Featured Posts

Staying Cyber Resilient During a Pandemic

We’re all thinking about it, so let’s call it out by name right away. The novel coronavirus, COVID-19, is a big deal. For many of us, the structure of our lives is changing daily; and those of us who are capable of doing our work remotely are likely doing so more than...

World Backup Day: A Seriously Good Idea

"Cold Cuts Day," "National Anthem Day," "What if Cats and Dogs had Opposable Thumbs Day"... If you've never heard of World Backup Day, you'd be forgiven for thinking it's another of the gimmicky "holidays" that seem to be snatching up more and more space on the...

5 Security Tips for Setting Up a New Device

The last thing you want to do when you get a new computer, mobile device, or tablet is spend a lot of time setting it up. But like any major appliance, these devices are something you want to invest a little time setting up properly. Often, they’re not cheap. And you...

Staying Cyber Resilient During a Pandemic

Reading Time: ~ 3 min.

We’re all thinking about it, so let’s call it out by name right away. The novel coronavirus, COVID-19, is a big deal. For many of us, the structure of our lives is changing daily; and those of us who are capable of doing our work remotely are likely doing so more than we ever have before.

It’s not likely that cybercriminals will cut us a break during this difficult time of quarantine and pandemic outbreak. If anything, we will only see an increase of attacks and ransom amounts since this is when infrastructures of modern civilization are needed most but have the least amount of time to react and debate on paying or negotiating the price. Also, many of the cybercriminals who breach and ransom as a side job are now forced to either work from home or their shifts are completely canceled, leaving them with more time and motivation to make up their income elsewhere. This is a prime circumstance for increased cyberattacks, and individuals and businesses should be hyper aware of their behavior both online and offline.

Not only are phishing and ransomware attacks, which tend to capitalize on current headlines, on the rise, but business email compromise (BEC) is also up. BEC is when a cybercriminal breaks into a legitimate corporate email account and impersonates the real owner to defraud the business or its partners, customers, or employees into sending money or sensitive data to the attacker. With so many more people working remotely and less able to verify emailed requests from coworkers as legitimate, you can imagine how this threat could run rampant.

What follows are some tips for staying safe, both for individuals in their personal lives and for businesses with remote workers.

Cyber Resilience Tips for Individuals

What to do:

What NOT to do:

  • Do not open emails regarding COVID-19 from unknown senders. These could be phishing scams.
  • Do not click on links in emails regarding COVID-19. Email links can be used to spread computer viruses and other malware.
  • Do not download or open email attachments from unknown senders. These could contain viruses and other malware.
  • Do not click on links in social media messages, even if they are from someone you know. Your contacts’ accounts may have compromised.
  • Do not click on ads or social media posts regarding COVID-19. They may be fake and contain malicious content.

Cyber Resilience Tips for Businesses

The best defense is prevention. To prevent, you have to plan ahead.

Be prepared for remote work conditions.

Life gets in the way. Between severe weather, personal emergencies, illness, and worker wellbeing, employees need to be able to work from home for a variety of reasons.

  • Enable everyone to work from off-site locations.
  • Ensure all employees feel welcome to work from home when needed.
  • Install robust endpoint security on all devices so employees and data stay safe.
  • Give all employees access to a VPN to help protect corporate data, wherever they connect.
  • Implement measures to back up data saved on local devices while workers are remote.
  • Add collaboration tools so teams can continue to work together while physically separated.
  • Warn employees about phishing and BEC. Share the Cyber Resilience Tips for Individuals we included above, and encourage employees to be extra vigilant about unexpected invoices or other financial requests. Even when we’re all remote, it only takes a quick phone call to verify the legitimacy of an unusual request.

Be prepared for threats to your data.

From modern cyberattacks to natural disasters and physical damage, there are a lot of threats to your critical business data.

