Neglected Software Vulnerabilities and Their Costs

Neglected Software Vulnerabilities and Their Costs

Cyber insurance is essential for the internet-connected business. Yet, when was the last time you reviewed your policy? You may find new text outlining coverage for neglected software vulnerabilities. You may not even know what that involves. This article explains these vulnerabilities and how to avoid their associated costs.

Cyber insurance typically helps cover the costs associated with the following common risks:

• network security failure;
• class action litigation;
• regulatory fines related to violating standards or privacy legislation;
• business interruption.

Still, cyber threats always evolve. As a result, insurance companies continually rewrite their policies to cover risk areas. More insurers are adding neglected software vulnerabilities to their policies. Here’s what that means for your business.

What is a neglected software vulnerability?

Keeping your software current is an important best practice. It’s your responsibility to check for vulnerabilities and protect your systems. The National Vulnerability Database (NVD) informs businesses globally of known threats and patches available.

Patching the vulnerability helps prevent business losses, yet you may not be able to do so right away. You may need to test the update’s compatibility and capacity before installing it.

Still, once the NVD publishes a vulnerability and its patch, many insurers give you 45 days. If you fail to address a known threat, that's considered neglect. The longer you neglect that vulnerability, the more responsibility you’ll bear.

The costs of a neglected software vulnerability

Software vulnerabilities can lead to network failure, business interruption, and liability. You could end up needing to cover:

• IT forensics;
• data restoration;
• legal expenses;
• lost profit;
• credit monitoring and identity restoration;
• expenses for implementing workarounds.

Yet insurers cover neglected software vulnerabilities on a sliding scale. Once you know about a vulnerability, you're expected to patch it. So, the longer you wait, the more you'll pay.

Chubb, for example, shifts more risk to their policyholders after 46, 91, 181, and 366 days. The limit of insurance covered might start at $1,000,000 with zero percent coinsurance costs. For neglected exploits 46–90 days old, the coverage falls to $500,000, and coinsurance increases to five percent.

Addressing software vulnerabilities

Cybercriminals continue to exploit publicly known vulnerabilities. Why? Because organizations continue to neglect patching and upgrading against known security risks.

Your attack surface grows when your business adds applications, merges with another organization, or allows employees to bring their own devices to work. Using legacy software that has reached it’s end of life can also leave you vulnerable.

Scanning your software for vulnerabilities could expose many risks. You may need to prioritize which to patch first. It can help to consider which ones pose the greatest risk to your mission-critical systems.

Lack the expertise to detect and mitigate vulnerabilities? A managed service provider can help keep your software up to date to prevent exploitation.

A-M-S-Computers                                                                                                                                    6148 Ridge Rd.                                                                                                                                    Port Richey, FL 34668                                                                                                                        Call us today at 727-645-6956

 

Easy Upgrades for your Home Office!

Working from home wasn’t novel when the pandemic hit, yet COVID-19 forced businesses globally to give remote work a real try. Two years later, employees have a new view of modern work. Many expect to work from home, at least part-time. If you’re “commuting” daily within your home, you’ll want to consider these easy upgrades for your home office.

First, an uninterruptible power supply (UPS) can save you a lot of stress. Although common in the business environment, homeowners may not have thought about one. A UPS allows your computer to keep running in the event of a power outage. Think of the UPS as a backup battery giving you a short window of energy to protect your data. They can also regulate voltage in the event of a power surge.

With a UPS, size typically matters: the bigger the battery, the more power it will store. So, consider what technology you’ll want to keep up and running and for how long.

Size can also matter with your computer monitor. Working on a laptop can be convenient, but the screen will be smaller. Setting up your home office with a wide monitor can lead to productivity gains. This is especially true for people who like to keep all their files and folders up on their desktops.

You can also reduce the time spent scrolling through open windows with a second monitor. That extra monitor may also save you from printing documents and cluttering your desktop with paper.

Improving work quality in the home office

The business environment is going digital. Do the same with a document scanner that handles many pages at once. Flatbed scanners can provide quality scans, but speed and quantity may matter more. Plus, once your documents are scanned, you’ll be able to search for information using keywords. Instead of poring over pages of text, you can pour yourself another cup of coffee.

If you’re stuck at your desk once the workday starts, invest in a standing desk. There are many options that allow you to easily convert the desk from sitting to standing and back again. This can help your energy levels and reduce stress on your body from sitting in the same position all day.

Speaking of reducing physical stress, an ergonomic keyboard is another good investment. Plus, you may want to get yourself a better office chair. Back when your home office was a seldom-used space, sitting at an old dining room chair wasn’t a big deal. Now, though, you’ll want to do your body the kindness of getting a comfortable, supportive chair.

One more simple upgrade to consider: noise-canceling headphones make it easier to focus on your work while dogs bark. You'll also avoid volunteering for extra work without realizing that was what your boss was saying while you were shushing a child.

Need help deciding on the right technology for your home office, or want to be sure you set it up correctly and securely? Our IT experts at A-M-S-Computers are here to help.

Contact us today: 727-645-6956

 

Protect Your Business with Passwordless Authentication

"123456," "letmein," and "password" remain all too common passwords. It’s difficult to believe, but people still use simple, obvious passwords. They even repeat them across sites to avoid having to remember various logins. It’s a major problem for business, one you can address with passwordless authentication.

