Imagine this scenario: you’re a managing director of a small business. One day, you receive an email from one of your suppliers stating that it is time to renew your annual subscription.  [Read more…]

Privileged account management (PAM) is the process of managing and auditing user accounts that have more access privileges than a standard user. Typically, these accounts incorporate IT administrator accounts, service accounts and domain accounts.  [Read more…]

Cyberattacks are one of the most pressing issues facing small and medium-sized businesses (SMBs) today. A successful attack can damage your company’s reputation, cost thousands and thousands of dollars and even put you out of business.  [Read more…]

The new year is a time for reflection and planning ahead. From a business perspective, you might look at what went well last year and what you’d like to improve on in the year to come. Chances are, you’ll have KPIs you want to hit, hurdles you need to overcome and new markets you want to reach.  [Read more…]

We do a lot of things virtually since the pandemic that we used to do in person. This can include everything from going to a PTA meeting to having your McDonald’s order delivered.  [Read more…]

If you use Microsoft Office 365 and have been enjoying all the little extras that have been added over the years (without an increase in price), it’s going to be time to pay the piper for some subscribers.  [Read more…]

Just one PC infected with malware can quickly spread that infection to all other connected devices. Time is of the essence when detecting and removing viruses and malware in order to mitigate the damage. [Read more…]

Phishing continues to be on the rise. In May of 2021, attack volume rose 281%, and in June it increased another 284%. It’s the biggest danger to business network security because it’s the number one cause of data breaches, and keeps becoming more sophisticated. [Read more…]

Last July, we wrote about the upcoming Windows 11 launch, and now the new operating system has been officially released. As usual, there is a version for everyday users and a business version, Windows 11 Pro. [Read more…]

It seems like online attacks keep getting more prevalent and dangerous. In 2020, attacks on cloud accounts increased 630% and ransomware attacks grew by 485%.

The costs from one of these attacks can be devastating, and many small businesses can’t recover. Even if they strengthen their IT infrastructure to prevent future attacks, companies can suffer from loss of customer trust that hurts business for years. 

Many SMB owners have property insurance to protect themselves from a devastating loss due to a natural or man-made disaster. This ensures they don’t lose everything and can get back on their feet after a major crisis that destroys business property.

Another type of insurance that is becoming increasingly popular is cybersecurity liability insurance. This type of insurance covers multiple costs in the event of a cyberattack and helps ensure that one data breach won’t cause a company to have to close its doors.

Typical Expenses Covered by Cybersecurity Insurance

While coverage varies according to carrier and policy details, here are some of the general costs that cybersecurity insurance can cover:

• Notifying customers of a data breach
• Restoring the personal identities of impacted customers
• Recovering compromised data
• Repairing damaged computer systems
• Damages to your business due to a data breach
• Legal bills if you are sued as the result of a breach
• Ransomware payments (in some cases)

What Questions Do You Have to Answer When Applying for Cybersecurity Insurance?

Many business owners get confused when they see the cybersecurity insurance application. It’s filled with several technical questions about your IT and data security. 

It’s best to get help from a pro, like Pro Tech Guy when filling out this type of application because if you answer a question wrong, you could end up paying hundreds of dollars more in premium costs each year than you should.

Here are some of the common questions that you’ll see on an application for cybersecurity liability insurance.

Do You Tag External Emails to Alert Employees of Origination Outside the Organization?

Phishing scams will often spoof the email address of the company they’re targeting to get employees to think it’s an internal email. An important protection against this tactic is to have an automated system in place that will alert employees when an email originates outside the organization. 

Having this system in place can reduce premiums because it helps employees avoid being fooled by clever phishing emails.

Have you Implemented SPF, DKIM, or DMARC?

Another protocol that’s related to email address spoofing is email authentication. If you see a question like this on a cybersecurity insurance application, it’s asking whether or not you’ve enacted one or more of the three key authentication protocols on your mail server.

SPF, DKIM, and DMARC are three protocols that all work together to detect when the email address shown as the sender is not actually the originating domain of the message.

Do You Use Multi-Factor Authentication (MFA) to Secure Your Cloud Accounts?

Multi-factor authentication is known to be one of the best protections against having your cloud account passwords breached. If you don’t already have this put in place on all your accounts, you should do that.

It’s an easy way to lower your potential cyber insurance premiums and put significant protection on your cloud accounts.

Do You Use a Next-Generation Antivirus (NGAV)?

This question can confuse business owners because they’re unsure what the difference is between regular antivirus and next-generation antivirus. The NGAV version is more robust and uses AI to detect anomalies in behavior. It doesn’t just match code against a database of known threats.

Do You Actively Monitor Administrative Access for Unusual Behavior Patterns?

Monitoring administrative access to your systems and cloud accounts is important to prevent an insider attack. Insider attacks can happen either from a disgruntled employee or (which is more often the case) from a hacked admin account.

Putting monitoring systems in place to spot unusual behavior, can reduce your risk of a serious data breach.

Do You Keep Track of All Software & Hardware Assets Deployed Across Your Company?

Most business owners would instinctively answer, “yes” to this question, however, they might not be aware of shadow IT being used by their employees. If you don’t have a cloud use policy in place, staff could unknowingly be weakening your data security by using cloud apps that you know nothing about for their work.

Do You Use a Protective DNS Service to Block Access to Malicious Sites?

Another inexpensive strategy that can bring important phishing protection is a DNS filter. This blocks access to sites that are known to be malicious.

If an employee is fooled by a phishing email and clicks on a link to a dangerous website, the DNS filter will identify the danger and redirect the person’s browser to a warning page.

Get Help With Basic Protections That Significantly Improve Your IT Security

Need help filling out a cybersecurity insurance policy or with putting easy solutions in place to reduce your risk and premiums? Pro Tech Guy can help your Framingham or Natick business with the basic protections that improve your IT security significantly.

Contact us today to learn more. Call 508-364-8189 or reach us online.