Skip to main content

Small Business Security Priorities for 2017

Small Business Security Priorities for 2017
Small Business Computing

A New Year has arrived, along with some big security challenges.

In 2017 the expected proliferation of Internet of Things (IoT) devices across all types of environments will make it tough to ignore the security ramifications. The continued popularity of the cloud will continue to attract the attention of cyberattackers and ransomware authors will keep the IT security industry on its toes.

Here are some of the small business security trends to follow going into a brand-new year.

The Growing IoT Security Threat

There's plenty of excitement surrounding the burgeoning Internet of Things (IoT) technology market.

Soon, offices will be littered with equipment that monitors its own performance and can schedule preventative maintenance, averting unplanned downtime and costly repairs. Smart homes will adapt to the habits and preferences of their inhabitants while enhancing safety and lowering energy bills.

The downside of this hyperconnected future is that cyberattackers have some sinister ambitions.

In 2016, a couple of massive distributed denial of service (DDoS) attacks highlighted the dangers of an IoT ecosystem that fails to prioritize security. Botnet operators used the collective traffic-generating power of millions of compromised IoT devices, including digital video recorders (DVRs) and IP cameras, to knock a website belonging to Brian Krebs, a prominent security researcher, offline. They disrupted access to major sites including Twitter and Netflix by targeting Domain Name System (DNS) provider Dyn.

In some cases, vulnerabilities in seemingly harmless home automation devices can enable hackers to sneak onto a small business network. Malware-infested servers and other systems could soon follow.

To avoid becoming a victim, security researchers suggest replacing the trivially easy to crack default passwords set by the factory on an IoT devices with a strong one. It's a good first move, but there are additional steps small business owners can take to safeguard their environments when the IoT inevitably invades the workplace. Get more IoT Security Tips to Protect Your Small Business here.

Keep a Lid Cloud Credentials

It's no secret that businesses of all sizes are flocking to the cloud for their IT services and software needs.

The cloud subscription, pay-as-you-go approach appeals to organizations seeking to control IT costs and enable "anywhere, anytime" collaboration by using cloud storage, sync and sharing services. As an added perk, they generally get to enjoy enterprise-grade security and reliability, aside from the occasional outage, of course.  

Unsurprisingly, some crafty attackers have found a way to steal data from cloud storage accounts. Microsoft's latest Security Intelligence Report warns of Man in the attacks (a variation of man-in-the-middle attacks, of sorts).

In a Man in the Cloud attack, "an attacker induces a prospective victim to install a piece of malware using a typical mechanism, such as an email with a link to a malicious website," states the report (PDF), offering another reason to be on the lookout for phishing attempts. "After the malware is downloaded and installed, it finds a cloud storage folder on the user's computer. It then switches out the user's cloud storage synchronization token with the attacker's token."

In the wake of a successful infection, a copy of each file uploaded to the victim's cloud storage account is delivered to the attacker. Making matters worse, attackers can cover their tracks by immediately removing the malware after the tokens have been switched, rendering the breach practically untraceable by anti-virus software.

Ransomware Targets Databases and Microsoft Office

There's another good reason not to fall for phishing emails. Attackers are banking on the likelihood that your small business network is home to a business database and valuable Office applications.

In November, security firm Trend Micro warned of alarming new behavior being exhibited by the popular Cerber family of ransomware. Version 4.1.5 of the malware targets Microsoft Access, Oracle, and MySQL database files, sometimes shutting down those databases to encrypt files that are currently in use.

Ransomware authors are also hoping victims will pay up to recover their business files. Earlier this month, security researchers at Microsoft cautioned that the latest Cerber variant is targeting folders associated with the Office productivity software suite. 

and more »


Popular posts from this blog

4 Ways to Make Extra $100 on Social Media

What if I offered you an extra $100 today, would you take it? I know I would. Extra money definitely comes in handy.

Many individuals concentrate on saving money, yet expanding it is the opposite side of that coin. You can use your skills, your social media on your spare time to make few extra cash today.

Social Media 1. Sell Photos Do you have many followers on Instagram? try selling some of your photos. Stock photo sites hire photographers, professionals, and amateurs alike.
2. Sponsored posts. If you’ve got a large following on social media, brands will pay to get access to them. You can charge per post, or set up a long-term agreement with a company. Try applying for a Famebit Creator account, promote your social media profile to advertisers and make easily $100 or more. 3. Work as a freelance virtual assistant. You can use your skills to build a company’s social media. You can charge $30 an hour easily, and make $100 in less than four hours. You may want to create a gig in Fiver…

[METHOD] New Way to Create and Promote Dropship Business

Business Idea: Dropshipping Profit: $2,000 - $30,000 per month
Want to earn 6-7 figures a year? Why not try dropshipping! They are already hundreds and thousands of successful dropship entrepreneurs earning millions a year. And most of these entrepreneurs ordered products from AliExpress and sold it double at their online shop.

Did you know that most of the AliExpress/Alibaba items are sold on Amazon and eBay, and not only those that are delivered from China? AliExpress is the retail arm of Alibaba, the wholesaler. I've been looking at reviews and sales numbers for AliExpress items on eBay and Amazon to give me a superior thought of what sells best in USA and UK.

I've discovered that there is a considerable amount of low-quality items on Aliexpress and that you must be watchful who you purchase from. But I listed down some reliable sellers and items worth selling. A high rate of positive reviews doesn't really mean a lot – it's normal for sellers to give rebates or di…

[METHOD] Make Money through Facebook Page + CPA Affiliate Campaign

I recently saw some Facebook pages doing some giveaways . They were mainly about luxurious cars Range Rover, BMW, Mercedes etc. Maybe some of you have seen them too they are still out there.
I didn't like the idea but anyways I decided to test it. 
Results : I made ~ $1000 in 3 days. the fake page & FB account I was using got taken down.
I'm no longer using this method since it's not that sustainable but I feel it may help someone get started in IM or provide someone with new ideas on how to make money on fb
1.) Have a Facebook account.  You should preferably not use your real Facebook account if you want to use blackhat on this method.
2.) Create a Giveaway Page. Have a creative story on your page like this one:

Win 1 Of 2 Beautiful [car name] (Ends on [date])

This will be the first time in Facebook History that we at [car name] will be giving away 2 Beautiful [car name] to two winners that we will randomly select on [date]

Want to join this amazing giveaway for a cha…