What is passwordless authentication?

As the name suggests, it means accessing information technology without a password. Yet there are different options that qualify as passwordless authentication.

Magic links are gaining popularity. In this approach, the user provides their email address. The system then emails a link to click that provides immediate access. Hidden from view, the system is ensuring it can find the user’s email address before authenticating.

Possession factors are another common solution. A user can authenticate their account only using something that they own. The system could rely on:

• a code sent to, or generated by, a known authenticator app (e.g. Okta or Authy);
• a one-time password sent via text message to the user’s registered smartphone;
• a hardware token (e.g. a key fob or thumb drive, such as Yubikey). These may connect to the system or generate a one-time access code remotely.

A third alternative identifies people using biometrics. Using physical attributes, such as fingerprints or retinal scans, the system authenticates users. Biometrics sounds more sci-fi than the other options, yet many iPhone users already unlock their devices with facial scans.

In fact, behavioral biometrics can also help identify imposters if they do get into a system. The software learns how an individual typically interacts with a keyboard or touch screen. If a user in a session shows different habits the authentication software could flag a potential threat.

Securing your business from cyberattack

It’s abundantly clear that passwords can be cracked. As many as 23.2 million people were using "123456" as their password in 2022 breaches, so hackers can start with a simple guess.

Bad actors can also program computers to guess options over and over until they get in. Humans would take ages to do this, but machines can do it quickly. In fact, it’s estimated that a 10-digit numeric password won’t stall a hacker. Even adding one lowercase letter only takes them one minute to crack.

Passwordless authentication adds another hurdle. They often need the cybercriminal to have direct access to your email address, or to have your smartphone or hardware token in their hands.

Securing your business from cyberattack

We can’t tell you that passwordless authentication is 100% safe. Nothing is, as technology and the ways criminals attack continue to evolve. Yet these approaches beat passwords by requiring more effort to infiltrate your systems.

Want to avoid being an easy target for cyberattacks? Talk to our experts about authentication methods and shoring up your security posture.

The Power of Rebooting: Your Quick Fix for Tech Troubles !

As the stereotype goes, when you report a problem to your IT team, their first question is often, "Have you tried turning it off and on again?" While it might seem annoying, the reality is that many issues can indeed be fixed with a reboot. The longer you keep your computer running without a restart or shutdown, the higher the chances of encountering problems.

Over time, it's normal for a computer to exhibit decreased performance when left running without a restart for a long time.

This phenomenon occurs because a reboot effectively frees up memory space, restarts frozen applications, and eliminates temporary files accumulated from various software applications.

A computer restart can also be a solution for network drive-related problems. If you encounter difficulties in connecting to one or all of your network drives, performing a computer reboot forces it to make another connection attempt.

Rebooting your computer also resolves problems related to freezing or unresponsive applications. In cases where your computer becomes unresponsive, and you can't access the start menu to perform a restart, you can manually power it down.

This process is done by pressing the power button for eight seconds until it turns off and then pressing the power button again to restart it.

Whenever you install a Windows update, it is essential to restart your computer as the changes may not have taken effect, and you may only be protected once you do.

Frequently rebooting your computer, especially when encountering the described problems, can significantly reduce IT support inquiries.

It streamlines troubleshooting for your IT team, as they will know that a reboot has been attempted before seeking their assistance. And, perhaps most importantly, being able to confidently respond with "Yes, indeed!" when asked, "Have you tried restarting your computer?".

Are issues still persistent in your computer after a reboot? We can help! Contact us today at 727-645-6956.

A-M-S-Computers Commercial (727) 645-6956

You Sould Be Backing Up Your Data

 

Data backup is a vital practice for ensuring the safety and availability of electronic data. In the New Port Richey, Florida area, A-M-S Computers offers comprehensive data backup services, including the option for data recovery.

A-M-S Computers understands the significance of protecting valuable information from potential risks and threats. They provide expert assistance in implementing robust data backup strategies tailored to the specific needs of individuals and organizations in the New Port Richey area. Their team of professionals possesses the knowledge and experience to guide clients through the process of creating duplicate copies of electronic data files and storing them in secure off-site locations or mediums.

With A-M-S Computers' data backup services, clients can have peace of mind knowing that their critical data is protected against hardware failures, software glitches, human errors, natural disasters, cyberattacks, and malware infections. By regularly backing up data, clients can minimize the impact of unforeseen events and ensure the swift restoration of lost or corrupted files.

In addition to data backup services, A-M-S Computers also offers data recovery solutions. In the unfortunate event of data loss, their skilled technicians utilize advanced techniques and tools to retrieve and restore lost data. Whether the data loss is due to hardware failure, accidental deletion, or other unforeseen circumstances, A-M-S Computers' data recovery services aim to retrieve and return valuable information to clients, helping them resume their operations without significant disruption.

By choosing A-M-S Computers in the New Port Richey, Florida area, individuals and organizations can access professional data backup and recovery services. A-M-S Computers takes pride in its commitment to protecting and preserving electronic data, providing reliable solutions to ensure data integrity and availability.

Don't let data loss jeopardize your valuable information. Contact A-M-S Computers today to explore their comprehensive data backup services like Carbonite or the option for data recovery in the New Port Richey, Florida area. Trust our expertise to safeguard your data and ensure its seamless recovery when needed.