  • Protect all endpoint devices, including computers and servers, with next-generation cybersecurity solutions.
  • Create a data backup process for data availability at alternate business locations when the main office is closed.
  • Implement high-availability data replication and migration safeguards ensure data is available, no matter what happens.
  • Add protection for Microsoft Office 365 and other collaboration platforms so content stored and shared in the cloud stays safe.
  • Use a solution that includes device monitoring, tracking, and remote erase functionality so lost or stolen devices can be located or wiped.
  • Empower employees to become a strong line of defense by educating them about cybersecurity and data safety risks.
  • Make sure to use RDP solutions that encrypt the data and use 2FA authentication when remoting into other machines as the presence of an open port with RDP was associated with 37% greater likelihood of a ransomware attack.

Our Commitment to Resilience

Rest assured, we’re practicing what we preach. All of our global employees are able to work from home securely. In these crazy times, it’s more important than ever to redouble our focus on helping each other. At Webroot, we feel it’s our social responsibility to do what we can to keep one another safe, both online and offline. We hope you’ll join us in our commitment to resilience. Stay safe and healthy, everyone.

World Backup Day: A Seriously Good Idea

Reading Time: ~ 3 min.

“Cold Cuts Day,” “National Anthem Day,” “What if Cats and Dogs had Opposable Thumbs Day”…

If you’ve never heard of World Backup Day, you’d be forgiven for thinking it’s another of the gimmicky “holidays” that seem to be snatching up more and more space on the calendar.

(Did you know that single quirky duo, Ruth and Tom Roy, are responsible for copyrighting more than 80 of these holidays, including Bathtub Party Day, held annually on December 5?)

Not so, though, for World Backup Day. While, according to WorldBackUpDay.com, it was founded by a few “concerned users” on the social media site reddit, the day’s dedication is a decidedly serious one.

March 31 was established as “a day for people to learn about the increasing role of data in our lives and the importance of regular backups.”

Each April Fool’s-eve, the site invites humans all over the planet to not be fools and to back up their data. In celebration of World Backup Day, we sat down with Webroot Product Marketing Director George Anderson to see how users can ensure they stay cyber resilient by adhering to good data backup practices.

For World Backup Day, what’s the one piece of advice you’d give to a small or medium-sized business? An everyday computer user, like a parent?

Losing data used to be something that happened because a hard disk failed, a device was lost or stolen, or some other unforeseen accident made a device unusable. These remain risks. But these days, it’s just as likely your data is being held for a ransom or some nasty infection has destroyed it for good.

Up-to-date backups are essential. Remember: it’s not if something will happen to your data, but when. So, prepare for the unexpected. Easily restored data backups let you be more resilient against cyber-attacks and better able to recover customer data, financial information, business-critical files, and precious memories. Anything irreplaceable should be regularly backed up without a second thought, or worse, a passive “it won’t happen to me.”

Thankfully, many of today’s backup solutions are easy-to-use and affordable. My advice is to not become the next data loss or ransomware victim. Simply invest a little into backup software and rest easy knowing you’re covered.

Why is it important that World Backup Day be celebrated year-round? How can we keep the spotlight on backup and cyber resilience?

For those with backup technology in place, World Backup Day should be a reminder of the importance digital information plays in our daily lives, and to check up on existing backups to make sure they are being properly made and that they can be easily restored.

Unfortunately, “set-and-forget” technologies like automated backup and recovery solutions are rarely revisited – until we need them to be 100 percent. So, checking regularly that they’re correctly configured and working properly is important.

For those not currently backing up their data regularly, the day should bring into focus a glaring hole in your home or business data security. Perhaps take the time to consider the impact losing your data forever would have? Then take action.

Back up is no longer a “nice-to-have” capability. In a world where our lives are increasingly digital and our data is threated at lots of different angles, backup is crucial aspect of data security.

What’s the difference between backup and cyber resilience? Should companies be putting more of an emphasis on cyber resilience?

Backup is a key component of cyber resilience, though it’s not the only one. But it does make what could be an existential event, like a total loss of business or personal data, a setback that can be recovered from.

Cyber resilience is first and foremost about detecting, protecting and preventing attacks on your data in the first place. But then, even if your attack detection, protection and prevention defenses fail, your backup and recovery solutions ensure your data isn’t lost for good.

