Simplifying and Prioritizing Advanced Threat Response Measures

I had to go to the doctor the other day because I was miserable and sick. I don’t like going to the doctor so I waited until my stuffy nose and congestion turned into a full blown sinus infection. The doctor said this thing was going around, and I should be better in a few day with my prescription. Where did I catch this demon inside my face? Was it the plane? Was it the hand rail on the shuttle bus? Was it the gas station pump? Was it my kids? Wouldn’t it great if you could ask your doctor, “So doc where did I catch this?” and have the doctor say, “Oh you picked this up from the shopping cart at the grocery store on 4^th Street, and it look like 25 other people caught it too.”

Your doctor can’t do this yet but IT security professions can.

Trend Micro recently introduced advanced analytics capabilities for its network security solution, Deep Discovery. These new capabilities will help IT security professionals understand more about the attacks on their networks. By correlating the event data from Deep Discovery Inspector, Deep Discovery Director – Network Analytics will simplify and help prioritize advanced threat response measures for security professionals. Essentially allowing them to answer the question I was asking my doctor above. Where did I catch this? But it won’t stop there. Deep Discovery Director – Network Analytics will not only show the first point of infection, but it will also track where the threat has spread – showing who else has been impacted, and what external severs it is reaching out to such as command and control servers. As many attacks take place over several days, it is hard to comb through all the events and logs to piece together an entire attack. Now with a click of the mouse it will show the entire attack life cycle going back 90 days. This visibility and real-time reporting can be invaluable when management is asking for details about the latest threats or outbreak.

Attacks that slip past perimeter protection solutions can go undetected in the network for months on average. Lateral movement detection should be a top priority, however most advanced threat solutions only monitor north/south traffic. Deep Discovery Inspector will monitor north/south and east/west traffic with the same device. This reduces the number of devices and all the management and logistics that go along with them. As seen in the screen shot above lateral movement is a key part of this attack and if it is not monitored the threat can spread across the network unbeknownst to the security team.

If you are using Deep Discovery Inspector to monitor your network ask your Trend Micro contact about Deep Discovery Director – Network Analytics and see how it can help you correlate, prioritize and simplify the events reported by Deep Discovery Inspector.

If you using another product for advanced threat detection consider using Deep Discovery to help augment your current deployment by monitor the east/west traffic and provide threat analytics, while your existing solution monitors the north/south traffic.

It is never too late to get a second opinion.

The post Simplifying and Prioritizing Advanced Threat Response Measures appeared first on .

Carrier Grade Security Means … Using Carrier Grade Security

It’s a common mistake in enterprises to copy-paste security solutions from a peer. Strategies can be recycled, but sadly with even very similar businesses almost always have radically different IT and security requirements. I recall one hospital that looked at a nearly identical peer hospital that was only a few miles away. Much of the technology was similar, even down to the IT products (SAP, O365). Digging in they realized the differences in custom apps, how they patched, how contractors serviced them, and the capabilities of their security staff meant they’d need their own security architecture. If even similar organizations in the same horizontal have particular security needs, it only emphasizes that small and medium businesses (SMB), enterprises, and carriers usually have unique needs. Some of these differences are easy to find: some enterprises can dictate that an endpoint protection platform (EPP) be deployed on connecting devices, whereas a carrier can’t dictate that to customers, or an SMB with 200 endpoints has different management console requirements than a carrier monitoring 50,000 through intermediaries such as partners and affiliates. Carriers also have a much higher sensitivity to false positives while having to accommodate incredible degrees of heterogeneity: stepping on a customer’s legitimate interaction is rated much differently for a carrier than in most enterprises or SMBs.

Carrier security is changing in response to very different forces. 5G promises to be a technology as significant to carriers as cloud as has been to enterprises. Like enterprises, IoT presents to carriers and telcos vulnerabilities and issues of scale but the scale issues of carriers are often a magnitude greater and the impact of a vulnerability allowing a backdoor from the internal carrier network is not just a risk of security but one of brand reputation and potentially safety.

