fbpx

Tulsa Medical Staffing | Top 7 Security Concerns for Employees_01.txt

Facebook Twitter Indeed LinkedIn YouTube Pinterest

Tulsa Medical Staffing | Want Amazing Services?

You are listening to trinity employments, eight player Matchmaker podcast starring your host and the Co founder of Trinity Employment Specialists, Cory Minter. Hi and welcome back to the a player matchmakers where we’re always looking for different ways to try to add value to job seekers and employers. And the particular topic of this podcast is going to be a little bit different today and this is going to be primarily for employers, but it’s the top seven security concerns that employers should have for employees. And so this topic is really important in today’s, it’s just who we are and what’s going on. This has become a really big problem. I really didn’t notice it though until just this last year. That’s when I started hearing where ransomware, we’ll talk about that here in a second and how companies will have their entire database basically hold ransom until you pay bitcoin for it. Cause I had, I had someone that I knew of that had had this happen to them. And so this is why we’re talking to employers about it. You know, what is it that we should protect ourselves from? You know, I’m not an it expert. I don’t even like it. Um, the guy here that I’m with, uh, Kellen Cowan, I’ll introduce you. I guarantee you, he can tell you right now. I want nothing to do with it. But unfortunately, when you grow, you have to deal with it. And so that’s what we’re going to be talking about today. I’m Kaelin is an it expert. He owns the company new wave solutions. He’s joining me today and we’re going to be talking about how, what is it that we can do as, as small businesses to protect ourselves and make sure that we don’t get ourselves into a lot of trouble. So, um, so I would like to ask before we get started, if you know of anyone that is looking for employment or if you have someone who’s an employer and they’re trying to find the right employee, this podcast has a lot of great content for you with Tulsa Medical Staffing.

We’d love for you to recommend this to someone. And then we’re, we’re also have two other podcasts that we’re going to be doing, the four key habits of an a player. And as well as, um, as well as how to hire. So, so we’re going to be going into these things, but at first we always like to start out with some, uh, with some statistics. Kaelin, we have a list of statistics that are printed out here for you. Like what was the first thing that like came up in your mind as something that was interesting or that we need to know about? Well, I’ll get to that, but I can, uh, I can verify the for the audience that you’re absolutely terrible with technology. Absolutely horrible. Just horrible today. Today. All right. I, I called, I called over to your company and they, and my internet wasn’t working and so, and so I was so frustrated with, and I called, they’re like, all right, we’re going to put in a ticket and then, uh, and then, uh, um, you know, we’ll, we’ll get back to you and it doesn’t take very long. Like you guys take really good care of us, but I have zero patients, so I just start clicking buttons. Somehow I got it fixed. I’m scared of what I did to my computer today. Honestly, you and a handful of other individual, he has like 47 browser windows open. He leaves every email of anybody’s ever talked to open and I think he’s streamed to youtube in the background. And what’s beautiful about it is right now at an instant that fast, I can go get what I what I know is there. I don’t have to go look it up again. It’s amazing cause it never closes. That’s right. I never close it. You need a supercomputer and Tulsa Medical Staffing. So here’s the, you asked me right at going over this what, what jumped out at me.

It’s the same thing in the same pain points you’ve been going through. So Cory went from an android phone. So I know there’s, there’s, there’s haters out there via phone into an iPhone and the dude can’t operate any of that either. Oh, I hate it. His alarm clock goes off and my alarm and all you iPhone users, the alarm is set. Like they will not give you options with this stupid alarm. I can’t even change my volume. I finally got that fixed. It took me a month. Yeah. I’m glad you finally got it fixed. Cause he grabbed about it for three or four weeks, but you asked what jumped out. So it’s the mobile malware on the rise. Malware is just a, uh, a term for the broad spectrum of all this malicious software. And the reason for it, Cory, is so Cory’s the most UN technical person I’ve ever met, right? I think I know what malware is. I’ll make a shirt for you. I think I know what malware is though, cause we hang out. Um, but here’s the deal. Even the most ill-equipped in technology have a smartphone and the cybercriminals know that it’s a, it’s a game of numbers. Right? And what do our mobile devices do now? Right? We’ve come in with them into our work environment and they connect to the wireless. They’re on the network. Anything connecting to the wireless, connecting to our Internet in the office has the ability to transfer whatever’s on it, have it be malicious to the rest of the environment. So I can infect servers, I can infect computers from malware sitting on my cell phone, malware. The number of new malware variants it’s for mobile, for mobile devices increased 54% in 2017 and that’s according to a semantics, Internet, a security threat. Um, and that that report was done in 2018 but overall in 2017, 27% of malicious apps were found in the lifestyle lifestyle category, which is kind of weird. I would have never thought that. Next in line is music and audio with 20% followed by books and reference with 10% do you guys have employees or do you see employees with this kind of stuff on their computers at work?

