If you ask people about cybersecurity, they will probably start talking about hackers breaking into a company's computers from hundreds of miles away. However, a threat just as destructive could be hiding inside that company's offices. This is commonly referred to as insider threats. These insider threats typically fall into two groups. The first group consists of careless employees who fail to properly secure their computers. The second group includes malicious workers with insider access. These people either steal information from within an organisation or allow cybercriminals to access their company's networks. Recognising Insider Threats After studying cases of insider threats, fraud, and embezzlement, criminologist Donald Cressey developed the Fraud Triangle theory. He claimed that these types of crimes occur when three elements are present. First, the criminal must feel pressure to commit the crime, either out of greed or desperation. For example, an employee who is in sudden need of a large amount of money might be tempted to participate in an insider attack. The inability to pay for a substantial medical bill is often cited as a popular example of this situation. The other two elements in the Fraud Triangle are opportunity and rationalisation. To commit the crimes, the perpetrators must have the ability to do so. However, they must also convince themselves that their actions are acceptable. This rationalisation twists the event in such a way that they do not consider it a crime. Instead, they usually convince themselves that they are just borrowing the money or that the company deserves the attack because it is corrupt. To identify these elements of an insider threat, organisations need to pay attention to their employees' actions, character traits, and personal circumstances. To this end, the U.S. Computer Emergency Readiness Team (US-CERT) — a division within the U.S. Department of Homeland Security — published the Combating the Insider Threat report. It lists character traits of insiders who are at risk of becoming a threat. The traits include: Introversion A sense of entitlement A lack of empathy An inability to assume responsibility for their actions A weak sense of loyalty toward the company An inability to accept or tolerate criticism While displaying a couple of these traits is fine, anyone who exhibits many of them should be flagged as a possible risk. There are also behavioral signs that can point to an insider threat. If staff members work at odd hours without authorisation, remotely access the company's network while on holiday, or unnecessarily copy documents, they may be preparing for or participating in an insider attack. Defending against Insider Threats Out of the three elements in the Fraud Triangle, companies have the most control over opportunity. By following the principle of least privilege (i.e., limiting employees' access to the minimal level that will allow them to perform their job duties) and using access control tools, organisations can more effectively prevent incidents involving insider threats, according to the Insider Threat Study. As part of these efforts, you should record when employees access the company's network and how many files they typically handle. This will help you discover when staff members are, for example, printing files in their off-hours or saving a substantial amount of files to a USB drive. Similarly, managers should set up a schedule for reviewing employees' network access levels. You can address the rationalisation and pressure elements of the Fraud Triangle by regularly interacting with your employees. Set up feedback forms and anonymous surveys so that they can express their frustrations constructively. For this strategy to work, you have to tackle these complaints in an open and honest manner. Companies can also improve workplace morale by instituting a program that recognises and praises outstanding employees. A warm attitude toward staff members makes it less likely that one of them will attack the company out of spite or anger. Since insider threats sometimes stem from carelessness or a lack of understanding, it is also important to educate employees about cybersecurity. You need to develop an IT training program that will teach your staff members about how to use their computers in a secure manner. Your best defense against insider threats By being proactive Multi IT has an incredible threat detection rate that has saved hundreds of businesses and people. Our advanced cyber security solutions detect possible threats and security breaches before they happen by identifying initial attempts. Contact us today or phone us on 011 435 0450 to discuss you requirements.

If you are thinking about implementing Unified Communications Management in your business, it’s worth taking a deeper look into the many benefits. Here are my top 5 reasons why Unified Communications is a must in any business. 1. Incorporate different communication features to enhance collaboration What if you could multitask on different devices to get more done? With the the UCM series you can. A great feature of the Unified Communications Management (UCM) series from Grandstream is the ability to access a wide variety of different technologies on one powerful, integrated network. Where old phone systems could only support telephony/voice, IP-based UC networks can support pretty much any type of technology, allowing you integrate on one network. For example, integrating devices so that video cameras can call video phones when an alarm is triggered. 2. Create, unify and manage multiple networks under one roof Another powerful feature of UC is the ability to streamline IP communications. That’s because UC has centralised functionalities that allows businesses to peer with multiple spaces. The UCM series (also know as IP PBX) is ideal for businesses with multiple physical office locations and remote workers, as multiple UCMs can be peered together. It even offers a centralised UCM that can support multiple locations. Keeping everything on the same network (regardless of physical location) makes set up and maintenance as easy as possible. That’s unification at its best.  3. Ideal for supporting future expansion Expanding your network just got easier. Thanks to the broad SIP device support of IP (and the UCM), you can add any type of device and technology to your network at any time. This includes fax, video surveillance, video conferencing, facility access (door cameras), video calling, mobile phone support, security devices like session border controllers (SBCs) and more. Making expansion fast, easy and manageable.   4. SMBs can operate & compete under a global scale With different communication options from UC, a small business can multiply their communication flow, increasing their size but not their workload. This allows SMBs to compete with any business on a global scale thanks to cost-effective features that are easy to manage. Businesses can use Grandstream's UCM series to create and unify multiple technologies, including video conferencing and calling, video surveillance, door cameras, fax, plus more.   5. Save money & enhance your IP-based communications What’s better than drastically improving your IP-based communications? Saving money at the same time! IP communications reduce telecom and long distance costs between office locations and remote workers. It saves on cell phone bills by routing domestic and international calls made on a smartphone through VoIP. It also allows you to build one network that can be shared by all locations rather than having to build multiple networks for each office and each type of communication device.  The next steps to Unified Communications for your business Multi IT & Telephony Solutions have over 30 years in the ICT sector and as such are Telecommunication experts. Whether you need an enterprise 3CX solution or the more pocket friendly Grandstream PBX we are able to take your communications to the next level. Contact us today to discuss your communication requirements.

