During tax season, personal information is being exchanged at a much higher rate than any other time of year. Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them. There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right. For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on FOX61 Morning news to offer tips to viewers to avoid tax season scams.
Simply having or transmitting data is a risk. It’s often a necessary risk—companies have to store and share data constantly in order to do business—but it’s important to remember that if something is deleted or isn’t shared, it’s much less likely to fall into the wrong hands. This is something we talk about with our cybersecurity clients throughout Connecticut on a regular basis. Part of our process is to take stock of who they are sharing data with and why. If there’s not a reason to be sharing a particular type of data with a particular party, then not sharing it cuts down on risk of it being breached at some point. If data isn’t in use anymore, deleting it eliminates something a hacker could get a hold of.
Start improving your cybersecurity posture now with this ebook, free when you subscribe to our blog.
Over time, you’ve noticed some of the classic signs that you need extra help with your organization’s IT function: You’re struggling to hire someone with the skills or expertise you require for a particular job. As employees fight to resolve the most critical IT problems, your routine low-level maintenance activities are falling by the wayside. There’s limited bandwidth to work on long-term strategic projects that can bring more value to your business.
Joining forces with an IT managed services provider (MSP) gives you the benefits of having a full-time IT staff, without the full-time expenses that go with them. MSPs can enrich even small and medium-size businesses with a wealth of IT knowledge and experience that wouldn’t be available at the same price point with in-house employees.
Improving record keeping and data handling is critical to keeping the trust of partners, vendors, contractors, and customers. The importance is magnified when the federal government is involved, with the goal of creating a national culture of cybersecurity that protects the information of our businesses, citizens, and government. The National Institute of Standards and Technology (NIST) created Special Publication 800-171 to help protect Controlled Unclassified Information. But what does that actually look like? How will you know you’re meeting the standards laid out in NIST 800-171? What is CUI?
As part of my role as CTO at Kelser, I am also vCIO for some of our clients, such as Hoffman Auto Group. A vCIO, also called a virtual or fractional CIO, performs the strategic function of a tech executive for an organization that doesn’t necessarily need a fulltime CIO in house.
I recently visited the set of Good Morning Connecticut to talk about the biggest cybersecurity stories in the news right now.
Only twice has Microsoft issued a patch for old, out-of-support versions of Windows: in 2017, just before the massive WannaCry cyber attack, and just recently. With newly discovered vulnerabilities from Intel, and even one in Windows 10, a very high number of computers around the world are potentially exposed right now. While we haven’t seen exploits yet to take advantage of these vulnerabilities, they likely aren’t far off. Conditions have scarcely been better for a massive cyber attack on the scale of WannaCry. Last week, I had the chance to break this down for listeners of the Brad Davis Show.