TopOctober 2014 - Quick Links in this issue ...
greensquare
Why Wouldn't Your Business be a Victim of a Cyber Attack?
Most businesses rely on data stored on computers, laptops, tablets and mobile phones. What would happen if your data were hacked and important information like your identity or business credit card number was stolen or sold?

The Department of Homeland Security (DHS) has designated October Cyber Security Month. This month's blast is filled with cyber security tips and links to a wealth of information from the DHS website. A few cyber safe tips we'd like to share are below.

DHS works year-round to increase cyber security awareness through its Stop.Think.Connect.™ campaign.The campaign offers the following tips to stay safe online:

  • Set strong passwords and don't share them with anyone.
  • Keep your operating system, browser, and other critical software optimized by installing updates.
  • Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
  • Be cautious about what you receive or read online - if it sounds too good to be true, it probably is.
 cyberattackProtect Your Business from a Cyber Attack

Every company is at risk - even yours. We must all budget and plan to keep operations running while we recover from a cyber attack or cyber attack attempt.  The cyber adversaries are everywhere, and they prey on the uninformed and the complacent. If you are a business owner, we encourage you to take a few simple steps to improve your company's cybersecurity.  These include:
  • Use and regularly update anti-virus and anti-spyware software on all computers; automate patch deployments across your organization to protect against vulnerabilities.
  • Secure your Internet connection by using a firewall, encrypting information and hiding your Wi-Fi network.
  • Establish security practices and policies to protect sensitive information; educate employees about cyber threats and how to protect your organization's data and hold them accountable to the Internet security policies and procedures.
  • Require that employees use strong passwords and regularly change them.
  • Invest in data loss prevention software for your network and use encryption technologies to protect data in transit.
  • Protect all pages on your public-facing websites, not just the checkout and sign-up pages.
  • Consider cybersecurity as part of your overall corporate risk, and govern cybersecurity with a policy that comes from the Boardroom - and is part of your culture
  • Think about new and innovative ways to enhance cybersecurity and drive your business while you protect it.

 source: Department of Homeland Security

Click on the link for more information on Cyber Security Awareness Month.

 

 PasswordHow do you create a strong password? 

Is your password a combination of the month, day, or year of your birthday? Or the last four digits of your social security number? Or your address or phone number? Think about how easily it is to find this information out about somebody. What about your email password - is it a word that can be found in the dictionary? Most people use passwords that are based on personal information and are easy to remember. However, that also makes it easier for an attacker to guess or "crack" them. Consider a four-digit PIN number.

Although intentionally misspelling a word ("daytt" instead of "date") may offer some protection against dictionary attacks, an even better method is to rely on a series of words and use memory techniques, or mnemonics, to help you remember how to decode it. For example, instead of the password "hoops," use "IlTpbb" for "[I] [l]ike [T]o [p]lay [b]asket[b]all." Using both lowercase and capital letters adds another layer of obscurity. Your best defense, though, is to use a combination of numbers, special characters, and both lowercase and capital letters.

Longer passwords are more secure than shorter ones because there are more characters to guess, so consider using passphrases when you can. For example, "This passwd is 4 my email!" would be a strong password because it has many characters and includes lowercase and capital letters, numbers, and special characters. You may need to try different variations of a passphrase-many applications limit the length of passwords, and some do not accept spaces. Avoid common phrases, famous quotations, and song lyrics.

Don't assume that now that you've developed a strong password you should use it for every system or program you log into. If an attacker does guess it, he would have access to all of your accounts. You should use these techniques to develop unique passwords for each of your accounts.

Here is a review of tactics to use when choosing a password:

  • Don't use passwords based on personal information that can be easily guessed.
  • Don't use words that can be found in any dictionary of any language.
  • Develop a mnemonic for remembering complex passwords.
  • Use both lowercase and capital letters.
  • Use a combination of letters, numbers, and special characters.
  • Use passphrases when you can.
  • Use different passwords on different systems.


    • source: Department of Homeland Security

    For more information go to: https://www.us-cert.gov/ncas/tips/ST04-002 

    back to top 

     


    Partners Smith, Sullivan and Brown

    Questions?
    Call us at 508.871.7178
    or email: contact@ssbcpa.com 
    or go to: www.ssbcpa.com   
     

    AboutUsAt Smith, Sullivan & Brown, PC, our dedicated professionals listen to your auditing and accounting, tax preparation, and small business questions. We provide personalized solutions to you, your family, business or nonprofit, all at a reasonable price.

    Our accounting team has extensive experience. We understand your frustration when you tell us that you've paid top dollar for accounting services - only to learn that there's a junior-level person working on your engagement. Or, that it's mid-March and your accountant isn't returning emails or phone calls because your files have been put on the back burner so that they can focus on the tax return crunch. At Smith, Sullivan & Brown, PC we only send senior-level accountants into the field and they remain accessible to you throughout the year. A dedicated team is assigned year-round specifically to our nonprofit clients, so that deadlines are met on time and your questions are never ignored.

    Established in 1993, Smith, Sullivan & Brown, PC is for you if you value communication, one-on-one attention, and "hands-on" expertise from experienced senior-level accountants. Whether you have a project to bid on now, or in the near future, contact us to schedule an introductory meeting, we'd love to meet you!   

    The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee and may contain confidential or privileged information.  If you are not the intended recipient, be aware that any disclosure, copying, distribution, dissemination or use of the contents of this message is prohibited.  If you have received this message in error, please notify the sender immediately and destroy all copies of this message.

    To ensure compliance with requirements imposed by the IRS, we inform you that any U.S. tax advice contained in this communication and any attachments is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing or recommending to another party any transaction or matter addressed herein.