With technology advancing at such high speeds, it can feel straining to keep up with the latest digital talk and terms. Understanding technology-related words and phrases are useful not only to impress your tech-savvy colleagues but most importantly to give you the knowledge you need to make solid IT decisions for your business. In this blog, I have listed and defined several common IT terms so that you have the right background information at hand to better understand the IT side of your organization. Let’s get started:
For a long time, the phrase “computer virus” was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack or malware. Whereas a virus is designed to replicate itself, any software created to destroy or unfairly access networks and data should be referred to as malware.
Spyware is malware used by hackers to spy on you, so they can access personal information, banking account details, online activity, and anything else they may find valuable. On mobile devices, spyware can know your whereabouts, read your text messages, redirect calls, and much more.
Don’t let all the other words ending in “ware” confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid for its return.
Intrusion Protection System (IPS)
There are several ways to safeguard your network from malware, but IPS solutions are quickly becoming one of the non-negotiables. IPS solutions sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.
Not all types of malware rely on advanced computer programming to be effective. Many experts agree that the majority of attacks require some form of what is called “social engineering” to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.
Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.
Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well known malware variants.
Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cybercriminals release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.
When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from potential attacks. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.
When antivirus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage or redundant data. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that you’re equipped with backups if there is a malware infection.
Encrypted connections protect you. Open Wi-Fi networks are unencrypted, which is why they’re risky. Anyone can create a fake hotspot and trick your device into joining it automatically. When you use open Wi-Fi without protection like a VPN, anyone on that network can see the sites you visit, your log-in passwords, your financial and personal data, and more. Hackers often name their phony Wi-Fi networks after popular spots (like “Starbucks”), knowing that most devices automatically rejoin hotspots they’ve used in the past. Hackers can even redirect your unencrypted traffic, sending you to malicious sites. Always avoid using Open Wi-Fi networks when working with personal or work-related information.
The terms I have mentioned provide a great base understanding of the various cyber-attacks out there and ways they can be prevented. Learning these terms is crucial to know why following cybersecurity best practices and having robust security protocols within your organization make such a difference. If you are interested to learn more about cybersecurity methods, we at BerganKDV can help. Take our free mini security assessment for a baseline analysis of how your company’s security methods stack up or contact our team to start a conversation.