July 18, 2019

Simple Steps to a Secure Password

If you’ve had to reset any of your passwords, you’ve run into the stricter requirements that all websites are now enforcing.  These requirements may include using both lower and upper case letters; using numbers; or using a symbol.  By incorporating these, your making a secure password, and  you’re helping to ensure the privacy of your information.

But how can these simple and effect steps create a secure password?

The longer and more complex your password is, the better.

With the increasing amount of online purchases and transaction, safeguarding your information is more important than ever.

Here are 5 other easy ways to help you create a more secure password.

1. Use a password phrase

  • A quote for your favorite movie, book, poem, or song:  ‘You’re gonna need a bigger boat’[1]
  • A famous saying:  ‘My fellow Americans’

2. Substitute numbers and symbols in place of letters

  •  Leaves of Grass  —>  Le@v3 of Gr4$$[2]

3. Create an acronym

  • ‘Toto, I’ve got a feeling we’re not in Kansas anymore’[3] —>  TIGAFWNIKA

4. Misspell or write your password backwards

  • Broadway  —>  Braodway
  • Broadway  —>  yawdaorB

5. Create a pattern on your keyboard

  • Make a zigzag pattern by using letters and numbers that are above or below one another for example, FT6yhu8IK

 


[1] JAWS, 1975

[2] Leaves of Grass, Walt Whitman

[3] Wizard of Oz, 1939

Do You Realize How High The Risk Of A Data Breach Is For Your Small Business?

Do you have any idea how high the risk of a data breach is for your small business? For every high-profile case like the Target data breach at the end of 2013, there are hundreds of data breaches experienced by small businesses owners across the country. If you thought there was no risk of a data breach because it only happens to the big boys and your confidential information is safe because of your size, you couldn’t be more wrong.

Since January 2012, California has seen the equivalent a major data breach every 2-½ days, and those include only the data breaches that have been reported. The risk of a data breach is increasing by the day.  The majority of data breaches often go unreported and, even more frightening, many go unnoticed.

The Risk Of A Data Breach

risk of a data breach, zephyr networks

Risk of a Data Breach

Jason Oxman, chief executive of the Electronic Transactions Association, told the Los Angeles times that, “We are absolutely facing an epidemic of attacks on our nation’s infrastructure and attempts to gain access to information… smaller merchants tend to be easier and more attractive targets for cyber criminals.” Although the big problems like Heartbleed make headlines, the threats to confidential data held by everyday enterprises – dentist offices, colleges, financial consultants, Specialty Retailers and the list goes on and on – tend to fly under the radar. This reality does not surprise Zephyr Networks.

The dark underside of the current American economy is populated by not only the prototypical nerdy hackers, but by organized crime operatives who steal office computers and ex-employees who take the information given in trusted confidence and sell it to the highest bidder. The risk of a data breach comes from many different dark sources.

If more than 500 Californians are affected, the institution must give the attorney general’s office a copy of the advisory letter sent to potential victims. More than 380 of these letters have been posted since the program began in January 2012 — which equates to a major breach in the state every 2-½ days.

Risk Of A Data Breach Growing

Still, these are only the companies coming forward, admitting what has happened to them, and taking responsibility. The risk of a data breach also includes the risk of losing business due to the scandal. A good percentage of small to mid-sized companies hit by data breaches bury the truth. Such a bad decision is the result of the fear that a data breach will permanently damage their business. What is problematic is their fear is based in reality because public data breaches often erode a company’s client base while damaging their reputation. This is the price brought on by casually accepting the risk of a data breach.

Despite the prevalence of data breaches and equipment thefts, many small firms know little or nothing about cybersecurity. The National Small Business Association reported that 44% of respondents to a survey last year had been victims of at least one cyberattack or data breach, with an average $8,699.48 cost for each breach. Accepting the risk of a data breach often proves costly.

Understanding The Risk Of A Data Breach

Zephyr Networks understands that California’s size and wealth make its businesses a popular target. Companies that process, store or transmit credit and debit card data are expected by card companies and payment processors to abide by the Payment Card Industry Data Security Standard, a checklist of protocols known as PCI. But many of the 8 million U.S. businesses that accept credit and debit cards simply ignore this requirement.

Small-business owners often leave themselves vulnerable, increasing the risk of a data breach, by browsing social media or messaging friends on the same computer used to process financials. Others allow employees to log in to company networks remotely using easily stolen passwords or credentials. “It’s an economic calculation for a small merchant — is it more expensive to secure the network, or pay for the damages that may result if not?” Oxman said. “But many don’t consider the possible reputational harm. If you’re a small business, you might not be able to withstand the drop in business that might result from a breach.”