Cyber resilience is not a choice between security and backing up your data. It’s about covering both bases, so if a serious data compromise does occur, recovery is quick and painless to the business

This World Backup Day, take the pledge:

“I solemnly swear to back up my important data and precious memories on March 31st.”

And don’t forget to make sure that both cybersecurity and backup and recovery solutions are in place for your business or home office.

5 Security Tips for Setting Up a New Device

Reading Time: ~ 3 min.

The last thing you want to do when you get a new computer, mobile device, or tablet is spend a lot of time setting it up. But like any major appliance, these devices are something you want to invest a little time setting up properly. Often, they’re not cheap. And you want them to last. So, before you jump online and start shopping, gaming, or browsing, take some time to ensure your device is ready for anything the internet can and will throw at it.

There’s a caveat, though, of which Webroot security analysts are quick to remind users. “Even if you’ve taken every precaution when it comes to configuring your new device,” says Webroot Threat Research Analyst Connor Madsen, “it’s important to remember that proper online etiquette is essential to your security.”

“Clicking on links that don’t seem quite right, opening attachments from unknown senders, or otherwise ignoring your best security instincts is a good way to undermine any effective online security protection.”

Connor Madsen, Threat Research Analyst

For best results, in addition to the warning issued above, here are five tips for making sure your device, and the important files stored within it, are safe from common risks.

#1 – Update software

The first thing you’ll want to do is make sure the operating system on all your devices is up to date. One of the most common methods hackers use to launch attacks is exploiting out-of-date software. Failing to install periodic patches and software updates leaves your new device vulnerable to the numerous threats lurking on the web. Depending on how old and out-of-date your device is, it may take a while for applications to update. However long it takes, it’s preferable to the hassle and expense of having to undo an infection after it’s bypassed your security perimeter.

#2 – Enable firewall

Speaking of your security perimeter, the first line of defense along that perimeter is your firewall or router, if you’re using one. A router works as a firewall for the devices connected to it. But, if you’re not using a router, make sure your firewall is enabled to protect you from malicious traffic entering your network. This is different from an antivirus, which protects you from malicious files.

#3 – Install antivirus

Malicious files can be disguised as attachments in an email or links on the web, even the apps you download. So, it’s important to have an antivirus solution to protect your new computer. Malware attacks like ransomware make constant news these days. And everyone’s a target, from individual users to local businesses, hospitals, or municipalities. The cybercriminals launching these attacks are constantly changing, evolving threats to be more sophisticated and harder to detect. That’s why it’s important to keep your antivirus as up-to-date as your operating system and other applications.

#4 – Back up

Once you have your operating system and applications updated, your firewall enabled and an effective anti-virus application, you can begin using your computer safely. But there’s one more thing you need to consider if you’re going to be creating and storing important documents and work material on your new machine. Any new files on your computer will need to be backed up. That’s when you make a copy of the contents on your machine and store it in a safe place just in case you lose the original or it becomes infected by a virus. Since no single security solution can be 100 percent effective, it’s best to have a backup copy of important files. The thing is, you don’t want to have to decide what’s worth backing up and what’s not. That’s far too labor-intensive and it introduces the possibility of human error. Your best bet is to use a solution that’s designed for this purpose. A true backup solution protects files automatically so you don’t have to remember what you copied and what you didn’t. It also greatly simplifies file recovery, since it’s designed for this purpose.

#5 – Wipe your old device

Just because you have a shiny new toy doesn’t mean you can forget about your old machine. Before you relegate it to the scrap heap, make sure there’s nothing important or confidential on it you wouldn’t want someone to have access to. You could have old passwords saved, tax records, or sensitive work documents that you wouldn’t want shared. The best way to do this is to wipe the contents of your old device and reinstall the operating system from its original state.

Seem overwhelming? If so, it’s best to remember that one of your strongest cybersecurity tools is common sense. While things like an antivirus and backup strategy are essential for maintaining good cyber hygiene, remember Madsen’s advice.

“If it seems like an offer that’s too good to be true, or something about a link or file just doesn’t seem right, don’t click or download it. Trust your instincts.”