Tag: compliance

Harden Employees Against Ransomware With KnowBe4

Post author By Jonathan Arnott
Post date October 20, 2017

Are you curious to see who in your company is most likely to download a virus on your network? Well now you can find out and the best part is, its free. With KnowBe4 you can administer a range of free tools that will allow you to see which of your users is most likely fall for phishing emails.

The sad truth is that some people will click on anything that comes across their email inbox. This is how most network infections start. Till more recently, there hasn’t been a lot anyone could do to prevent this. KnowBe4 allows you to find those trouble users and train them so that this major hole in your network can be filled.

From a compliance standpoint, KnowBe4 offers actionable data that will allow you to show your HIPAA or PCI compliance officer that you are taking actions toward due diligence.

As an IT company, we do our best to prevent major disasters with layered security involving anti-virus, managed firewalls, Office 365 spam filtering, security permissions and most important, great backups. Even with all of these security measures in place, there isn’t a foolproof method to ensuring that a few phishing emails won’t slip by unnoticed. We rely on backups to get our clients up an running quickly but even under the best of conditions, it is still better for the virus to have never been clicked on to begin with.

For a small investment in time, you can’t afford to not use these great free tools from KnowBe4. Take a few minutes to watch our new video on how to get started with KnowBe4 and harder you users against malicious emails.

Technology

PCI Compliance Audits

Post author By Jonathan Arnott
Post date June 9, 2017

Have you ever been audited for PCI compliance? If not, it is most likely that at some point you will be. In order to maintain the ability to process payments electronically, this will be a fact of life. The more transactions you process in a year, the more often you will be getting a visit from your friendly neighborhood qualified security assessor (QSA).

In short, a PCI compliance audit should not be something to fear as long as you are willing to rectify any issues that your QSA finds. This is a matter of determining liability on the part of your electronic payment processor. If you are not PCI compliant and you have a security breach, then your payment processor will not cover damages.

In most cases, you will receive a notice that you are being audited by your payment processor for PCI compliance. The audit will be performed and you will receive a report stating whether or not you are PCI compliant and if not, what you need to resolve in order to get there. At this point, it is up to you to work with a partner to help resolve any issues found by the QSA.

When you receive your PCI report, it can be confusing knowing how to implement the requirement without a partner that is experienced in compliance audits. Working with a company like eTop Technology can help you plan and implement solutions to ensure that you pass your PCI compliance audit both now and in the future. If you find your company in this position, please reach out to us and we will help you build a secure future.

Technology

What Business Owners Should Know About Software Licensing

Post author By Jonathan Arnott
Post date February 2, 2017

How important are software licenses, really? These complex legal documents can be overwhelming, so most people simply hit “Accept” when prompted instead of taking some time to understand what it is that they are accepting.

Software licenses dictate exactly how software can be distributed – the number of copies that can be used by a single license, limitations of liability, warranties, and other key legal considerations. Because of this, there are some important pieces of every software license that are essential for small business owners to take note of.

Firstly, paying for business software is always the right answer. Many expensive software programs are illegally available for free through varying methods. While this may seem like a great idea initially, if you have not paid for your software, you can easily be found guilty of theft should the software company become aware.

Further, it is very important that you know exactly who is allowed to use the software, and how many copies of the software are covered by each license. If these restrictions are not followed to the letter, your company’s growth could place you on unstable legal ground. It’s always a good idea to be aware of how many licenses you have purchased, and to ensure that you are staying well within those limits when giving employees access to different programs.

Lastly, you should always be sure that you read and understand the end user license agreement. This piece of the software license dictates exactly what you can and cannot do with the software you have purchased. This includes information on how the software company will use your data and any additional software that you are authorizing the company to install on your computer.

While it’s tempting to ignore software licenses, it’s always in your best interest to understand what they mean. To stay on the right side of the law and avoid hefty fines, you should ensure that you acquire your software legally, know how many users are covered by your license, and always read the end user license agreement. In addition, you should keep track of your purchase and licensing information for any piece of software you use at your company – should things go sideways, it’s always best to have proof of purchase.

If you’re feeling overwhelmed by this, or want someone to double-check that your company has everything in order, reach out to your IT professional. They will be able to help you ensure that your company is using software that is appropriate, legal, and optimal for your unique needs.

Why More SMBs are Turning to the Cloud to Reduce TCO

Why SMBs Must Proactively Address the Threat of Mobile Hacks

Contact us

CW Portal