Minimizing The Risk Of A Data Breach

If you are a small business in Orange County, Zephyr Networks has a proven history of providing cybersecurity solutions that are affordable and tailored for each specific company. We know how to miminize the risk of a data breach for your company. To find out more, please contact Zephyr Networks by calling 800.884.7559.

IRS A Vocal Supporter Of Business Continuity Planning And Disaster Recovery Strategies For Business Owners

When the IRS becomes a vocal supporter of business continuity planning and disaster recovery strategies, the Computer & Networking Support specialists at Zephyr Networks take note. In a recent Special Edition Tax Tip entitled Keep Your Records Safe In Case Disaster Strikes that was released in May of 2014, the IRS strongly emphasizes the best practices that have helped make Zephyr Networks one of the top Computer & Network Security providers in Orange County.

IRS Supports Business Continuity Planning

In the recent news release, the IRS clearly explains an key point in business continuity planning:”

business continuity planning

IRS & Business Continuity Planning

“Some natural disasters are more common in the summer. But major events like hurricanes, tornadoes and fires can strike any time. It’s a good idea to plan for what to do in case of a disaster. You can help make your recovery easier by keeping your tax and financial records safe.”

By focusing on the essentials, the IRS outlines a list of effective disaster recovery strategies that Zephyr Networks has instituted in practice for Orange County business owners for many years. This list includes the following suggestions:

Business Continuity Planning Suggestions

1. Backup Records Electronically

Scan important business documents onto an electronic format and use an external storage source to store important records. This is why Zephyr Networks advises our clients to take advantage of our private cloud capabilities. Never forget to back up files and keep them in a safe place.

2. Use Business Continuity Planning To Be Prepared

If you have an expert on your side like Zephyr Networks, emergency preparedness for a disaster will be in place through first-class business continuity planning. The IRS recommends that you review your emergency plans every year. Knowing what natural disasters can hit your area, make sure your are ready to address the real potential problems your business might face.

3. Count On The IRS And Zephyr Network

If you fall victim to a disaster, the IRS is ready to help. The IRS disaster hotline at 866-562-5227 is your best resource for special help with disaster-related tax issues.

Help With Business Continuity Planning

At the same time, Zephyr Networks in Orange County is your best resource for business continuity planning and disaster recovery strategies. By being safe in advance, your business can weather any storm. By making sure client companies and businesses are safe if disaster strikes, Zephyr Networks ensures future financial security even in the face of natural disaster. Call Zephyr Networks at 800-884-7559 to access the business continuity help you need in Orange County.

5 Data Security Questions To Ask A Cloud Vendor

cloud vendor, data security

Data Security in the Clouds

Do you know the data security questions you should ask a cloud vendor? Zephyr Networks understands how important it is for a company to be able to trust a cloud vendor. When you are allowing an external party to safeguard the essential data and proprietary information that forms the backbone of your business, you need to be confident in their capabilities. Although not comprehensive, the 5 data security questions below can help any business validate whether or not they want to work with a potential new cloud vendor.

5 Data Security Questions To Ask A Cloud Vendor

1) Does the cloud vendor implement controls to segregate your data from other client companies?

Since cloud vendors tend to base their business on a multi-client model, the addition of other companies opens the door to a greater possibility of attack. If a multi-client server is not properly secured, a flaw in one client application could allow an attacker access to your company’s data. This is why it is essential for each client company to be safely segregated from the others on any cloud-based server.

2) Does the cloud vendor regularly encrypt and test its backups?

If a cloud vendor does not test its backups on a regular basis and update the necessary encryption, such backups are theoretically useless. Cloud-computing server backups need to be regularly tested, monitored and encrypted with the latest data security updates.

3) Does the cloud vendor have a reliable disaster recovery and business continuity plan for its data housing server sites?

When it comes to data recovery plans and business continuity strategies, your company cannot take a chance in the internet age of 24-hour business opportunities. Make sure any cloud vendor your company chooses to work with has a reliable disaster recovery and business continuity plan to ensure the safety of your data.

4) Does the cloud vendor follow data destruction processes for computer equipment and storage devices that ensures the zeroing out of all confidential information?

Before you enter into an agreement with a cloud vendor, ask them about their data destruction process. Do they take all the necessary steps to zero out confidential information on decommissioned computer equipment and storage devices? If you move on later, will your confidential information be thoroughly wiped from their servers?

5) Can the cloud vendor provide relevant certificates and applicable compliance certifications?

There is a vast array of compliance certifications for cloud vendors that include the following; ITIL, COBIT, ISO 2700, and many more. If a cloud vendor claims to be in such compliance, ask them to show you the relevant certificates and applicable compliance certifications? If they can’t do this, there most likely is a problem.