Network function virtualization (NFV) has been a big deal in cloud and data center security, and is also so for carriers but in a different way. With the first iterations of virtualization and cloud, enterprises weren’t able to address the virtual network directly and implement their own security as add-on services and were usually left with the choice of only using what the CSP or hypervisor vendor provided, or constructing inefficient hair-pinned flows to workloads simulating a netsec delivery. CSPs and hypervisor vendors reacted to allow enterprise customers and 3^rd parties access to virtual network functions and switches in order to provide network access and virtualized security. Carriers also went through a parallel path. Carriers had access to NFV but the scale meant that the enterprise NFV security solutions weren’t useable, and most weren’t even close to securing the types of equipment that carriers deployed, nor in the way they were secured. Like cloud and hypervisor NFV security options opening up, carrier grade NFV security evolves as well, and is in fact being jumpstarted by 5G and IoT. And how NFV security is provided to customers is unique in carriers, with types of security being value-added services that require mechanisms for provisioning, updating and monitoring, often by partners.

The bottom line is that carrier security increasingly becoming specialized to the carrier market, and carrier grade security means using carrier grade security solutions rather than repurposed security from other verticals and hortizontals.

You can read more about this week’s announcement for carrier grade security and Trend Micro here.

The post Carrier Grade Security Means … Using Carrier Grade Security appeared first on .

4 data breach dangers facing your business

The combination of high-profile cyberattacks and a global focus on data protection have made data security a priority for businesses of all sizes. Our guide presents the four largest data breach risks for small businesses.

Over the past 12 months it has become clear that the cybersecurity landscape is changing rapidly for small businesses. 2017 saw a string of high-profile attacks including WannaCry and NotPetya which has made improved security essential for not only the protection of sensitive data, but also to protect against the negative impact that downtime can have on the finances and reputation of the company involved.

The rise in attacks has demonstrated that while essential, having strong cybersecurity is not enough. With almost 90% of cyberattacks linked to human error or behaviour, ensuring the security of data now requires a robust policy of training, personal responsibility and dealing with trends of the mobile workforce alongside traditional security measures.

Taking responsibility for the security of sensitive data has become even more important in the European Union thanks to the implementation of the General Data Protection Regulation (GDPR) in May 2018. This new legislation will ensure that businesses operating in (not necessarily based in) Europe face heavy fines if they do not implement adequate security measures to protect the data they hold. This will see the maximum fine raised to €20 million or 4% of annual turnover – a penalty that could be as damaging to small businesses as an attack.

With one in five small businesses becoming the victim of cybercrime each year, GDPR is a global reminder for companies to build trust and confidence with clients over the safety of their data. It is also an opportunity to review other internal practices to ensure that either the existing data security policy is effective, or that one is put in place.

While this list is not exhaustive, it does reflect some of the most common ways that SMBs may suffer a data breach and investigates how to protect against them.

1. Cybersecurity threats

Malware

The most high-profile threats to data security for small business are malware attacks. The breadth and speed with which attacks such as WannaCry and NotPetya swept across the world highlight that this is not just an issue for governments and corporations, but businesses of all sizes. Small businesses may feel they are ‘too small’ to be a target, but this complacency could result in an attack that the SMB struggles to recover from.

It is estimated that the worldwide damage cost of ransomware attacks could reach $11.5 billion annually by 2019 as attacks continue to evolve into new forms of threat.

To defend against attacks, it is vital that strong endpoint security is not only in place, but regularly updated to ensure that newer threats are identified as early as possible.

Social engineering

This is the broad term for online confidence scams: bad actors leverage human emotions and behaviours against the victim to secure access to contacts, passwords and other sensitive data. Phishing emails – those that appear to be from trusted sources such as a bank and are sent by the perpetrator en masse – are the most well-known of these types of attack.

While phishing emails are often easy to spot, more targeted attacks known as spear phishing can be much harder to identify. This is because the cybercriminal will research the target and tailor the attack accordingly. It can be as simple as an HR email that appears to be from the victim’s real HR manager or a tech support call, but it may be enough to gain access to a company’s network and place malicious files.

As this method is so targeted, it often bypasses traditional spam filters, making the email recipient the only barrier between the attacker and the company’s network. Spear phishing attacks are increasingly common, with a 50% rise in Q4 2017.

With 74% of cyberthreats accessing systems through links and malicious attachments, the key to preventing this kind of risk is in training. If employees can identify suspicious communications and alert their manager to anything they might be unsure of, the chances of becoming the victim of an attack could be significantly reduced.

