Information technology blog, cybersecurity blog

Last fall, I had the amazing experience of being interviewed by Chion Wolf—a familiar voice and personality to anyone who listens to WNPR—for the Connecticut Voice Podcast. The podcast highlights LGBT individuals from different areas of expertise across Connecticut and I was honored to be included. Our conversation touched on everything from coming out to helicopters, to cybersecurity—including my favorite interview question I’ve ever been asked comparing working in IT to being a pilot. Pride Month seemed like a good time to share some highlights from this interview, so below are two moments that stood out to me as well as the full audio recording.

Cyberattacks are on the rise. It’s just a plain fact. Numerous studies, reports, and surveys have pointed to the findings that not only are cyberattacks on the rise but specifically ones designed around social engineering such as phishing attacks. Worse still – these attacks have seen an even bigger jump in frequency since remote work requirements have also increased. Cybercriminals see the amount of company devices outside the typical protections of their traditional offices being an opportunity to harvest data, lock up those devices, and make a quick buck (by the thousands). That’s why I wanted to talk to you about Umbrella (formally OpenDNS).

You might remember a time when some folks believed that having one thing alone meant that their business devices or networks were secure. “We have a firewall, we’re fine!” “All of our PCs have antivirus, so we’re good!” In modern times any single, standalone security product (antivirus, firewall, etc.) isn’t enough to protect your business, your users, and your data. However, these things do make for effective layers when securing your business with a defense in depth security strategy. Defense in depth is a security approach that we at Kelser subscribe to wholeheartedly for ourselves and our clients. A strategy that should be applied whether you’re protecting your office or your home environment when working remotely. In this article, we’ll walk through what defense in depth is, how it can protect your business, and the most essential layers that you should consider for any environment.

Video chat meetings are now part of daily operations for so many businesses. When the coronavirus quarantine period started, video conferencing was a bit of a fun novelty. Colleagues who had never tried Zoom were now using it multiple times a day. Sadly, it didn’t take hackers long to realize they could exploit the popularity of video chat platforms to commit cybercrimes. Zoom in particular has experienced so many security issues that many organizations, including school districts in NYC, have banned it. While there are certainly more secure platforms, I use Zoom every day. Since the COVID-19 pandemic began, Kelser has advised our clients on how to use Zoom and set it up for them. Recently, I was a guest on FOX 61 Morning News to discuss cybersecurity best practices for Zoom.

It seems like overnight most of us joined the remote workforce. Even for companies that already have the infrastructure in place to handle a situation like this, it has made for the ultimate stress test. For other businesses, it’s been a wake-up call as many now find themselves building the proverbial boat as they’re floating down the river. As we continue into the new temporary reality of long-term remote work and social distancing, I’ve been thinking a lot about the security considerations of working from home versus working in the office.

During tax season, personal information is being exchanged at a much higher rate than any other time of year. Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them. There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right. For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on FOX61 Morning news to offer tips to viewers to avoid tax season scams.

The world learned last week that the information of over 10 million hotel guests at MGM Resorts was obtained by hackers. The data breach is the result of a security incident that occurred last year, but the data was being shared in hacker circles recently and discovered and verified by ZDnet. Most of the data is limited to hotel stay info, addresses, and phone numbers dating back to 2017 and earlier. Since Kelser is a trusted, local managed service and cybersecurity provider, FOX61 News had Kelser CTO Jonathan Stone on following the breach to discuss what hackers can do with this type of apparently harmless information.

The latest issue of Corporate & Incentive Travel Magazine tells the story of how I was at a conference—a cybersecurity conference of all things!—and it provided an unsecure general access wireless network. There was no preregistration for this network and the password was distributed freely to attendees. Most attendees wound up using the hotspots on their phones. Many conferences and events of all types have inadequate cybersecurity protections in place. The Wi-Fi networks offered at these events may seem more secure than public Wi-Fi, but in most cases, they are not. In fact, they could be more dangerous to use because hackers interested in a particular type of data can target the network of a specifically relevant conference (rather than the general network of a coffee shop, for instance).