,000 employees in the US, Canada, and UK. The study indicated that digital transformation and automation have become top priorities in the post-pandemic world:

80% of small and medium-sized business (SMB) leaders saw automating tasks and processes as important to their survival during the pandemic and moving forward.
82% strongly emphasize the importance of digitizing paperwork.
Two-thirds plan on upgrading their automation tools.
Three out of four observed an increased reliance on workflow solutions over their pre-pandemic setups.
65% have already upgraded their workflow solutions.

HOW CAN RPA BENEFIT YOUR BUSINESS?

Robotic Process Automation (RPA) is a software technology that mimics human actions for high volume, repetitive, rule-based tasks. It can achieve high levels of efficiency for these mundane and often boring tasks that are better suited to be handled by computers, freeing up humans to focus on creative, strategic, and innovative idea-making. It is important to think of RPA as a “digital assistant” that helps humans to be more efficient and focus their time on activities that require higher levels of cognition, empathy, and ingenuity. While RPA implementation is highly successful in many appropriate applications, it does not replace human workforces or populate your office with robots!

Since its inception and early introduction, RPA has experienced meteoric growth in the marketplace, supported by a significant body of highly successful use cases and measured, sustained, and demonstrable return-on-investment. It involves low/no-code programming and is relatively inexpensive and quick to implement and scale, generating ROI in a matter of months, not years. Because of its success with large businesses (100% of Fortune 500 Companies now have robust RPA programs) and the emergence of many competitive and highly versatile software platforms in the marketplace, it has reached an affordable, low-risk level of accessibility for small and medium-sized businesses who can truly begin to take advantage of its many benefits. The current job market and limited availability of staff combined with increasing demands on businesses to thrive in the digital space have accelerated our arrival at a “sweet spot” for RPA adoption.

To successfully begin implementing RPA in your organization, you must first create a strategic and thoughtful approach with some key considerations:

Do you have workflows and processes that can be successfully and cost-effectively automated?

RPA is optimal for processes that are high volume, repeatable, and rule-based. For example, if you run a report once a month and your staff member spends five minutes creating the report, this is most likely not a candidate for automation. However, if you generate dozens of reports daily and a staff member spends hours, not minutes, pushing buttons, selecting folders, and running and emailing these reports, automation might make sense.

Is your organization excited about digital transformation?

RPA adoption requires education, communication, cultural acceptance, and enthusiasm. It is important to build consensus and identify key leaders and stakeholders that will champion its usage as a part of your corporate culture. Your RPA team will need to include various roles including C-Suite supporters, I.T. staff and daily users that are excited and positive about change.

How will you scale up your RPA program in the future?

RPA is most successful when it is continually monitored, maintained, and scaled up. As you begin the journey, it is important to create a roadmap for future automations to maximize the full capabilities of your initial investment. Adding automations after implementation can be achieved at a much lower cost than the initial implementation and will magnify your return by achieving increasing levels of productivity and efficiency across your company.

Will you implement RPA using in-house I.T. resources or collaborate with a consultant?

Depending on your company’s in-house I.T. capabilities, you may choose to create an RPA Center of Excellence (CoE) within your own company using in-house resources. This decision may be affected by availability of RPA expertise, existing workload of current staff, and desire to create long-term autonomy. An internal CoE can still benefit from expert, outside consultation from a Managed Service Provider in the initial building phase. If you choose to work with an outside provider for RPA, it is important to select a consultant that has solid experience, certified experts on-staff, and an established history of providing ongoing services to meet your needs for support as you move forward.

Back To Business I.T. and The Greentree Group have established expertise in providing RPA for a variety of clients. Our RPA Center of Excellence creates unique automation solutions for all levels of government, as well as private corporate applications in a wide range of sectors including finance, manufacturing, healthcare, and many others. Our philosophy begins with helping each client thoroughly understand the opportunities, risks, and potential benefits of any technology, and partnering with you to make informed decisions to grow your business. Interested in learning more about what RPA can do for your business? Schedule a no-cost consultation here.

Common Sense and Cybersecurity

Earlier this month, Colonial Pipeline’s operations came to a halt after a ransomware attack orchestrated by DarkSide, an Eastern European cybercriminal organization. It took several days after the May 7 attack for the company to begin restarting parts of their systems as well as the mainlines. The effects were widespread and felt by most of us – gas prices at the pump fluctuated almost immediately.

