• Facebook
  • Twitter
  • LinkedIn
  • Instagram
  • FAQs
  • Careers
  • Privacy Policy
  • Remote Support
(403) 237-7750
The ITeam
  • Home
  • Services
    • Managed IT Services
    • Cyber Security Calgary
      • Email Security
      • Security Training
    • Cloud Services
      • BaaS
      • IaaS
      • BCDR
      • DRaaS
      • Hosted Services
      • Microsoft Azure
    • Microsoft 365 Services
  • Industry
    • Construction
    • Healthcare
    • Oil & Gas
    • Legal Firm
    • Accounting
    • SME
    • Clients & Achievements
  • Your ITeam
    • Careers
  • Blog
    • News
  • Business Assessment
  • Contact Us
  • Menu Menu
  • Home
  • Services
    • Managed IT Services
    • Cyber Security Calgary
      • Email Security
      • Security Training
    • Cloud Services
      • BaaS
      • IaaS
      • BCDR
      • DRaaS
      • Hosted Services
      • Microsoft Azure
    • Microsoft 365 Services
  • Industry
    • Construction
    • Healthcare
    • Oil & Gas
    • Legal Firm
    • Accounting
    • SME
    • Clients & Achievements
  • Your ITeam
    • Careers
  • Blog
    • News
  • Business Assessment
  • Contact Us

Archive for category: Email Security

The Impact of the U.S. Government Eviction of Kaspersky

October 24, 2017/2 Comments/in Cloud Security, Cybersecurity, Email Security /by James Wagner

The threat of Russian interference in the activities of the U.S. government, a drama that has been unfolding over the past several months, is now one that has entered the realm of cybersecurity.

The FBI is currently investigating whether Kaspersky Lab, a provider of anti-virus and cybersecurity software, has ties to Russian military and intelligence.

A leader in cybersecurity, with 400 million users worldwide, company leaders have denied ties to Russian military and intelligence since Kaspersky Lab was established in 1997.

As a measure of precaution, however, the U.S. government recently announced that agencies have 90 days to remove Kaspersky software from their systems.

This software ban could set a concerning precedent for the global cybersecurity industry.

What Are The Concerns?

Kaspersky software was once a major component of the U.S. government cybersecurity strategy, with anti-virus products protecting privileged files.

There are now concerns from top government officials that at any point, the Russian government could place pressure on Kaspersky Lab to allow access to critical U.S. government information.

Despite Kaspersky’s denial of any allegations and their offer to allow the U.S. to inspect its source code, security officials no longer have faith in Kaspersky products.

This is based on the ability to access and compromise federal information that could impact national security through an undetected back door.

What Does This Mean For Borderless Cybersecurity?

Currently, the global cybersecurity industry relies on mutual trust among the top firms.

Kaspersky Lab, in partnership with U.S. software firm, Symantec, identified the Regin trojan, a cyber-weapon already deployed throughout the intelligence community that could yet have international repercussions.

However, this movement to establish borders on cybersecurity not only restricts the flow of critical information that could be used in mitigating threats, but it shifts the level of confidence from one of trust to that of suspicion.

Ultimately, the ensuing defence posture will hinder efforts to prevent global threats.

Best Buy has also taken action, removing Kaspersky products from their shelves, but their software products are still widely used in many American and Canadian households.

Eliminating Kaspersky products completely will involve an entire shift in the national security infrastructure, significantly impacting cybersecurity.

The successful management of cybersecurity threats has relied on an international pool of experts.

The Kaspersky ban, despite good intentions, could impact government and private businesses, as credible cybersecurity threats may go undetected.

Confining cybersecurity to national software has the potential to reduce some risks, yet exacerbate others, and the entire industry will feel the impact either way.

If you are concerned about your cybersecurity, want to explore options beyond Kaspersky, or have insight into the impact this will have internationally, we’d love to hear your thoughts. Please comment below or join our conversation on Facebook.

Closing the Security Gaps: Employee Passwords

July 25, 2016/in Email Security /by James Wagner

Closing the Security Gaps: Employee Passwords

In our lives, passwords are the keys to everything we do, from logging in to our personal online banking to paying our bills.

Infоrmаtiоn about our реrѕоnаl lives, buуing hаbitѕ, credit ԛuаlitу аnd lifеstyle are valuable tо those whо саn рrоfit frоm it.

