Cyber Security Breakfast 2/7/18
On February 7, 2018, Warwick hosted an educational breakfast for local businesses on the important topic of cyber security. We were joined by Jonathan Hymen, partner at Meyers, Roman, Friedberg & Lewis, and Chris Zito of Zito Insurance. To learn more about the event and the topics that were covered, watch the video or read this blog post.
Phone Hacking Video
Picture this: The office manager runs into your office, a look of pure panic on her face, an envelope in her hand. It’s your company phone bill. Someone has racked up thousands of dollars in charges calling the Psychic Hotline, thousands of dollars that you must now pay. You probably don’t have a psychic-loving employee wondering when he will meet his true love. Chances are, your phone system has been hacked.
Here’s how it works: Hackers, often from other countries, lease premium rate phone numbers, the kind often associated with sex chat or psychic phone lines—1-900 numbers here in the U.S. These numbers typically charge dialers up to a whopping $1 a minute. The hackers then break into your business phone system, often over a weekend to avoid detection, and make calls from your system to their premium number. They get a cut of the charges from every call.
Here’s the part that’s even scarier. Thanks to today’s high-speed computers, the hackers can make hundreds of calls to their premium numbers simultaneously, as many as 220 minutes’ worth of calls in a single minute. Do the math. According to the Communications Fraud Control Association, this type of scam cost victims nearly $4.73 billion globally last year, up nearly $1 billion since 2011.
While this type of fraud isn’t new, its popularity with hackers has exploded with the emergence of Voice-over-IP (VoiP) technology. There’s more bad news. Since IP phone systems often share the same data network as other IT systems, a phone system breach may also lead to a breach of other IT systems, and vice versa, which hackers are happy to exploit.
Because major carriers tend to have sophisticated fraud deterrent systems in place to catch hackers before they run up large bills at the carrier’s expense, and can afford to credit their customers for fraudulent charges, small businesses are more often the victims of phone system hacking. Small businesses often use local carriers which lack adequate antifraud systems.
What can you do? It’s not all doom and gloom. There are concrete steps your company can take to protect against phone system hacking. If your business does not use international calling, have your carrier turn off that capability. If you do need international or long distance calling, create passwords or specific account codes to authorize the use of the long-distance line. This is also done through your carrier.
Secure your passwords. All of them. This includes your mailboxes, users, system, configuration assistance, conference codes—all of them. Create a safe and secure Password Policy, including frequently changing your passwords, and creating safe passwords.
Finally, ensure that your internet router is configured for blocking unauthorized traffic. Don’t let the hackers win. Take these steps to secure your phone system, and hopefully your next psychic reading will be nothing but good news!
3 Simple Data Security Tips for Every Organization
Hello everyone, thank you for joining us today. I am Mike Johnson, the Chief Problem Solver here at Warwick. I just want to spend a minute with you today to go over three critical data security components. If you’re handing these properly then you’re handling the majority of your risk mitigation.
Let’s start with patching. Microsoft does it and Apple does it on your phone. Anytime you’re getting an update, they are fixing holes in their software that could potentially be exploited. Making sure that patching happens on a frequent basis, and that you’re aware of it, is critical. If you don’t have a patched machine, you could have an exploit where you would need to use an Anti-Virus or Anti-Malware software. Virus’ and malware are different; not all malware are viruses but all viruses are malware. And they can cause a lot of havoc, especially on an un-patched machine. So, you want to have those running at the same time.
Secondly, let’s discuss complex passwords. Security is only as good as the weakest password. So, if you don’t have some kind of password rules, you should put those in place. These may include passwords that are 8 characters long, include upper and lowercase, include special characters, etc. And also, be sure users change them frequently. If you want to relax on passwords, enable multifactor authentication so that there are two things a person must crack in order to get into your system, such as a password and a text to your phone or a fingerprint.
Lastly, end user training. Knowledge goes a long way. So, educating your end users a bit to let them know what to look for in a threat is crucial. There are even companies who can provide this service for you.
If you have any questions regarding these topics or want a little more information, feel free to contact us and we will get back to you as soon as we can!
COSE interview at BizConCle with Warwick’s Heidi Murphy, VP of Finance
Heidi and I are here at BizConCLE 2016 to discuss some of the things her company is thinking about in regards to changes in technology and customer service moving forward.
Q: We talk about how the whole definition of customer service is changing with the shift of devices, demands and time. How is that affecting the way you’re planning for 2017 in terms of working with your clients?
A: Well, we’ve always considered ourselves a very customer-centric company. So, as we are seeing mobility and connectivity and all of these different technologies come into play, we are really looking at how our customers want to interact with us and how they want to interact with their customers. So, maybe it’s changes in the way they operate call centers. Maybe they want to receive service calls via text or social media. We really just try to think about any way we can better enhance that customer experience.
Q: It’s very interesting. I don’t know of many websites that you go to now without a chat window popping up. If you aren’t doing that on your site right now, are you way behind the times?
A: It’s funny because there are a lot of different perspectives on it. Some customers won’t go anywhere they can’t find immediate gratification while others still want a live person answering the phone. It’s about getting a true understanding of your customer and how they want to communicate with you. Are you dealing with millennials who want to do everything via text message or are you dealing with old school customers who want that friendly voice on the other end of the phone?
Q: So, as you’re planning with your clients and are thinking of their needs, are you making all of these solutions possible or do you recommend they pick just one?
A: Really, it is up to the customer. We can do a variety of things but at the end of the day, we want to make sure their customer touch points are what their customers really want.
So the big takeaway here is that we have to think about who the customer is and how communication needs to happen for them. And, technology is there for the answer. That’s three minutes-ish with Heidi from Warwick. Thanks, Heidi!