Well, so I mean both, right? I mean they, they both fall in the same category. I guarantee you the list of lifestyle to music a to books is the percentage of downloadables. Again, it goes back to the numbers. You cybercriminals know that lifestyle’s the most focus thing. What’s scary about applications is they can download clean, they can even be approved on the android or the iPhone list. You can download that clean and then a virus can be injected later as a version upgrade. Right? That’s what makes apps so dangerous. On the actual PC or desktop side, it’s the same as restricting your employees from what websites they’re accessing. Right. I remember the one thing that I remember being so nervous about with this whole thing was when, um, you and I were talking and people can, if they get access to your passwords, like they can get, they can gain access to your database, which sometimes some companies like especially ours, good grief. We’ve got, you know, a lot of personal information that we need to protect. Now the good thing for us is we have a, we have a service that’s a web based service that we use. So they’re responsible for someone hacking in as well. However, someone gets in there and get your username and password to some of this stuff, they can really create a lot of damage that you’re liable for, by the way. So you’ve got to do everything you can to really hire a company like new wave solutions or some other it company, make sure and protect you because if you don’t go to the full measure to protect yourself, you can be held liable for millions of dollars of damages and the best Tulsa Medical Staffing.

Yeah, and it is called credential theft, right? Username. Password is called credential theft and it’s nasty. Basically, if I as a high level cybercriminal get a employee’s username and password. Corey, how often do username passwords change? I have to change mine now. You guys forced me to change it every month. It’s like every month. Is that what it is? I don’t know what it is you’ve done, but I’ve, but I have to change it often. Right in the, but again, think about it. So I’ve got a high level individual or organizations. There’s buildings in China that are companies and that’s what’s changed, right? We’re seeing all these attacks. What’s changed is this is no longer just something that’s pure malicious. This is a, a living for a lot of these individuals, especially in other countries. This is what they do to put food on the table, right? I want to get into everything. Well, if I use high level cybercriminals with high levels of software and I can sit on your network for a month, two months, three months, some companies don’t have any restrictions. I’m going to hack to what I want and I’m going to get administrative privileges from there. I can rehab it and guess what? I’m going to ask you for a paycheck to get your stuff back with Tulsa Medical Staffing. Call 918-622-2588 or go to https://trinityemployment.com for more info.

Tulsa Medical Staffing | Call Now To Be Happy!

We’ll see that. That’s what was so weird to me that I’d never thought of. I mean, it’s smart if you’re cyber criminal, but good grief. So what they were doing, this is what you’re telling me is they’ll get your password and they will sit there and wait forever for you know, months and just collect more and more passwords and bills. Find out where you’re going and they’ll really figure out, once they get one password, what they’ll do is they’ll sit there and collect as much information as they can so they can maximize the amount of damage that they can do before they let you know. All right, we’re going to hold your, you know, your computer system or your database, uh, ransom until you pay us so many bitcoin and bitcoin. How, how much is bitcoin now? I mean, it’s, uh, they’re, they’re wanting like 10, 20, $30,000 for you to be able to do this, which leads me, this u s is to account for half of the breach data. By 2023 it says cyber criminals will steal an estimate. 30 million, 33 billion records in 2023 that’s according to a 2018 study from juniper research. And that compares with 12 billion records. Juniper expects to be swapped in 2018. So for all of our managers, um, managing employees, especially this is going to get to be a bigger and bigger problem that we’ve got to just begin to start looking at and making sure to put certain things in practice. And so we, what we’ve got is we’ve got several, uh, action items here that I just wanted to have since we have Kellen here on, uh, joining me today. Just use his, his background and knowledge of it. We’ve got, we’ve got one, two, three, four, five, six, seven, eight, nine. We have, we have 10 things here to, uh, that you can do now and begin to think about. And so what we’re hoping to do is we’re hoping that we can get, uh, I’m sorry, my, I, I got distracted without Tulsa Medical Staffing.