For corporations, that data hаѕ еvеn greater wоrth.

Intangibles such as intеllесtuаl рrореrtу, сliеnt liѕtѕ, mаrkеt ѕtrаtеgiеѕ, pricing and соmреnѕаtiоn, along with copious amounts of personal data on each customer, often account for the majority of the vаluе оf thе mоdеrn enterprise.

Therefore, the passwords we use at work – to access email, data files, and networks, are crucial protection points between us and hackers.

Wеаk оr compromised раѕѕwоrdѕ are the easiest wау fоr hackers to gаin еntrу intо a system.

Simрlе оr short раѕѕwоrdѕ саn bе еаѕilу diѕсоvеrеd through brutе force or “diсtiоnаrу”  attacks which concentrate intense соmрutеr роwеr to break through.

A two letter раѕѕwоrd, fоr еxаmрlе, hаѕ оnlу 676 соmbinаtiоnѕ.

A password with еight lеttеrѕ оffеrѕ mоrе safety with 208,000,000 combinations.

Enterprise Security Starts with Personal Password Requirements

Anyone who accesses your network, whether employee, client, vendor or other stakeholders, should be required to use complicated passwords to access everything from databases to email.

Idеаllу, a password ѕhоuld соnѕiѕt оf 8 or more characters and should be comprised of a mixture of uрреr аnd lower case lеttеrѕ, ѕуmbоlѕ аnd numbеrѕ.

Miсrоѕоft security hаѕ еnсоurаgеd the concept оf thе “Pаѕѕ Phrase” as аn аltеrnаtivе.

A рhrаѕе such as,”TheLastGoodBookUBoughtCost$25!” hаѕ all of thе needed еlеmеntѕ but is also еаѕу tо rеmеmbеr, since being able to remember the password is the key reason employees tend to create simple passwords.

Human Failsafes

Policies should be in place to govern passwords used to access company data of any kind that prevent:

  • Sharing passwords
  • Writing them down
  • Storing them on a computer or phone

It might seem like it would be common sense, but having a policy in place that spells it out is worth the effort.

People are the biggest security risk.

We are wired to respond to phishing attempts to gain access that play on our fears and worries.

We also are busy, forced to remember many passwords, and tend to use the same ones again and again. We’re also trusting and apt to share a password.

Layered Security

To mitigate the risk, lеаding firms аrе аdорting a dеfеnѕе strategy utilizing thrее еlеmеntѕ tо bеttеr ѕаfеguаrd thеir infоrmаtiоn.

Thе thrее lауеrѕ оf аuthеntiсаtiоn consist оf:

  • A strong password or passphrase
  • A crypto-key, smartcard, or token
  • Biometrics (fingerprint, etc.)

Protecting data is a never-ending battle as hackers become more and more sophisticated.

Companies must take strong stances on every point of entry that might create risk, including employee passwords.

Employee password security policies are essential to business continuity.

Phishing and Spoofed Emails Threaten Corporate Email Security

January 13, 2016/in Email Security /by James Wagner

Phishing and Spoofed Emails Threaten Corporate Email Security

Twenty years ago, corporate email security was not an issue that business leaders had to contend with.

Today, phishing and spoofed emails account for nearly half of all emails sent – and that’s a 12-year low!

As technology becomes more prevalent in every part of our business and personal lives, cybercriminals have become more and more creative in finding ways to con employees into clicking on links or taking actions that put companies at risk.

This has collectively cost businesses in Canada more than $19 million in 2014.

Email Security Threats Become More Sophisticated

A new wave of spear phishing – highly targeted, researched emails that are even more likely to deceive your employees because they look so legitimate – has been targeting Canadian companies.

Alberta businesses are not immune.

Last fall, 75,000 members of the Alberta APEGA were the victims of a spear phishing scheme.

The ITeam recommends that every organization take immediate steps to improve email security, including these steps:

1. Provide Ongoing Training to Employees 

According to the 2015 Verizon Data Breach Report, employees are one of the biggest risks, with 23 percent of recipients opening phishing messages and 11 percent of those clicking on the links.

Ongoing training, reminders, and even phishing email tests can help educate your employees on how to better resist the deceptions.

As business leaders and industry professionals, we must provide constant reminders about being more cautious.

Institute policies that govern what actions can be taken from an email.