Cloud Vendor Relationship Managed

As a proponent of cloud-based solutions, Zephyr Networks has the experience needed by our clients to secure and ensure their valuable company data. We consistently negotiate and manage a client’s relationship with a cloud vendor.  To learn more about how we can help you with cloud-based storage, data security and network security solutions, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.

Since Recorded Data Breaches Doubled In 2012, Zephyr Networks Asks How Big Will The Increase Be In 2013

In the final months of 2013, Zephyr Networks wants to point out that the number of recorded data breaches more than doubled in 2012 to 2,644 incidents. It is important to realize that these are only the recorded incidents. Companies often cover-up data breaches to protect the estimated public integrity of their business. Still, even without the additional numbers due to unrecorded data breaches, this was still a 117% increase, according to a report by Open Security Foundation.

Recorded Date Breaches

 

data breaches, cyber security, network security

Data Breaches Are Like Open Books

A co-author of the report, Risk Based Security CEO Barry Kouns agrees with Zephyr Networks when it comes to the final estimation of data breaches during any calendar year. Kouns explained the need for discrimination when analyzing the given statistics: “We must exercise caution when analyzing the number of exposed records since on average, 26 percent of the incidents tracked do not report the number of exposed records.”  

If your company had an unrecorded data breach in 2012 or 2013 that you chose to keep under the covers, please do not remain in denial. The data breach did happen, and, without proper network security precautions, it most likely will happen again. Zephyr Networks is a top provider of network security options and services. In 2012, data breaches in the business sector accounted for 60% of total incidents, followed by government (17.9%), Education (12%) and Medical (9.5%).

External Data Breaches

Nearly 77% of reported incidents were carried out by external agents or activity outside the organization, and 68.2% of the data breach incidents were carried out through hacking. In fact, hacking was responsible for 22.8% of exposed records in 2012. Internal data breaches accounted for 19.5% of incidents as company employees crossed the line into criminality.  66.7% of the data breaches led directly to exposed records of confidential information and client data.

Overall, when compared to the rest of the world, the United States amazingly accounted for 40% of recorded data breaches. Considering the population size when compared to the billions of people across the globe, this figure is both impressive and scary. What will the increase in the number of recorded data breaches be in 2013?  If you need help preventing future data breaches, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.

 

 

Designed To Help With HIPAA Compliance Issues, Will The New Google Apps Business Associate Agreement Be Embraced By Small To Mid-Sized Healthcare Companies?

Will small to mid-sized healthcare companies embrace the opportunity of cloud security integration offered by the new Google Apps Business Associate Agreement? In a recent Google Apps update connected to the HIPAA Omnibus, Google announced the introduction of the new Google Apps Business Associate Agreement for healthcare companies looking to use Google Apps. The Google Apps Business Associate Agreement provides healthcare company support through the integration of Google Apps and help with HIPAA compliance issues. The focus of the agreement is to ensure network safety and security.

Google Apps Business Associate Agreement HIPAA Compliance

Since Zephyr Networks fully supports the use of Google Apps for our client companies, it is clear that this positive step by Google will allow healthcare companies to make a cleaner transition to the security and support of cloud-based applications. The goal of the Business Associate Agreement is to remove barriers for healthcare companies to adopt Google Apps and help with HIPAA compliance challenges.

What Zephyr Networks appreciates about this forward step is the focus on helping  small to mid-sized companies that use fewer Google App services. Despite their limited use, such usage truly can improve their productivity and ensure HIPAA compliance. The Google Apps Business Associate Agreement only applies to the following Google App services: Gmail, Google Calendar, Google Drive, and Google Apps Vault.

google apps business associate agreement, hippa security

Google Apps & HIPAA Security

From extensive experience with past healthcare clients, Zephyr Networks knows the usage of such Google Apps can go a long way toward helping a business adapt to the new HIPAA requirements. Google Apps offer cloud flexibility and remote access while being safe and secure. It is a perfect combination for small to mid-sized healthcare companies faced with the challenges presented by compliance to the new HIPAA Omnibus. 

Google Apps Business Associate Agreement Questions

To sign up for the Google Apps Business Associate Agreement, a health care company representative must answer three online questions about their business:

  1. Are you a covered entity (or business associate of a covered entity) under HIPAA?
  2. Will you be using Google Apps in connection with protected health information?
  3. Are you authorized to request and agree to a business associate agreement with Google for your Google Apps domain?