We’re hoping to be able to get some practical information how you can start using this. So the first thing that is on our list is fishing. Can you explain that a little bit killin yet? And I’ll tie it back into what you’re talking about. Uh, the United States being the target and really what that is, I believe it’s a cultural thing. If you traveled to other countries, they’re not in as much of a hurry as we are. Right? And so what you’ve seen is you’ve seen a lot of this malicious intent and the percentages on it, it’s moved away from trying to actually hack through things and has gone to manipulating employees. And that’s what fishing is. Fishing is an attempt to do just that. I’m going to throw out a line and I either want an answer, I want somebody to take an action, like clicking on a malicious link. Yeah. So, um, last week, Cindy, and she’s right outside of here, so she might be hearing me talk about her right now, but she’ll be kind of be funny. But she got a, you know, some kind of weird thing. Uh, it was a, it was a pro, not a program, but a, uh, a document to click on and it came from a possible reliable source, but she clicked on it and it downloaded something. We don’t know what it was, but later on that day, she got a message from that person that sent it to her, said, please don’t open this up. That wasn’t sent by me. My account was hacked. And so, you know, we had new wave, get on there and make sure and do a scan, make sure everything was fine, everything was, but that’s, that’s kind of what you’re talking about right there is, is that fishing killing or did I get it wrong?

Um, yeah. Yeah. So, I mean it’s been sent and I want somebody to click that’s rolling into kind of hitting low hanging fruit though, right? So Cory, you guys have, and you invest in your technology, you invest with us to train your employees and to have the right software and securities here. A lot of your clients don’t. And so when you talk about a client, um, becoming vulnerable to a, an attack and somebody getting credentials are actually hacking into their mail accounts, they’re sending authentic mail at that point, right? Right. And so that’s just a really, really scary place. Um, and what you have to do in that case. So that’s a high level phishing attack because I am actually sending legitimate mail from a customer of yours. I’ve got to pay attention to the subject line. I’ve got to pay attention to the body, email and again, just in line with all the best practices. Uh, when it comes to email, um, identification and, and training is if somebody wants me to click on something, right or open an attachment, do they always send me these kinds of attachments? If anything’s new, I need to pick up the phone to verify. Yeah. And that’s what we’re trying to train our staff on. I mean, we use that as a training session just for everyone else. We showed everybody the email and said, hey look, this is what it looks like. Our second one here is unauthorized application and installation usage. Explain that to me. What does it, what does this mean? Well, it means that, um, you know, from the, your commander on your network, right? I’m not restricting Brittany or any of your other employees from just downloading whatever they want off any site they go to. Right? Right. So there’s two issues there. One, I haven’t scaled back any of the sites they can get to, um, or create an internet culture. The second issue is they have full admin rights over their desktop. Yeah. Which I would imagine most small businesses, that’s probably what you’re experiencing. I know that when we came to you at the very beginning, you’re like, you’re doing what? And we didn’t see it as an issue now, but now that we’ve got it all taken care of, like we understand, you know, I would advise someone else, it’d be like, Whoa, you gotta, you gotta take care of that stuff. But I’m telling you, man, we didn’t, we didn’t see it that way at the very beginning. You had to explain it to us. The, the next thing is default or weak passwords. I was, I was at a, I was at a CEO round table the other day and get Tulsa Medical Staffing.

