Welcome to The
QuickLearning Centre!

Think of this as your quick access dashboard for learning here at QuickProtect. Find an answer to your question or brush up on your cybersecurity and IT knowledge, all in one place.

You Ask, We Answer

[searchandfilter fields="search,faqs" types=",dropdown" submit_label="Get Answers" search_placeholder="What's your question?"]

Archives: FAQs

Can my employees use their mobile devices on my network?

We are well into the days of BYOD: Bring Your Own Device. As an employer, it’s great because you don’t have to buy your employees a device to work on and the employee gets to use whatever form factor they’re comfortable with (smartphone, tablet, laptop, etc.). The drawback to BYOD can be that those devices don’t have the same level of protection that you’ve applied to corporate PCs and mobile devices. There are a couple of ways to address this–either hire employees to install corporate protection software prior to allowing them to connect to the company network, or create a guest network that bypasses the corporate network and goes directly to the internet. Make sure to only allow employee personal devices to connect to the guest network. Both of these approaches are effective in significantly reducing the risk associated with letting your employees use their own devices at work.

How are my employees a risk?

Employees face a number of risks when using the Internet such as phishing attempts to steal their corporate or personal logins, malicious links in emails that install bad software, and especially ransomware that can infect not just their computers, but also every other computer connected to the corporate network. Theft of employee personal information is a significant issue for the company and for the affected individuals. Employee awareness training, along with a robust set of tools and policies, help to minimize the risk to your employees and make them an important part of your risk management strategy.

How can my employees help?

Employees are your greatest strength. They can also be your biggest weakness when they aren’t trained adequately or equipped with the right tools. By teaching your employees about cybersecurity and the risks they face using the Internet, you’re making them part of the solution. Training your employees helps them contribute to the safety and security of your business and its data.

We don't restrict our employees on our network, what could go wrong?

Many companies take a hands-off approach when it comes to controlling what their employees can and can’t do on the company network. This may allow them more freedom to get their work done, but this freedom comes at a cost, and for some companies that cost can be very steep. An employee can inadvertently open a big digital door into your network in a myriad of ways: using a weak password that can be easily guessed, clicking on links and installing malware or ransomware, storing sensitive/confidential company information in unprotected folders on their personal computers. By implementing a “method of least privilege” approach to data management, you ensure that people only get access to the things the absolutely need to have access to, and can only do the things you explicitly allow them to do, everything else is denied by default. This will reduce (but not entirely eliminate) the possibility of an employee’s bad behaviour taking down your entire company network, and in an extreme case taking down your company!

Why does every employee need their own login?

Shared accounts seem to make sense and many small organizations use them. You can save a few dollars on licensing. It’s easy for two or more people to share a role within your company and overall it may just be more convenient. But convenience also means less control. You can’t implement things like 2 factor authentication, for example, because the second factor would have to be shared across a group of people which isn’t practical (for example, a smartphone to receive texts). One of the biggest downsides is lack of accountability. If something goes wrong, the shared account is used to do something that negatively impacts the business, how do you know who actually did it? You want non-repudiation where possible (the ability to prove that a single person is responsible for an action). Having each user with their own account gives you a lot more visibility and control into your network, resulting in more secure systems and reducing risk to your network and data.

How can our wireless network make us vulnerable?

Wireless networking, or WIFI, is ubiquitous in most company networks today, rapidly matching and possibly entirely replacing the traditional wired/ethernet networks. It’s convenient and easy to extend networking into parts of an office or shop that would otherwise be inaccessible and allows pretty much any digital device today to connect to the network and the Internet. Wireless is a broad-spectrum signal, which can bleed outside of your office space which allows unauthorized users to see the network and possibly listen to the traffic, or connect to it and use your network to do bad things against other people’s network without you being aware. Many SMB networks are compromised for extended periods of time and the company never knows about it until it’s too late and data is being stolen or systems are infected with ransomware. Strong wireless passwords help, restricting access to your wireless network to authorized devices only can also be a strong deterrent to minimize your risk.

Can't I just ignore it, no one is going to want to hack us, we're too small/unimportant?

Small businesses are unfortunately some of the juiciest targets for hackers. While you may think the information you have isn’t that valuable, all information has value to someone these days, and people are willing to pay for it. Hackers are criminals, and they steal what they can from easy targets: unless you’re putting effort into protecting yourself, you could become then next news story about a breach, or even worse a cautionary tale about a business that shut down because it couldn’t afford the ransom or the recovery costs to stay afloat.

What if we don't have anything of value that anyone would want to steal?

Many companies think they don’t have anything of value that would be tempting for bad guys to want to steal. Today, information has become gold, and the Internet has become dangerous, with the bad guys plundering whatever they can. There is someone out there willing to buy information, whether it’s your employees’ personal information, your client lists, all information has a dollar sign attached to it today. It’s up to you to ensure that your information doesn’t become the next casualty in the current tug-of-war with cybercriminals and businesses simply trying to make a living.

Where does my information get sold?

Stolen information typically ends up on the Dark Web. Once some piece of information is stolen, it’s out there in most cases forever; even if a site that’s hosting stolen information is taken down, most information resides in multiple locations globally, making it almost impossible to find and delete every instance of information that’s out there.

What is this dark web I keep hearing about?

Nowadays, the digital equivalent of the wild west is called the Dark Web. Unavailable to the casual internet user, the Dark Web houses a treasure trove of stolen information, offering it for sale and trade on chat groups and online forums. People buy, sell and trade collections of Personal Information, Credit Cards, health records, and a wealth of other information with impunity. There’s no easy way for law enforcement to police the Dark Web, let alone capture the bad guys.

Can my employees use their mobile devices on my network?

