IT demands have skyrocketed since the onset of Covid-19, often completely overwhelming the capacity of existing teams that typically operate with maximum productivity. Setting up employees to work from home has many technical and security hurdles. Stacking that task on top of regular maintenance and support activities left IT departments grasping at straws, forcing some to deploy insecure workarounds to try and best accommodate business activity under intense time constraints.
This is a re-sharing of an article I created for LinkedIn about a week ago that has only continued to gain more relevance. I hope that as information spreads we can hopefully limit the havoc that these bad-actors continue to unleash.
I'm seeing a lot of phishing emails around COVID-19 / the coronavirus. It's disappointing but expected that cybercriminals know that we are looking for information and answers to guide us through the confusion, anxiety, and uncertainty of what to do next. Be careful not to become a victim of these honed phishing campaigns around some "COVID-19 update" or "current coronavirus news". The last thing a small business needs right now is to lose files or financials to these kind of people, so here are a few quick tips.
1) Be especially wary of emails pretending to be from the CDC, WHO, or other government agencies. Try and find the information by searching for it on their website rather than clicking links emailed to you. Even links that appear valid according to their text may be hyperlinked to a completely different location when followed.
2) Keep an eye out for spelling errors and inconsistencies in the subject line and the from line (or domains that don't look legitimate). Read the entire email address to ensure it's coming from the source you think it is. There are cases of cybercriminals pretending to be internal HR members directing staff to click a link to view updated policies, and are instead directed to a malicious website.
3) Do your homework before donating to a cause. We're at our best when we decide that we will pull together to support each other in trying times, but some will look to take advantage of that instinct.
ArsTechnica put together a great article that's worth a read as well, I've linked to it here. Or better yet, maybe search "ars technica covid 19 phishing" and start practicing Tip #1 now!
Stay safe out there, in every way possible.
Cloud is not going to recede in importance anytime soon.
Have you ever lost data from your personal computer? It can be really annoying as well as time-consuming. But imagine the worry if you lose your data in a disaster, and your business does not even have a recovery plan in place.
Cloud computing is continuing to revolutionize the manufacturing industry. Most early adopters of the cloud in the manufacturing sector say that it plays a huge role in streamlining their operations and being more profitable. But, are you still contemplating whether or not to move your business and operational systems to the cloud?
Yet another kind of social engineering technique that exploits human tendencies – Business Email Compromise (BEC) scams are bothering corporate houses at a vast scale. The attackers send fraudulent emails to the targeted firm and ask employees to make unauthorized bank transfers.
The cloud has been instrumental in driving the digital shift in the business world. Cloud computing is a critical enabler for innovation, customer experience, and cost reduction.
Your business can recover from physical damage to real estate in a short time. But the data lost in damaged drives and servers can threaten the entire existence of your business. Is your recovery plan enough to get your business up and running against all — small and big IT disasters?
You know how your business is performing – probably. You know your business’ KPIs and how to read them: analyzing sales reports, profit and loss statements, and financial and operational ratios.