This is so great. So have I told you about my CEO round table that I, that I go to? I, we’ve talked about it a couple of times. Yeah. These are like high level guys. Like I’m, I’m probably the smallest business in there. So this guy, he just sold his company for, I dunno, I mean it was millions and millions of dollars and cause he just purchased all these buildings and stuff with, it’s crazy. But listen, he, we’re, we’re going over um, fraud and that was our topic part round table. And they’re like, so you know, how do you guys keep track of your passwords in this? I was like, Oh man, that’s easy. I’ll just use the same password for everything. And so Killin’s over here grimacing and uh, and you know, we’re all talking about, oh, we’ve got an app that keeps track of all of our passwords. We got, we’ve got, I plug it into an excel spreadsheet, not double password, protect it. You know, we’ve got all of these things where we’re thinking about and the one God, it’s probably has the most delusions. Like, oh, don’t worry about it man. I use the same password for everything it Kellen, can you explain to our users like why, why is this a big deal? It’s, it’s a big deal. Just
because it’s not talked about enough, right? I mean, I’m going to poke fun at Corey. He had his android phone right before he switched to iPhone. He was just mad at, and I grabbed it and the screen was off and I just opened it up. There was no password, there was no biometric fingerprint identification. Guys, I set up fingerprint identification for Corey, and you would’ve thought the world stopped, right? So a lot of executives, right? They just, they don’t know. And so it’s the same thing when it comes to the passwords, right? So let’s, let’s transfer that over to the desktop and I set up a password. There’s not a purple headed. Guy’s still living with his grandma. Nobody likes eating Cheetos in a basement. Hacking your computer. Right? Large Organization. That’s a big thing for you to understand. It’s not Ricoh in the basement. That’s not name him. Rico was just trying to come up. Who would you give the hacker to? Charlie Aki. I’m just, I’m going to keep it PC. Ralph Ralph Waldo Waldo is Waldos in the basement and he’s, and he’s, he’s, he’s hacking away that. That’s one thing that opened my eyes, kill him when we were, when we were talking, um, me and Kellen workout every morning together. And so he was telling me about this and it really opened my eyes up to realize, listen, it’s not some college student hack and d, these are like professionals that are after money with Tulsa Medical Staffing.

Yeah. And they’re using software. So they’re either improving the software or pre purchasing software, which is scary. It means that, and the attack is not isolated to cyber criminals that truly understand technology. If I have enough money, I can just get subscription services to things called dictionary attacks. Cory, this can run through every known word word in the dictionary in hours, right? And so if you use a word in the dictionary with nothing unique, they’re getting into your device. And then if that doesn’t work, they’ll start brute force. It takes longer, but they can identify each character in a password and it starts by putting those unique characters together, right? So when we do training the things I’ve told you, the longer the better, uh, Ma make it a phrase, I hate passwords with some unique characters and take the unique characters and make sure they’re not together. And we do that because we understand how the software works that they’re using. Right? The next thing on our list is disabled security. Explain this to me. Did I throw you off a little bit? Yeah, a little bit. Well. Um, usability and security are often each other’s worst enemies, administrators, often disabled security controls to make applications more usable for the employee. But obviously this can lead to a fatal, you know, problems. Especially if an employee has an absolute administrative privilege on their laptop, then they can install whatever they see fit and if they end up getting their computer infected by Malware, they can turn, they can in turn damage the entire network and the whole interconnected infrastructure as well. That’s what you’ve told us, man. You’ve told, you’ve told me that a a hundred times. You’re like, dude, you’ve got to, you’ve gotta Watch and stop all of this downloading. Because if they get to our database and we have a little bit different of a situation here, that’s the kind of plays like a database. But if they get to it, that’s where they can really do all the damage. That’s what you’re telling me about Tulsa Medical Staffing.