Zephyr Networks Believes In Google Apps

If the response to these questions are in the positive, the company representative will be taken to the online business associate agreement. Without question, this update is targeted specifically at small to mid-sized businesses. Most larger healthcare companies already will have adopted the usage of Google Apps and other security-oriented cloud strategies to deal with the HIPAA Omnibus. If you need help with Google Apps and the decision to sign up for the Google Apps Business Associate Agreement, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.

October Is National Cyber Security Awareness Month With A Message Of Action & Intelligence: STOP. THINK. CONNECT.

October 1 marked the start of National Cyber Security Awareness Month (NCSAM) for 2013, a U.S. initiative aimed at making sure everyone has the resources they need to protect themselves online. Zephyr Networks completely supports the number one goal of NCSAM: “Each and every one of us needs to do our part to make sure that our online lives are kept safe and secure.” Although  National Cyber Security Awareness Month is focused on both individuals and businesses, Zephyr Networks has seen the threats to the cyber security of small to mid-sized businesses becoming more and more dangerous in the past year.

National Cyber Security Awareness Month

Zephyr Networks is proud to quote from the About page on the National Cyber Security Awareness Month website that illuminates the mission of the project:

cyber security awareness, zephyr networks, network solutions

STOP. THINK. CONNECT.

Cybersecurity is the mechanism that maximizes our ability to grow commerce, communications, community and content in a connected world. / The Internet is a shared resource and securing it is Our Shared Responsibility… No individual, business, or government entity is solely responsible for securing the Internet. Everyone has a role in securing their part of cyberspace, including the devices and networks they use… If each of us does our part—implementing stronger security practices, raising community awareness, educating young people, training employees—together we will be a digital society safer and more resistant from attacks and more resilient if one occurs. 

When it comes to our clients, Zephyr Networks also would like to pass on the central message of National Cyber Security Awareness Month: STOP. THINK. CONNECT. What is key about this message is that it focuses on combining action with intelligence. STOP means take a breath and look at your cyber vulnerabilities and what needs to be done. This is what Zephyr Networks does with new clients when we first analyze their business model, their network security, their cyber security and computer systems.

THINK means diagnosis before treatment for us. Zephyr Networks does not offer a blanket program for every company that comes to us for help. Instead, we diagnose the specific problems each company faces, then we offer treatment that makes sense for that company. Our goal is to help your company, not spend your valuable capital on programs and technologies that will sit idle and do nothing to protect your cyber security.

Connect With Cyber Security Experts

For Zephyr Networks, CONNECT means work with cyber experts and network professionals who are on the cutting edge of the technology industry. Nothing changes faster in our society than technology and the Internet. By connecting with our clients, the tech experts at Zephyr Networks learn about their business challenges and their real needs. We protect your cyber security by first understanding your business, then providing a cyber solution that makes sense.

One of our main goals is the same as the mission of the NCSAM: “Take security and safety precautions, understand the consequences of your actions and behaviors online and enjoy the benefits of the Internet.” To learn more about how we can protect the cyber security of your company, call Zephyr toll free at (800) 884-7559 or fill out our handy contact form.

 

 

Showing The Prominence Of Cyber Defense, Cisco To Buy Cybersecurity Company SourceFire For $2.7 Billion

At the end of July 2013, Cisco Systems agreed to buy Sourcefire, a key provider of cybersecurity services, for about $2.7 billion in cash. Reported in The New York Times and The Wall Street Journal, the acquisition reflects the growing fervor for cyber defense and the rising value of companies that can help guard against computer-based attacks. As a major Orange County provider of IT solutions and cybersecurity, Zephyr Networks  believes the efforts of major players in the technological industry to provide cybersecurity is only just beginning. Unlike the corporate giants, however, Zephyr Networks is able to deliver IT solutions and cybersecurity to small to mid-sized Orange County businesses with a desire to connect with the human face of their cyber defense.

Cybersecurity Equals Big Business

Under the terms of the mega deal, Cisco will pay $76 a share in cash, nearly 30 percent higher than Sourcefire’s closing price on Monday. The offer includes retention-based incentives for Sourcefire’s executives. Founded in 2001, Sourcefire has grown into a major cybersecurity provider. In 2012, the company reported $5 million in profit on revenue $223.1 million. Shares in Sourcefire climbed about 29 percent in premarket trading, to $76.40, over the deal price, in a potential sign that investors might be expecting a bidding war. After all, quality cybersecurity providers on the level of Sourcefire are few and far between, and there might be other bidders coming to the table.

cybersecurity, cyber defense, it solutions

Sourcefire & The Importance of Cybersecurity

In a statement, Cisco said that adding Sourcefire would take it’s portfolio of security offerings to the next-generation of excellence. “Buy has always been a key part of our build-buy-partner innovation strategy,” said Hilton Romanski, a Cisco vice president for corporate development. “Sourcefire aligns well with Cisco’s future vision for security and supports the key pillars of our security strategy.” Without question, the acquisition of Sourcefire is symbolic of the primary role that Cyber Defense has ascended to in the arena of business, technology and security.