We are well into the days of BYOD: Bring Your Own Device. As an employer, it’s great because you don’t have to buy your employees a device to work on and the employee gets to use whatever form factor they’re comfortable with (smartphone, tablet, laptop, etc.). The drawback to BYOD can be that those devices don’t have the same level of protection that you’ve applied to corporate PCs and mobile devices. There are a couple of ways to address this–either hire employees to install corporate protection software prior to allowing them to connect to the company network, or create a guest network that bypasses the corporate network and goes directly to the internet. Make sure to only allow employee personal devices to connect to the guest network. Both of these approaches are effective in significantly reducing the risk associated with letting your employees use their own devices at work.

How are my employees a risk?

Employees face a number of risks when using the Internet such as phishing attempts to steal their corporate or personal logins, malicious links in emails that install bad software, and especially ransomware that can infect not just their computers, but also every other computer connected to the corporate network. Theft of employee personal information is a significant issue for the company and for the affected individuals. Employee awareness training, along with a robust set of tools and policies, help to minimize the risk to your employees and make them an important part of your risk management strategy.

How can my employees help?

Employees are your greatest strength. They can also be your biggest weakness when they aren’t trained adequately or equipped with the right tools. By teaching your employees about cybersecurity and the risks they face using the Internet, you’re making them part of the solution. Training your employees helps them contribute to the safety and security of your business and its data.

We don't restrict our employees on our network, what could go wrong?

Many companies take a hands-off approach when it comes to controlling what their employees can and can’t do on the company network. This may allow them more freedom to get their work done, but this freedom comes at a cost, and for some companies that cost can be very steep. An employee can inadvertently open a big digital door into your network in a myriad of ways: using a weak password that can be easily guessed, clicking on links and installing malware or ransomware, storing sensitive/confidential company information in unprotected folders on their personal computers. By implementing a “method of least privilege” approach to data management, you ensure that people only get access to the things the absolutely need to have access to, and can only do the things you explicitly allow them to do, everything else is denied by default. This will reduce (but not entirely eliminate) the possibility of an employee’s bad behaviour taking down your entire company network, and in an extreme case taking down your company!

Why does every employee need their own login?

Shared accounts seem to make sense and many small organizations use them. You can save a few dollars on licensing. It’s easy for two or more people to share a role within your company and overall it may just be more convenient. But convenience also means less control. You can’t implement things like 2 factor authentication, for example, because the second factor would have to be shared across a group of people which isn’t practical (for example, a smartphone to receive texts). One of the biggest downsides is lack of accountability. If something goes wrong, the shared account is used to do something that negatively impacts the business, how do you know who actually did it? You want non-repudiation where possible (the ability to prove that a single person is responsible for an action). Having each user with their own account gives you a lot more visibility and control into your network, resulting in more secure systems and reducing risk to your network and data.

How can our wireless network make us vulnerable?

Wireless networking, or WIFI, is ubiquitous in most company networks today, rapidly matching and possibly entirely replacing the traditional wired/ethernet networks. It’s convenient and easy to extend networking into parts of an office or shop that would otherwise be inaccessible and allows pretty much any digital device today to connect to the network and the Internet. Wireless is a broad-spectrum signal, which can bleed outside of your office space which allows unauthorized users to see the network and possibly listen to the traffic, or connect to it and use your network to do bad things against other people’s network without you being aware. Many SMB networks are compromised for extended periods of time and the company never knows about it until it’s too late and data is being stolen or systems are infected with ransomware. Strong wireless passwords help, restricting access to your wireless network to authorized devices only can also be a strong deterrent to minimize your risk.

Can't I just ignore it, no one is going to want to hack us, we're too small/unimportant?

Small businesses are unfortunately some of the juiciest targets for hackers. While you may think the information you have isn’t that valuable, all information has value to someone these days, and people are willing to pay for it. Hackers are criminals, and they steal what they can from easy targets: unless you’re putting effort into protecting yourself, you could become then next news story about a breach, or even worse a cautionary tale about a business that shut down because it couldn’t afford the ransom or the recovery costs to stay afloat.

What if we don't have anything of value that anyone would want to steal?

Many companies think they don’t have anything of value that would be tempting for bad guys to want to steal. Today, information has become gold, and the Internet has become dangerous, with the bad guys plundering whatever they can. There is someone out there willing to buy information, whether it’s your employees’ personal information, your client lists, all information has a dollar sign attached to it today. It’s up to you to ensure that your information doesn’t become the next casualty in the current tug-of-war with cybercriminals and businesses simply trying to make a living.

Where does my information get sold?

Stolen information typically ends up on the Dark Web. Once some piece of information is stolen, it’s out there in most cases forever; even if a site that’s hosting stolen information is taken down, most information resides in multiple locations globally, making it almost impossible to find and delete every instance of information that’s out there.

What is this dark web I keep hearing about?

Nowadays, the digital equivalent of the wild west is called the Dark Web. Unavailable to the casual internet user, the Dark Web houses a treasure trove of stolen information, offering it for sale and trade on chat groups and online forums. People buy, sell and trade collections of Personal Information, Credit Cards, health records, and a wealth of other information with impunity. There’s no easy way for law enforcement to police the Dark Web, let alone capture the bad guys.

Can’t find your question?
Ask it below and we’ll answer it next!

Submit question- FAQ page

Not everyone learns the same way—
at QuickProtect, we get that

Explore our different learning libraries that coincide with your learning styles.

Need an answer sooner?

Speak to an expert!
They 're standing by 24/7.

Archives: FAQs

Can’t find your question?
Ask it below and we’ll answer it next!

Submit question- FAQ page

Need an answer sooner?

Request PDF Resources!

Request a Vlog Post!

Request a Blog Post!

request blog