Well, and that goes back to what threw me, it goes back to the, on our authorized application. So it’s the same kind of the same premise is I’m giving the user too many rights because the users have pain in my butt, right? Because people are gonna want to do and go where they want to go. They’re going to download what they want to download and when there’s something like, let’s even say Dropbox that they want to use every day in my security tools on that laptop, prohibit that use, and that user keeps coming to me and I go, oh, what’s the big deal? I’ll just disable it and put this weaker antivirus in, right? Well, those little pops every time you go to the wrong website or click on the wrong email, that stopped that. The better the security software you have, the the less likely that device gets infected spreads to the network. And so what’s happening here is the it director, whoever’s in charge of technology is going, man, this is a pain in my butt. They’re having to come to me too much. I’ll disable it or put something weaker on the desktop, right? The next one, next item we have here is clumsy. Social networking. Social networking obviously allows like the whole workplace to stay collaborative, but you guys have something set up for us on on that, don’t you? Well, yeah. And it’s also restricting a lot of the social media. Right? And that’s where a lot of the cyber criminals are praying. Just so you were talking about fishing and we were talking about, you know, malicious email coming in. Want me to click on something or give information? Where do, where else do professionals communicate? Yeah, social media. So the same kind of links, the same kind of questions coming in as a vendor and it’s not really a vendor, right? Asking for, Hey Brittany, can you print this Brittany to go, what are you talking about? That’s Amber’s job. Well I just, now I know who to attack. Right? So these scams aren’t always just immediate. They may just be a question posed as somebody, you know, and it’s not really who, you know, and they, they come a lot through social media, Facebook messenger, Twitter’s riddled with that are malicious Tulsa Medical Staffing.

Wow. Well, and everyone’s using those websites like Facebook almost rules the world it seems like. But even for us, listen at work, people that are on Facebook here, they’re actually working because we recruit using a, a job platform, uh, through Facebook. So I mean it’s, it’s just important that we keep ourselves in as much as we’re doing through you guys at new wave and you know, all the other stuff that we’re doing our own. I’m still always wondering, are we doing enough? You know? So let’s, let’s do our last one here. Obsolete software or uninstalled patches. What I heard in, in some of the training that I’ve gone to this is like one of the number one things that you’ve got to make sure and do is keep everything up to date. Well, and this is, this is a big deal. Uh, it’s one of the most important things to us and a lot of times, Cory, for you guys that goes on scene in the background when it comes to, uh, you know, new versions of software coming out and updates and the patches, what’s happening. So let’s just talk patches is many times an individual or a company has found a vulnerability in Microsoft in your line of business, software and quickbooks, and so there’s an update come out, right? You guys don’t necessarily know that. You just know that we have to update. It may take some time and something may break. The urgency behind that update is this one person or one company found a vulnerability. The second Microsoft says, Hey, we’re going from 10.1 to 10.2 they publish that vulnerability of 10.1 to the rest of the world. So it’s a race to get that thing updated. Right? Right. Now bigger is this opp obsolete software. So let’s talk immediate 2020 January, 2020 windows seven is obsolete server operating system. 2008 our two is obsolete. Small business servers obsolete. There’s another server operating system cybercriminals no, they’re obsolete. Come January. So if they have a vulnerability right now, they’re doing nothing with it. They’re going to wait until January. They don’t update. They’re going to come through your front door and get everything young.

And there’s just a lot of businesses that they’re there, they’re going to be asleep to this. You know, this, this is something I hope that this is, this adds value to you for you to begin to think about certain things for you to do with employees. Of course trinity, we’re always trying to help you find a players and get the right employees there. But you know, each business has a responsibility to make sure that they protect themselves and train their employees on some of this information. So I really hope that this is helpful for our managers. I just don’t want any of our small businesses that we work with come to work one day the computer is completely shut down and you have one message that’s popping up on your screen, call this number to be able to gain regain access to your system. I’m telling you that is a sinking feeling. You know the, the one person that I heard about this with, he was a CPA in the federal government. Shut him down. I mean there are so many things that you’ve got that you are responsible for is small business owners. So I hope that this has helped you. If Trinity can help you in any way, whether it’s with an employee or with just helpful information about how to hire and train employees in one board, then we would love to be able to help you. Please give us a call at 918-622-2588 or you can visit us online at trinityemployment.com.