Our Learning Center Video Library is designed to provide answers to questions that we are most frequently asked. Since we have so many videos, we have separated them out into categories to help you navigate to the video that will best answer your questions. We also have a search feature on each page.
CMMC Proposed Rule Published with Bob Coppedge, CEO @simplex-it and Tim Golden CEO @compliancescorecard . What's Impacted? What to do? Need to Know More?
When talking about cybersecurity solutions, there’s a ton of different acronyms and abbreviations. You’ve probably heard about EDR, MDR, MTR, and XDR. But what do all of these mean? Let’s dive in.
Managed service providers (MSPs) and managed security services providers (MSSPs) are two terms that are often used interchangeably in the IT industry, but they are not the same thing. While there may be some overlap in the services they provide, there are significant differences between the two.
A tabletop exercise is an opportunity for your organization to practice what happens in the event of an incident. The most common tabletop exercises are incident response and disaster recovery. This is where people within your organization can work in a simulated environment to resolve a problem using the process and procedures that you should have in place.
In today's digital age, data security has become a top priority for organizations across industries. With the increasing frequency and sophistication of cyber attacks, it's critical for businesses to have a dedicated professional responsible for their overall information security. This is where the Chief Information Security Officer (CISO) comes in.
Business impact analysis (BIA) is an essential component of a company's risk management process. It involves assessing and analyzing potential risks that could disrupt the organization's operations and result in financial or reputational losses.
Windows end of life is a critical aspect that every individual and organization should be aware of to ensure the safety and security of their systems and sensitive data. In simple terms, Windows end of life refers to the point when Microsoft stops supporting a version of Windows.
We’ve all been there, going about our day and then we receive the notification ‘An update is available for your software, install now?’ This can be annoying, but it’s actually a critical item to maintain the security of your applications.
In today’s connected world we often have dozens of online accounts – whether it be for banking, shopping, work, or entertainment. But it often seems like every time we turn around another service was compromised or there’s an attempt to hack into accounts. So what can you do to keep your accounts safe and secure?
At its core, EDR is an evolution of antivirus software. Whereas traditional antivirus tools rely on signature-based scanning to detect known malicious files, EDR takes a more comprehensive approach.
Not really. There's always going to be some inherent risk in everything we do. But there are different responses that you can take to reduce that risk. For instance, you can mitigate the risk by putting appropriate controls and safeguards in place to decrease the impact of that risk.
Security awareness training is a critical component of any organization's security strategy. It involves training employees on common security risks and how to recognize and avoid them. This includes identifying phishing emails, scam calls, and text messages, as well as learning how to follow electronic funds transfer and more.
In today's digital age, businesses and individuals face a growing threat of cyber-attacks, data breaches, and other types of cyber incidents. These incidents can cause significant financial and reputational harm to those affected. Cyber insurance is a type of insurance designed to protect against these risks.
CMMC stands for Cybersecurity Maturity Model Certification. CMMC is a program that the Department of Defense is implementing to ensure the confidentiality of sensitive information.
Ok, first of all, got a cyber response plan? Use it. If you don't? Then if you have cyber insurance, contact your insurance people. If you're not sure, contact your IT support folks. But don't start "fixing the problem. You actually could make it worse.
Backing up data is a critical process for any business to ensure the continuity of its operations in the event of a disaster. The frequency of backups, however, depends on several factors that are unique to each organization.
Last month, the hardware company MSI was compromised by a malicious entity. These bad guys were able to steal source code, development code, and private keys. The big concern comes from the theft of those private keys. What do private keys do?
So, you just got an email. We get so many every day, but how can we be sure they’re legitimate? Let’s talk about how to identify a malicious email. The first thing that you need to know is that malicious actors often rely on urgency. No matter what the situation is take your time…
If you log into any of your devices and apps with just a username and a password, then you’re using one piece of ID – or one ‘authentication factor’. And that’s just not enough. We recommend using MFA.
Does your organization have an unsupported version of Exchange (2013 or older), or you’re not keeping up with patching? If so, you might be looking at some problems delivering emails to MS 365 in the near future.
There are a couple of different ways. The most common is via the web. It can be from a malicious ad that you click on, a redirect that takes you to somewhere you didn’t expect to be, or even just from clicking on the wrong link in your search results.
Hackers are using AI the same way businesses are starting to use AI. They're looking at those repeatable tasks that that are being done and seeing if there's more effective ways to do it. But we're also seeing it lowering that barrier to entry.
Ok, you’ve hired a company to create and maintain your web site. Everything is going great. They’re creating a web site that represents your organization properly, there’s all sorts of graphics some videos, you’re getting close to public release! And suddenly…they reach out to you with a request.
Ok, you may have heard something about the 3CX hack. Lets talk about this. First of all, this video was recorded less than 24 hours after the public disclosure of the compromise. So we might be out of date already. And a shout out to our Voip partner BVoip for keeping us up to date on things.
Here is the list of 7 Ways to Increase Productivity Through IT. What you do with it is up to you. Need help? Email us at BobC@Simplex-IT.com to schedule a call. And feel free to share this with your internal IT department.
Laptop encryption is an important security measure for businesses that want to ensure their data is safe and secure. It prevents unauthorized access to files in the event that a laptop is lost or stolen. It also allows business owners to easily recover any lost data.
There’s a reason that browsers like Edge have added breached password notifications. Data breaches are an unfortunate part of life and can have costly consequences for individuals. Hackers can steal things like identities and compromise bank accounts, to name a couple.
Microsoft states that their “backup” goal is the availability of data. So it ensures that your 365 data is stored in at least two data centers located in geographically different places. Now if something happens to the servers in one data center (or the entire center or geographic region), there’s another copy.
Conditional access is also known as contextual access. It is a method of controlling user access. You can think of it as several “if/then” statements, meaning “if” this thing is present, “then” do this. Conditional access allows you to add many conditions to the process of user access to a system. It is typically used with MFA.
Let’s start by saying that phishing is a way of contacting someone by posing to be someone else, usually in the form of an email, text message or even phone call. But what is "simulated" phishing? Organizations use simulated phishing attempts to identify employees that may require additional training.
