• 2018-04-10 15:50:30

A security warning on computer fraud, ransomware and hacking

Security Warning

There has been an increase in computer fraud, ransomware and hacking and it is very important that you take measures to protect your computers at all costs.

We have implemented WinZip with full password encryption for all sensitive data that we send out to you via e-mail. If you do not have WinZip please consider purchasing it and using it for all your software applications. Other freeware software is available but we cannot authenticate and suggest you contact your IT consultant to implement an alternative. As a last resort, and only on your express written instructions, will we send sensitive information via email that is not password protected.

Risks increase when weak passwords are used or when remote access software such as Teamviewer is always loaded and has no password protection - creating an easy access point for cyber criminals wanting to take advantage of vulnerabilities.

We have purchased Teamviewer because it has a high level of encryption and is an industry leader - but it is only a tool and is limited by how it is implemented.

In order to stay safe from hackers and fraudsters please ensure that you follow these guidelines at all times:

  • Ensure you have a good anti-virus software program installed and always up to date with latest patches.
  • Ensure your operating system is up to date and all security patches have been installed.
  • Only load Teamviewer Remote Access software when needed and shut it down completely once done. DO NOT automatically load it on startup or leave it on unless you understand the extreme risk and that your IT professional has insisted you do this.
  • Use Two factor authentication in Teamviewer.
  • Use Teamviewer’s highest security settings - each session will generate a new, unique session code valid for that one session only - avoid a standard password as it can be hacked.
  • Make regular backups using the 3-2-1 principle:
  • At least 3 different backup sets on at least 2 different media – e.g. a DVD and an external hard drive or cloud backup and at least 1 backup is kept off site - off the premises (to avoid fire damage or theft)
  • Change your Payslip, E@syfile, e-filing and banking passwords regularly and have different passwords for each - please do not use the same password for all and avoid children’s or pets names, dates of birth etc.
  • If any person other than yourself works on your computer and your passwords are given out - please change those passwords immediately after the person has gone.
  • In addition to data backups - have staff “backups”, if only one person in your organisation has the only knowledge and something happens to that person it can cause a problem - rather train a backup person to fill that position in an emergency or when the main person wants to take leave.
  • Test your backups on another computer to ensure they can be restored - a backup is only valuable if it can be restored - verify this then put the backup in a safe place.
  • Install WinZip or an alternative as per your IT professional and use it to password protect data emails being sent to our support team - and to receive data backups from them that is password protected.
     

If you are concerned about any security issues please contact your IT professional as soon as possible - or call us for a referral.

Remember that Payslip and TeamOutsourcing do not keep passwords or backups of any data. Any work done in office is returned to the client and all copies are deleted and purged off our computers within seven days so please ensure that you keep copies of the backups sent back to you.


Recent Posts

Categories