Tip of the Week: Hide Your Files in Windows 10

a person using a laptop computer on a desk

No matter what you use your computer for, there are many reasons why you may need to hide your files on your Windows 10 desktop. You could want to hide important files to keep them hidden on a shared computer, or maybe you want to try to prevent anyone from accidentally deleting important files. Or you can hide them to clear the distracting clutter on your desktop. The files you keep on your computer may be essential for you to keep, but if you want to find a better way to organize them, you need to make some changes so they aren’t in the open all the time. 

Windows 10 has built-in functionality that allows you to hide specific folders from view. You can hide your files from view but easily be able to access them all while keeping an organized desktop. If you’re looking to optimize security, you will need to take a little more in-depth path to ensure your files are securely hidden from prying eyes. You can work with IT professionals at 4 Corner IT to learn about file security. 

Hide Your Files from View in Windows 10

Hiding a file from view is more about keeping an organized desktop than security. It’s a personal preference setting that allows you to clean up your desktop and any other folders as you see fit. The setting is easily reversible, so when you need to quickly regain access to those files you’ve hidden on your desktop, it’s a simple task that anyone with any knowledge of folder settings can manage. 

You first need to open your File Explorer and find the File you want to hide to hide your folders. Once you have located your File, right-click on it and select Properties. The Documents Properties window will open on the General tab, where you can review the file settings. If you look towards the bottom of the window, you will see a checkbox next to the word Hidden. When you check the box, it will hide your files from view. This setting does not secure the File. It makes it so that you will not be able to see the File on your desktop any longer.

When you are ready to access any of your hidden files or remove them from the hidden view, open your File Explorer and select the View menu at the top of the window. In the menu items beneath the tab, there is a checkbox next to the word Hidden. When you check this box, you will be able to see all of your hidden items. You can use the above steps to remove your files from the hidden view.  

For more comprehensive security measures and tips, we recommend contacting the technicians at 4 Corner IT. With us on your side, you’ll have nothing to fear from hackers or other cybercriminals stealing your data. To learn more, reach out to us at (954) 474-2204.

Getting Employees to Engage in Cybersecurity

cybersecurity Security

Your staff often needs access to sensitive data and handles it on a daily basis. What they don’t know is that anytime they’re moving files around, corresponding with others over the phone or through email, they’re only a few clicks away from opening your business up to a major cyberattack. Therefore, it’s extremely important that all employees undergo security training. Follow along to discover how to train your staff to spot phishing scams and follow procedures when these situations arise.

To further understand the severity of this issue, simply check the statistics. According to Accenture’s Cost of Cybercrime study, 43% of all cyberattacks are aimed at small businesses, and only a fraction of them know how to defend themselves.

That’s why security training is such a crucial business practice. How you go about educating your staff on cybersecurity is up to you, but here are some tips and methods we’ve found most successful, in our experience. 

#1 Get them to Relate

We’re all aware that cybersecurity isn’t the most exciting topic, but it’s important that your team cares about the issue. That way, they’ll really take it seriously. The best way to do this is by getting them to relate to a victim of a cyberattack and educate them on how common phishing scams and hacks occur, and how damaging they can be.

#2 Always Promote Network Cybersecurity

People are impressionable and tend to follow the lead of others. Creating a company culture that is rooted in network security will impart the same mentality on your employees. 

#3 Consistent Cybersecurity Training

Form a security training plan that is comprehensive, easy to follow, and consistent among all departments. Some beneficial lessons to include are:

  • How to spot a phishing scam
  • Protecting network resources
  • Their role in protecting the company and customer data
  • Password management and best practices
  • How to handle a security breach

If every employee has a solid grasp of these five concepts, you’ll be able to avoid cyberattacks from happening in the first place and have a solid backup plan in case disaster strikes.

#4 Lead by Example

It’s just the truth that cybersecurity is not at the top of everyone’s minds, including most of your employees. Especially if they don’t have a vast knowledge of modern technology and how it functions. Instead of being demanding with them, or getting frustrated at their apathy, support them through security training.

Provide resources, documentation, and communication that will help them understand the severity of the issue, and how they should handle private data in a way that will protect your business. Work with them so they understand how to follow these procedures, and you’ll see major benefits in your network security.

At 4 Corner IT, we can help your business put together a security training plan. To learn more, call us today at 954.474.2204.

Contact Us Today and Check Out Our Blog!

Choosing to Enact a Zero-Trust IT Security Policy Can Significantly Reduce Problems

cyber security zero-trust

It’s often difficult to figure out who and what you should trust with your business’ cybersecurity. How can you know for sure that each individual accessing your infrastructure is secured from threats? A zero-trust model can help by providing reassurance that everyone accessing your network is who they say they are. 

What is Zero-Trust? 

Zero-trust policies are when you don’t inherently trust anyone or anything on your network. This includes devices, accounts, or users on the network. Basically, if someone wants to access your network or any information located on it, they will first have to identify themselves, no matter who they are. They could be a business executive or the average office worker; there are zero exceptions made for a zero-trust policy. Generally speaking, zero-trust policies are governed by some form of external authentication. 

There are many benefits to a zero-trust model. As you might expect, when nobody is inherently trusted on the network, security is drastically increased. When identities are verified before any activity occurs, the network is much more secure. Thus, only authenticated individuals can do anything on it. On the other side of this benefit is what happens when the user is genuine but cannot verify themselves. This might make for a rough implementation process, but once your policies get settled, you’ll find that it will make network access much less stressful for your company. 