As a society, we are becoming increasingly desensitized to news like this. Cyberattacks happen so often, it seems, that it’s hardly news. So why is it that so many businesses still don’t take cybersecurity seriously? There’s a shroud of mystery surrounding cyber – the media portrays hackers as hooded criminals lurking in a dark room. And while cybercrime methods change constantly, there are measures companies and individuals can take to protect their data. Those steps aren’t mysterious; they’re not hidden. Maybe they’re so simple – so rooted in common sense – that it’s easy to overlook them, and dismiss their importance.

“The problem with common sense is that it is not so common.”

Maybe it’s easy to dismiss simple ways to implement cybersecurity because “well, everyone knows to do that.” The truth is maybe not everyone knows. Maybe “common sense” isn’t as common as we would like to think. For example – do you lock your doors when you’re not home? Chances are you do. It’s one of the most basic things to prevent entry and protect what’s inside. One of the easiest ways to protect your business data is to password protect your computer systems. This most rudimentary of security measures, which costs nothing to implement is still not being used by many businesses.

Along the lines of common sense, let’s revisit the events following the Colonial breach. Gas prices increased, media coverage heightened awareness of a potential (temporary) shortage. Some people took to the pumps to fill up before it got worse. Others took more drastic measures, filling up plastic bags with gasoline. Common sense would tell (most of) us it’s a bad idea to fill a plastic bag with gasoline, but the truth is not everyone has the same thought process and the same information. So much so that the US Consumer Product Safety Commission announced on social media that it was, in fact, a bad idea to fill plastic bags with gasoline.

Do not fill plastic bags with gasoline.

— US Consumer Product Safety Commission (@USCPSC) May 12, 2021

This is an extreme case, most of us probably understand why it’s not a good idea to fill a bag with gasoline. But many businesses are doing the cybersecurity-equivalent of this, likely without realizing it. For example, if your company has data on computers that aren’t password-protected, or even protected by passwords such as “password1234” – that’s a potentially disastrous situation.

Cybersecurity: Start with common sense

Cybersecurity for your business doesn’t have to be complicated, unattainable, and cost-prohibitive. It would be irresponsible for us to reduce cybersecurity to just password-protecting your computers – but the truth is that you can start with simple steps like that. The password illustration is easy to understand but is by no means the gold standard as far as security measures go. Using common sense – perhaps the best of the senses – can help jumpstart your cyber approach. Your business technology is unique; your cybersecurity strategy should be unique, too. We can start where you are – whether that is as simple as password-protecting your systems or as complicated as monitoring network traffic for anomalies. Every business that uses technology in some way is vulnerable to cyberattacks, from pipelines to pop-up boutiques. Don’t wait until something disruptive brings your operations to a halt. Let’s start today.

Contact our team to talk about cybersecurity solutions for your business, from the tried-and-true to the cutting edge.

Protect Your Identity and Learn About BEC Scams

Today is the first annual Identity Management Day! We join the National Cybersecurity Alliance and the Identity Defined Security Alliance to raise awareness and share resources for identity protection.

Protecting our data and promoting privacy is becoming more important to the wellness and security of our lives both professionally and personally – and not just on Identity Management Day. Cybercriminals are continually evolving their strategy and tactics to compromise their targets; it is paramount that end users stay aware of the dangers that lurk beyond the firewall.

One of the most common threats seen today are “Business Email Compromise” scams – or BECs. These involve criminals impersonating key organizational staff or vendors – perhaps an executive, HR, or other members of leadership – with the end goal being the fraudulent transfer of money.

The most common type of BEC scam is invoice or payment fraud.

65% of organizations faced BEC attacks in 2020.
In 2020, BEC costs increased rapidly, from $54,000 in Q1 2020 to $80,183 in Q2.
In 2020, 80% of firms experienced an increase in cyberattacks.
62% of BEC scams involve the cybercriminal asking for gift or money cards.
Payment/invoice/billing scams skyrocketed by 155% in 2020.

Don’t become a cyber statistic! Read on for tips on how to recognize (and avoid) these increasingly popular email scams.

Be Skeptical

If it seems strange, investigate. Last minute changes in instructions or recipient account information is a red flag that something could be wrong. Trust your gut.

Don’t Click it

Verify information related to any contacts associated with the request. If it is a vendor requesting something, do not contact them through information provided in email – use trusted information on file. If you get a strange request from someone you work with, call them on their known phone number. A quick call can save a big headache!

Double Check that URL

If there is a URL in the email, make sure it’s associated with the business it claims to be from. Discrepancies are a likely indicator that hostile actors may be involved.

Spelling Counts

Make sure to check for misspellings in domain names. Cybercriminals will often exploit similar names, hoping that the recipient will only glance at it and not realize it is different. Writing style will also be very simple and brief with little information added.