The number of ransomware attacks is increasing at an alarming rate, making ransomware the biggest cyber threat that businesses are facing today. To see this disturbing trend, you only have to turn back the clock to the beginning of 2016. There was a 30 percent increase in the number of ransomware attacks in the first quarter of 2016 compared to the fourth quarter of 2015, according to Kaspersky Lab's "IT Threat Evolution in Q1 2016" report. The situation is getting so serious that the United States and Canada issued a joint cyber alert about the dangers and prevalence of ransomware attacks. The alert recommends that businesses take preventive measures to protect their computers from ransomware infections. So, what should you do to protect your business? First, you need to learn what ransomware is and how it is spread. Armed with this knowledge, you can take measures to secure the points at which ransomware might enter your business. You also need to prepare for the worst-case scenario — a ransomware infection occurring, despite your best efforts to prevent it. What Ransomware Is and How It Is Spread Ransomware is a type of malware that cybercriminals use to extort money from businesses and individuals. It usually encrypts files, but it also might lock computer systems. The cybercriminals then demand a ransom for the private key needed to decrypt the data. Cybercriminals use a variety of techniques to spread ransomware. One common way is to use phishing or spear phishing emails that try to trick the recipients into clicking links or opening attached files. If they fall for the ruse, their computers will likely become infected with ransomware. The Locky ransomware attack in February 2016 is a good example of this distribution technique. Cybercriminals sent out phishing emails that included an attached Microsoft Word document, which contained a malicious macro. Recipients who opened the attachment and enabled the macro had their computers infected with the Locky ransomware. Another common way that cybercriminals spread ransomware is through drive-by downloading. Cybercriminals either build a malicious website or post a malicious advertisement (aka malvertising) on a legitimate one. When users visit one of these websites, code is installed on their computers without their knowledge. The code usually redirects the users' browsers to a server where an exploit kit tries to find a known vulnerability. If one is found, it is used to install malware. In April 2016, cybercriminals delivered the Locky ransomware this way. They took advantage of a vulnerability in Adobe Flash Player to install Locky on users' computers. Cybercriminals do not just stick with their old tricks for delivering ransomware. They also come up with new ones. For example, in a series of attacks during March and April 2016, hackers exploited a known vulnerability in servers running Red Hat's JBoss software to install backdoors, which they then used to deliver ransomware. How to Protect Your Business from Ransomware Attacks When it comes to ransomware, you need to do all that you can to prevent the infection. Consider taking these preventative measures: Use anti-malware software. It helps detect and block known ransomware and other kinds of malware. Update operating system software and applications regularly. Cybercriminals like to target programs with known vulnerabilities. Patching these vulnerabilities reduces the number of exploitable entry points. Keep email filtering tools up-to-date. These tools use various filters to help weed out phishing emails and spam. Most email programs include filtering tools, but you can also purchase advanced filtering solutions. Teach employees how to spot phishing and spear phishing emails. Be sure to discuss how dangerous it is to click links and open attachments in emails, especially if they are from unknown senders. Make sure that Word macros are disabled on any computer running that application. A ransomware attack can be initiated by malicious commands hidden inside a Word macro. Educate employees about the importance of avoiding any websites marked as potential security threats by their web browsers or anti-malware software. Those websites might contain malvertising or other malicious code. Cybercriminals are constantly devising ransomware variants and new ways to spread them, so you need to prepare for the possibility of an infection. Specifically, you should regularly back up your files as well as test those backups. If you know you can recover your files from backups, you will not have to give into cybercriminals' ransom demands should your business fall victim to a ransomware attack. Waiting to Act Could Be a Costly Mistake Now is the time to take action to prevent ransomware infections if you have not yet started. Waiting could be a costly mistake. Besides the expenses incurred from having to restore your systems and files, there will be lost income due to the disruption of your business operations. Contact Multi IT & Telephony Solutions now to get a full free threat assessment for your business now. Multi IT have over 30 years experience in the IT industry and are leading IT security experts in South Africa. Contact us now