What Are the Downsides? 

The greatest challenge that an organization will face when implementing zero-trust policies in the workplace is the major infrastructural challenges that will come about as a result of their implementation—particularly for larger enterprises with large workforces, as this means more devices accessing the same infrastructure, and therefore, more need for continuous authentication. The technologies involved in reinforcing these zero-trust policies can make the logistics difficult without committing wholeheartedly to the process. We recommend that, before you implement zero-trust policies, you consult with security professionals like those at 4 Corner IT to determine if it’s the right call for your business. 

 

If you do decide that it’s the right decision for your organization, 4 Corner IT can equip your company with the policies and technologies needed to ensure it is a successful deployment, as well as the support you might need. With multi-factor authentication and additional protections, you can make sure that only authorized individuals are accessing your network. To learn more, reach out to us at 954.474.2204. 

Contact Us Today!

Discerning Between a Data Breach and a Security Incident Can Fuel Your Response to Each

data breach

Cybersecurity is an incredibly important part of any business, but there are slight differences in various terms that can make for huge misunderstandings. For example, the average office worker might hear of “data breaches” and imagine they are “security incidents.” They might not technically be wrong, but the two terms aren’t exactly the same, either. Let’s examine the definitions of a data breach/security threat and provide some clarity on these terms. 

 

What is a “Data Breach?” 

A breach occurs when someone outside of your organization accesses some of your business’ data through their own specific efforts. Trend Micro defines it as “an incident wherein information is stolen or taken from a system without the knowledge or authorization of the system’s owner.” 

 

Essentially, a breach is when data stored by your business is accessed by an unauthorized user. A data breach is not necessarily a malicious action, but it is still a problem. 

What is a “Security Incident?” 

A security incident refers to any violation of established security policies within your organization, no matter how small. A security incident is, again, not inherently malicious, but they are still problematic for any organization, particularly in regards to security and compliance. 

 

As a blanket term, “security incident” covers a wide range of circumstances, including: 

 

  • Malware infection 
  • Spam hitting an unbox 
  • Physical access to IT equipment and infrastructure 
  • A Distributed Denial of Service (DDoS) attack 
  • Portable storage being misused 
  • A brute force attack enabling network access 

 

Security incidents are usually categorized according to their severity, as in how serious the incident is and how much of a company’s attention has been given to resolve them. Serious problems like data breaches, Distributed Denial of Service attacks, and advanced persistent threats (APTs) are considered high-priority security incidents, whereas others like malware infections or unauthorized account access might be considered medium priority. Low-key incidents would be things like false alarms or false positives. 

Isn’t This Just a Difference in Semantics? 

It might not seem like a big difference, but the difference is in fact quite important. If you don’t know what type of security issue you are dealing with, you don’t know how to resolve it. If you can encourage your team to use the correct terminology when discussing security threats, you can ensure that they know the warning signs and are able to appropriately report what they are experiencing. This will give your business the ability to catch and resolve threats before they become even worse problems. 

We Can Help You Prevent Data Breach Threats from Getting That Far 

For any security initiative, it’s important for users to be aware of how their actions can impact the entire organization. 4 Corner IT can help you train your employees and implement comprehensive security measures to keep your company safe. To learn more, reach out to us at 954-474-2204. 

Contact Us Today!

Ads Can Carry Malicious Code

malware malicious code

Sometimes you might be browsing the Internet and come across an advertisement for free downloads of Windows applications. Obviously, this is too good to be true, and hackers tend to exploit advertisements to spread their malicious code across devices. Malvertising is used to deliver various types of threats, all of which can cause considerable harm to unprepared businesses. 

The malvertisement threat in question is a new campaign targeting users in Canada, the United States, Europe, Australia, and Nigeria. It aims to steal information like usernames, passwords, and other sensitive credentials. 

Types of Malicious Code

ZDNet reports that this new malvertising campaign—called Magnat by Cisco Talos—spreads a malicious browser extension using Trojan malware. Thus, providing a backdoor entrance to the user’s device. This new, as-yet-undocumented threat appears to be custom-built over the past several years. Other types of malware used in this campaign include a password stealer. This is installed on the user’s device through the use of the backdoor. 

The browser extension (also a keylogger) and the password stealer are standard fare for threats. However, the backdoor, called MagnatBackdoor, is a special type that allows attacks to gain remote control over a PC without detection. It also adds a new user to the device and installs keyloggers, as well as other malware. Thus, enabling the attacker to steal sensitive information. Researchers believe that the threat works like a banking trojan with the primary aim being to steal credentials for individual sale on the Dark Web. Of course, the credentials could also be used by the attackers, too. 

 Malware Distributuion

This malware is distributed primarily through advertisements that link to malicious file downloads, with the big kicker being that these adverts advertise popular software applications. While there is reason to be concerned about this campaign, it’s also important to know that it’s nothing new. These threats are commonplace and security researchers, as well as security professionals in the field like ourselves, fully understand how to keep your devices as safe as possible. 

 

4 Corner IT wants to help your business keep itself safe from these types of threats (and more). If you need some pointers on how to keep your employees from clicking on these advertisements, we can provide training, as well! To learn more, reach out to us at 954-474-2204. 

Contact Us Today and Check Out Our Blog!