2. Device loss/theft

Flexible workers, that is, people who work from home, are expected to account for 42.5% of the global workforce by 2022. While this trend can offer increased productivity and reduced costs for cash-strapped small businesses, it also introduces or increases the risk of data breach. Staff accessing business data on mobile devices makes the risk of a lost or stolen device increase dramatically.

While a break-in at an employee’s home could happen, the most common case of misplacing devices is not likely to be malicious. An employee who commutes to work, or who works flexibly between locations, may have left their laptop on a train or misplaced their mobile device. However, with only 5% of missing laptops being recovered, it is critical that access to sensitive business documents and data has multi-layered security (password, PIN, secure encryption, etc.) This means that if a device is stolen, it is unlikely that the perpetrator would gain access to sensitive data.

There is still a risk of devices being lost, stolen or misplaced even if they are provided by the company. However, these devices are more likely to have company security software installed and therefore be more secure than personal devices. Implementing a robust bring your own device (BYOD) policy will help to bridge this gap and reduce the risk associated with personal devices.

An effective BYOD policy should be detailed and clear so that everybody knows what is expected of them with regards to accessing and storing sensitive data and setting up security measures such as two-factor authentication and strong passwords. The policy could also include permission to remotely track, lock or wipe devices using a Mobile Device Management (MDM) system, in the event that they are lost or stolen.

3. Weak network security

Weak passwords

A network is only as strong as its weakest point of entry. It is therefore essential to build a culture where login details are not shared and access to shared documents and sensitive data is monitored to ensure it is only available to those who require it.

With just 30% of UK organisations requiring staff to use multi-factor authentication, the combination of an increasingly mobile workforce and weak passwords should be a major concern to SMBs. 80% of breaches are thought to use stolen or simple passwords and so it is vital to ensure that staff not only use secure passwords, but change them on a regular basis. This policy needs to be universally implemented so that personal devices are as secure as those in the office.

Learn more: Create a strong password in three easy steps.

Out of date software

One of the reasons that WannaCry was able to have such a dramatic impact was because so many machines were running outdated versions of Windows, such as Windows XP, that were no longer supported by Microsoft. By not keeping software updated and installing the latest patches, these devices became vulnerable to the attack.

It is a basic task but, as with the passwords, installing updates, patches and fixes are vital to security. If it is not a part of your best practices and universally implemented across every device in your small business, it is a potential way for a bad actor to infiltrate your network.

4. The Insider Threat

The risk of a data breach is not always external. While most time and money are focussed on protecting data from outside attacks, the insider threat cannot be ignored by companies of any size. Crowd Research Partners’ Insider Threat Report (2018) revealed that 90% of companies are at risk of insider threats and more than half were attacked in 2017.

An insider could be any current or former staff member – the term refers to anyone with authorised access to systems or data who then exploit that access. For example: an employee about to leave the business who accesses and records contacts from a database to take to their new employer. These actions could be careless (or ignorant) or malicious, but either way, by misusing that access, they cause the theft or destruction of data.

A third of organisations feel they have no capability to defend against an insider attack, although there is plenty you can do to reduce the risk. Make sure all staff are aware of their responsibilities by improving oversight and the implementing data and cyber protection policies. This is especially important for SMBs where individuals may be involved with a number of different responsibilities across departments and require wide access.

In most non-malicious cases, training and the construction of a culture of responsibility will help to reduce the risks of carelessness and ensure that the basics of security are universally maintained company-wide. For malicious attacks, it is important to regularly monitor access privileges so that permissions are only given to those who need them and are changed when no longer necessary. It’s also worth including a non-disclosure agreement in staff and freelance contracts.

Is your business at risk?

Of the risks detailed above, there are likely to be some that you haven’t considered or fully prepared for. While it is vital to implement a modern and fully updated antivirus solution, the evolution of the threat means that software should only be one part of a holistic security program. By producing best practices and providing training, SMBs can build a culture of awareness and proactivity around preventing the risks of a data breach throughout their employee base.

Discover AVG’s range of antivirus solutions for small business here.

Update your AVG Business clients ASAP

Final call to update all your AVG Business clients before the old versions hit end of life.

AVG Business Edition version 2013 and 2016 reach end-of-life (EOL) August 1, 2018. From this point forward, these versions will no longer be supported, which means they will no longer receive virus definition updates.

If you are managing clients using AVG Business Edition 2013 or 2016, be sure to upgrade as soon as possible. Consult our upgrade info page to learn how to update and discover what’s new in the latest version.