Look for Other Clues

Does it seem strange that the CEO is contacting you personally, via email, with an urgent request? Is a manager, with whom you just had a meeting, asking you to send money? Are you receiving invoices from clients that you aren’t responsible for? All of these are common tactics that are used that can be caught by paying attention to oddities.

See Something? Say Something!

If something looks suspicious, report it to your I.T. department or your MSP! If you’ve been of victim of a BEC scam, file a detailed complaint with www.ic3.gov.

Want to learn more about how to protect yourself and your business from cybercriminals?

Back To Business I.T. specializes in creating and managing secure I.T. environments and has the tools and experience to provide proactive, customized cybersecurity training for businesses of all sizes. Don’t become a cyber-statistic! Get in touch today and let us help you take steps to ensuring your cyber safety.

7 Cybersecurity Tips for SMBs

7 cybersecurity tips for small and medium-sized businesses (SMBs), brought to you by Back To Business I.T.

Antivirus and Filters

Scanning your systems regularly to detect malware and potential vulnerabilities should be at the top of the list when it comes to cybersecurity measures. Putting web and email filters in place can help block nefarious traffic and messages from ever reaching your systems.

Restrict Access

Along the same lines of defense as Antivirus and Filters, use restrictions to limit staff access. The same way you restrict departmental access depending on where a person works, it’s a good idea to implement internet restrictions. This way employees are limited to the websites they can access on company computers – and thus lessen the risk that they’ll wander into some dark alley on the internet.

Train Your Staff

One of the biggest cybersecurity risks any company faces is its people. To err is human, right? And err we do. Phishing emails are the most common cyberattack, and how over 90% of successful breaches begin. Educate your staff on best cybersecurity practices. Our cybersecurity awareness training offers not only educational materials, but simulated training exercises to test employees’ preparedness in a safe sandbox environment. Contact us to learn more.

Step Up Your Authentication Game

Setting up multi-factor authentication means that system access has a two-layer protection. Requiring both a password and a pin, for example, will likely reduce your risk of unauthorized access. Much like having biometric and pin or pattern access on your phone protects your data from prying eyes – two-factor authentication on your systems can keep your data safer.

Patch and Update, Faithfully

Clicking that ‘update later’ button is usually a bad idea. Updates ensure your system has the latest information on potential vulnerabilities. Patching does just that – patches certain ‘holes’ or fixes bugs in the system. This is part of why it’s critical to use up to date hardware/software – so you can be sure the manufacturer is working constantly to keep it as secure as possible.

Back Up Your Data

In the case of a breach, having your data backed up can make the difference between paying the ransom or not. Cybercrime isn’t the only reason to back up your data though – as other events can affect system functionality and disrupt your business. In the context of cybersecurity, it can give you the upper hand. If your data is securely backed up, there’s usually less down time in the event of an attack.

Have a Cybersecurity Policy in Place

All the good intention in the world won’t take the place of a solid information security policy. Make sure your staff is aware of the processes and best practices for cybersecurity in your company. You’ve worked hard for your business, protect its future.

Here at Back To Business I.T., we’re a business too. We have the same concerns and face the same challenges. Our customizable solutions are meant to change as your business grows – fitting your needs, and your budget. Take your business to the next level with a technology partner you can trust. Contact us today!

Managing Your Digital Presence by Updating Privacy Settings

Do you still have a MySpace, or a Xanga? There are probably a few accounts out there that you no longer use – and probably didn’t remember you had. But they are still part of your digital presence and should be monitored. How do these old accounts pose a cybersecurity threat?

Easy Targets: Well, old accounts usually have outdated privacy settings. That means cyber-criminals could be using your personal information to build a social-engineering profile for you, making it easier to target you in phishing or spear phishing attacks. If they have info on your subscriptions, memberships, likes, affiliations, etc. they can make their phishing bait emails much more believable.

Data Leaks: Let’s say your privacy settings on those old accounts are locked down tight. How robust is that website’s security? How easy is it for cyber-thieves to break in and steal it? Chances are, websites or services that aren’t widely used anymore aren’t going to have the most up to date information security measures in place. Do you really want to risk it?

Optics: Another reason to clean up your old accounts may be simply to moderate the content that’s out there. As we all know, the internet is forever. When we post a comment, publish an article, or share a photo, our name is tied to that media until we delete it. Do you have accounts with NSFW photos, comments, or content? A quick search on any search engine should reveal content tied to your digital identity. Is there something you don’t want shared?

So go ahead, take a stroll down your memory lane on the internet and see what you find. Deactivate accounts you no longer need, manage old content and how it’s shared, and enjoy the peace of mind.