It is so easy to get comfortable when we’re not in the office. We often lose track of how to keep our data and that of our company’s safeguarded. Whether you are back in the office or still working from home, we all can benefit from a refresher course on safely working remotely. Let’s take a quick look at the “Do’s and Don’ts” of remote work.

This past week, Howard University had to cancel classes due to “unusual activity on the University’s network.” As a result, their Enterprise Technology Services (ETS) team shut down the school’s classes for the day to investigate the situation, which they identified as a ransomware attack. This ransomware attack brought to light the consideration of how deep and wide the net can be cast on any one entity. An incident like this forces us to pause and consider the range of data that could be compromised. A university or college is like a mini-city.

Recently, President Biden met with leaders in the private sector as well as those in education to discuss the need to address cybersecurity threats to the nation and efforts needed across the board. The increase in incidents and the ongoing threat of attack transcends all invisible borders that we put on humans or businesses. In other words, cybercriminals don’t care about your race, religion, income, or the industry that you work within. Data is valuable to them, and they will obtain it however is necessary. This meeting was held to unify efforts so that collectively we are fighting the battle against hackers with the hope of having a more significant impact. The outcome of the meeting was as follows…

We recently saw the mobile phone carrier T-Mobile fall victim to cybercriminal activity when a hacker accessed the personal data of their users. T-Mobile learned of the breach via claims that were made on an online forum. This breach led to an investigation and the hiring of cybersecurity experts to help with the situation. As a result of this breach, experts were hired at expert-level salaries to write press releases and create web pages with all the information users would need. Additionally, new customer service channels needed to be established to answer questions, and help with identity monitoring for all individuals affected, as well as much more. 

We are constantly online and reachable. Whether it is via our phones or that we are sitting at the office on our computers, someone can always reach us. In most situations, that is the point. We live in a time when work is always happening, and no time is off-limits. The average employee receives around 121 emails per day, and I would guess that since the onset of COVID-19, that number has increased. How much "work" are you actually getting done with the constant ping of new emails or messages from applications like Teams?

Trends come and go, and keeping up with them when it comes to pop culture or fashion might be challenging, but when it comes to cybercrime, you'll likely never be ahead of the hackers. Their ability to adapt their tactics and tailor them to be more effective is constantly changing and challenging to keep educated on.

Recently, Barracuda released a report that reviewed data spanning from May 2020 through June 2021, which analyzed over 12 million email attacks at approximately 17,000 organizations. They discovered that these phishing attacks are increasing in complexity, and the old tactic of fighting them off with rules, blocked lists, or outdated policies is no longer working. The spam tactic of one hacker hitting many users at once is being refined to sophisticated criminal organizations which target with sometimes a single email.

As an Information Technology company, many think we look at the world through “tech-colored glasses.” In some regards, this is true, although we must view each of our clients with a different pair of “tech-colored glasses." One primary focus the majority of our Pendello clients need is to be compliant. There are a multitude of industries that are required to adhere to specific rules and regulations. The healthcare community that handles protected health information is one of those industries, but there is a great deal of confusion about being HIPAA compliant and cyber-secure. Let’s take a look at what being HIPAA compliant means regarding cybersecurity.