Encourage employees to verify with the sender (in person or over the phone) if they were really the ones to send the email before opening attachments, wiring money, or clicking on links.

2. Implement Multi-Layer Security 

To prevent some of these targeted emails from getting through, you must implement tough, layered security protocols.

Every organization should have firewall protection, virus protection, and malware detection software.

In addition, email encryption solutions can protect data and limit access, and additional policy-based email security can be implemented to detect keywords that are likely phishing triggers, such as “credit card,” “wire,” “bank transfer,” and others.

3. Establish Robust BDR, MDM, and BYOD Protocols 

To mitigate risk, in case the worst does happen and an employee clicks on a link that leads to malware or ransomware infection, be sure you have stringent Backup and Disaster Recovery (BDR) protocols in place to protect your data.

It’s necessary to ensure that every device being used by employees is protected. Develop Mobile Device Management (MDM) and Bring Your Own Device (BYOD) policies that require the devices to have protection and allow you the ability to remotely delete them from your network.

4. Adopt Sender Policy Framework (SPF) Best Practices 

To prevent even more spear phishing attempts, implement Sender Policy Framework (SPF).

Sender policy framework is an easy-to-implement email validation tool.

The SPF communicates with email providers and tells them that the email is coming from an approved domain (the company website, newsletter service, or approved third-party sender).

The ITeam will work with your Alberta business to customize a cost-effective solution. We offer a comprehensive email security plan that will protect you against email security threats. Contact us for a free consultation.

Page 3 of 3123

Request An Assessment

  • This field is for validation purposes and should be left unchanged.

Request your complimentary business assessment below. We will contact you within 24 hours.

Categories

  • Asset Management
  • Azure
  • BDR
  • Business Continuity
  • Cloud Hosting
  • Cloud Security
  • Compliance
  • Cybersecurity
  • Data Privacy
  • Dental IT
  • Disaster Recovery
  • Email Security
  • Energy IT
  • IoT Security
  • Legal IT
  • Managed IT
  • Mobile Device Management
  • Multifactor Authentication
  • Network Assessment
  • News
  • Office 365
  • Ransomware
  • Security Alert
  • Small Business IT
  • VCIO

Pages

  • Accounting Firms & Accountants
  • Blog
  • Business Assessment
  • Careers
  • Clients & Achievements
    • Kemp Orthodontics
    • The Power of Partnership – Wood Group
  • Cloud Services
    • Backup as a Service (BaaS)
    • Business Continuity & Disaster Recovery (BCDR)
    • Infrastructure As A Service (IaaS)
  • Construction
  • Contact
  • Cyber Security Calgary
  • Disaster Recovery with HC3 by Scale Computing
  • Email Security
  • Healthcare Clients
  • Hosted Services
  • IT Services Calgary
  • IT Services FAQ
  • Legal Firm
  • Managed IT Services
  • Master Services Agreement
  • Microsoft 365 Services
  • Microsoft Azure
  • News
  • Oil & Gas
  • On Demand IT Services
  • Privacy Policy
  • Security Awareness Training
  • Small and Medium-Sized Enterprises (SMEs)
  • support
  • Terms Of Service
  • Thank You
  • When is Your Business Ready for Managed IT Services
  • Why setting up a business in Calgary Is a Good Idea
  • Your ITeam

CONTACT US

Sales:
Phone: (403) 750-2540
Email: sales@theiteam.ca

General Inquiry:
Phone: (403) 237-7750
Email: info@theiteam.ca

Service & Support:
Phone: (403) 750-2525
support@theiteam.ca

FIND US

The ITeam IT Support Calgary
Suite 200, 1210 8 Street SW
Calgary, AB T2R 1L3
(403) 750-2540

Office Hours:
Monday to Friday: 8AM to 5PM
(Mountain Standard Time)
IT Support Calgary The ITeam $$ (403) 750-2540 Calgary, AB
5

stars

"The ITeam provides peace of mind with high level security and superb customer service." - Jeff B.

OUR SERVICES

  • Managed IT Services
  • On Demand IT Services
  • Hosted Services
  • Clients & Achievements
LinkedIn | FB | Twitter | Instagram
Privacy Policy
Copyright © 2020 The iTeam.ca | All Rights Reserved
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
Scroll to top

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.

OK

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Accept settingsHide notification only