Zephyr Networks & Affordable Cybersecurity

The focus of the work of Zephyr Networks  the IT stability and cybersecurity of our client company. If you want to find out how our IT solutions can help your company and ensure your cybersecurity , please contact Zephyr Networks today. To learn more about cybersecurity strategies that are affordable and actually work, call Zephyr toll free at (800) 884-7559 or fill out our handy contact form.

 

British Report Reveals Data Breaches And Cyber Security Incidents Increasing As Cyber Criminals Attack Both Large And Small Businesses

Data Breaches and Cyber Security incidents are not only a problem in the United States. Zephyr Networks was not surprised when a detailed British study of the state of cyber security and data breaches by the Department for Business, Innovation & Skills (BIS) revealed extensive threats and vulnerabilities in the UK. The study – The 2013 Information Security Breaches Survey – reveals the threat of cyber attacks for both large and small businesses.

Like in the United States and specifically in Southern California, it does not matter whether you have a large, small or mid-sized company. Without taking the proper cyber defense precautions, your company is vulnerable. In the UK, attacks against small businesses increased by 10% in the past year, costing up to 6% of their turnover. Zephyr Networks knows from experience that these companies could have protected themselves for much less. Small businesses were advised by the British Government  to ensure that they are protected through managing risk, staff training and increased network security. Cyber security is not just an IT challenge, it is critical to the running of any business.

Some small to mid-sized businesses, whether in the UK or in Southern California, don’t have the resources to hire a full team of information security staff. To help these businesses to protect themselves, the British government has introduce Innovation Vouchers with a value of over $7500 to be used to improve their IT security with outside expertise. Zephyr Networks wishes that either the federal government of the state government of California would follow this smart path laid out by the British authorities. If you need affordable help in Southern California, please contact Zephyr Networks for cyber security solutions that will help ensure the safe future of your business and safeguard your company’s data. To prevent data breaches, call Zephyr Networks for a free consultation at (800) 884-7559.

data breaches, cyber security, information security, cyber defense

Cyber Security Incidents & Data Breaches Increasing All Over The World

This infographic by Via Resource highlights the growing trends in UK information security breaches.

 

The United States And Japan Hold Bilateral Cyber Dialogue Conference On Cyber Security

In May of 2013, the United States and Japan held their first ever bilateral talks on cyber security and cyber defense. The focus of the Tokyo conference was the prevention malicious and intentional cyber attacks and data breaches. The genesis of the conference between the United States and Japan were the cyber attacks and data breaches by government-sponsored hackers traced back to China. Zephyr Networks fully supports such international efforts by states to address questions of cyber security and cyber defense.

Cyber Security, cyber defense, cyber dialogue

Cyber Security Leads To Bilateral Conference

Both the United States and Japan view such cyber attacks, including, hacking and the use of viruses, as a growing threat to national security. Being state-sponsored in China, the cyber attacks are becoming more and more sophisticated, demanding greater measures to ensure cyber security. The two-nation conference came in the wake of a report by the US Pentagon accusing China of cyber spying against the American government. Beijing naturally denies the allegations, saying it’s impossible to tell where the attacks originated.

Joint Statement From Cyber Security Conference

Here is an excerpt from the joint statement after the conference:

The U.S.-Japan Cyber Dialogue deepened bilateral cooperation on a wide range of cyber issues and strengthened the U.S.-Japan Alliance by:

  • Exchanging information on cyber issues of mutual concern and discussing possible cooperative measures.
  • Affirming common objectives in international cyber fora, especially the application of norms of responsible state behavior in cyberspace.
  • Supporting the development of practical confidence-building measures and the implementation of national whole-of-government cyber strategies in an effort to reduce risk in cyberspace.
  • Confirming support for the preservation of openness and interoperability enhanced by the multi-stakeholder system of Internet governance.
  • Coordinating cooperation on cyber capacity-building efforts in third countries.
  • Identifying actions governments and private sector entities can take to secure critical infrastructure.
  • Addressing the increasing role of cyber defense in national defense and security strategies and discussing new areas of bilateral cyber defense cooperation.

If Japan and the United States are able to turn these common objectives and goals into actual reality, Zephyr Networks believes the Cyber Dialogue Conference produced some real value. It will take time to see what happens, but without question as the hackers get more sophisticated, cyber security experts must do the same. If you want to learn more about how we can help your company with cyber security, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.