Microchip Close-up With Cyber-Attack Message

8 Weaknesses That Allow Hackers To Rob You Blind


Cybercrime is high, and hackers are setting their sights on small and medium businesses who are “low hanging fruit.” Don’t be their next victim!

It doesn’t matter your size. All businesses have information that can be sold on the web for boatloads of cash (social security numbers, bank information, credit card numbers, login data, company secrets, etc.). Below is a list of 10 things hackers target when looking for victims:

8 Signs That Make Hackers Smile

  1. Poorly Trained Employees. The #1 vulnerability for business networks are the employees using them. If they don’t know how to spot infected e-mails or online scams, they could compromise your entire network. A phishing e-mail is a bogus e-mail that is carefully designed to look like a legitimate request (or attached file) from a site you trust to get you to give up your login information or click and download a virus. A good social engineer can sweet-talk their way into an employee’s confidence and trick them into giving up confidential information or access to company systems. You can’t rely on technology alone on this one. Training your employees to spot scams is the best way to limit losses.
  2. Use Of Company Devices for non-business. You must maintain an Acceptable Use Policy that outlines how employees can use company-owned PCs, devices, software, Internet access, and e-mail.
  3. Weak Password Policies. Passwords should be 10 to 20 characters and contain lowercase and uppercase letters, symbols, and at least one number. Use a password manager with multifactor authentication to gain access.
  4. Unpatched Networks. New vulnerabilities are frequently found in popular software programs, such as Microsoft Windows and Office; therefore, it’s critical you patch and update systems often.
  5. Inadequate backup systems. Data only backups are insufficient for most businesses and will not allow you to recover from a disaster like a ransomware attack quickly. Most companies that are forced to pay the ransom used data only backup systems.
  6. Networks With Employee Installed Software. Cybercriminals dupe unsuspecting users to willfully download malicious software by embedding it within downloadable files, games, or other “innocent” looking apps. You should have written policies against such practices.
  7. Inadequate Firewalls. A firewall acts as the frontline defense against hackers blocking everything you haven’t explicitly allowed to enter (or leave) your computer network. You should have policies and systems in place to prevent anyone from changing firewall settings without your OK.
  8. Use Of personal mobile devices without approved security. It’s not uncommon for hackers to set up fake clones of public WiFi access points to try and get you to connect to THEIR WiFi over the legitimate, safe public one being made available to you. If you allow employees to use their own mobile devices, then you must have policies in place requiring company-approved security software, the use of secure mobile hotspots and VPNs when operating out of office, and access-passwords to gain entry to the devices.

You Need A Managed Security Plan

Many Small-to-Medium size businesses (SMBs) feel that they can “go it alone” and secure their networks against hackers―they can’t. There are too many ways hackers can weasel their way into systems or trick unsuspecting, but well-meaning employees into letting them in.

IT expertise is needed to give your business a fighting chance in today’s ultra-unsafe digital environment.

Those businesses that do not have an IT department need to get a Managed Services Provider (MSP) on board right away. A good MSP will be able to quickly assess the state of your network, propose ways to strengthen your security and give you EXACT PRICING BEFORE you sign an agreement with them.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions. We provide Disaster Recovery as a Service (DRaaS), Backup as a Service (BaaS), Cloud Data Protection (CDP), and Managed I.T. Services (MSP). Call (845) 362-9675 for a free consultation. Backup & Disaster Recovery| Cloud Data Protection | Managed I.T. Services