You need to update if you (or your clients) use any of the following software:

AVG Business Edition 2013
AVG Remote Administration 2013
AVG Business Edition 2016
AVG Remote Administration 2016
AVG Internet Security Business Edition
AVG Antivirus Business Edition
AVG File Server Edition
AVG Email Server Edition
Avast Business CloudCare versions 3.6.4 and below
Avast Business Managed Workplace 11 and below’s integrated antivirus

If you have any questions or concerns about the update, please contact AVG Business Support.

The cost of data loss to your small business

This article details how much a cyberattack can cost a small business and explains how you can work out how much an attack might cost your business.

“SMBs are underprepared for constant attacks that can cost them thousands”

Here are some statistics to consider:

Security breaches due to cybercrime increased by 27.4% in 2017
Small and medium-sized businesses have higher average costs related to malware, online attacks and phishing than large businesses
On average, security intelligence systems, such as antivirus, save businesses (large and small) in the US $2.8 million (2017)
Only 21% of US small to medium-sized businesses say they are able to protect against threats.

(Sources: Ponemon Institute, Business Insider, CNBC)

These and other figures paint a concerning picture. Small business owners (SMBs) are underprepared for constant attacks that can cost them thousands.

How much is your data worth?

Part of the problem is that many SMBs don’t know what’s valuable – or, at least, everything that is of value. We lock our doors, keep cash in safes and have intruder alerts. But what about your digital data?

While it may not be that valuable to someone else, it’s invaluable to you, which is why ransomware attacks work to get YOU to buy it back. How much a company’s data is worth is often only quantified when a cybercriminal steals it and offers it back at a cost. How much would you pay for all of your data?

The aim is never to get to this stage.

All small businesses should aim to collect their valuable data and protect it.

What’s the data?

Contemporary businesses rely on a wide variety of data types. How these businesses manage the collection and protection of that data is crucial to ensuring customer satisfaction.

Your business gathers and uses data that relates to its core activities:

production
marketing
sales
fulfilment
invoicing
human resources

First you need to decide which data types play the biggest role in the operation and success of your business.

For example:

You might need certain data and information when you want to create a new product
You need contact information of your clients, suppliers or leads
When you take an order, you’ll need to collect payment card details to process the transaction and an address to send out an invoice for it
If you want to deliver the goods, you’ll need times, dates, a courier, as well as an address to fulfill the order
You need your accounts data for filing taxes and returns

Next, you need to know how to protect those data types.

Integrating protective measures is essential from the outset: reinforcing data management processes – through staff training and written policies – and adding safeguards at the point of access. Following that with the deployment of a secure database, encryption, and password protected access ensures multiple layers of protection for each vulnerability.

For what it’s worth

The cost of cybercrime to you and your business will depend on what your business does, how it makes money and what form the attack is.

Financial loss is always harmful whether as a result of having to pay out to repair a compromised system, compensate customers, or to pay fines to the relevant authorities if you’re found to be in breach of legislation. It will have a detrimental and unforeseen effect on your revenue and cash flow.

The ransom

Your digital data – reports, surveys, emails, corporate information – is an essential part of the service you offer. How much would you pay to get it back if you suffered a ransomware attack? On average, small companies are asked to pay £3,000 per user ($4,200.00).

The time

How much time – and therefore money – would it take to rebuild your data if it was permanently deleted? Even if you pay the ransom requested by the malicious hackers, there is no guarantee you will get your data back. Plus, ransomware is just one type of cyberattack. There are plenty of viruses that can compromise your data and not provide you the opportunity to get it back.

Many companies shut down during cyberattacks and this has a cost. For example: an attack means you and 20 employees can’t work for two days. If the average employee gets paid £200 ($275) per day, the attack has already cost you £8,000 ($10,980.) Then figure in the time to rebuild your digital assets (assuming you can.) If it takes each person a week’s work to rebuild databases, repopulate address books and scour emails for invoices, purchase orders and other data, that’s an extra £20,000 ($27,450.) Now factor in any new business you have been unable to do, what is the loss of earnings? If you turn £5,000 ($6,860) per day, that’s £25,000 ($34,310) over a working week.

Now the figure is starting to look like £53,000 ($72,740.)

Tech and protection

Of course, that £53,000 ($72,740) – or whatever your initial costs total – is before you look at other damage costs. This may include outside technical support to clean and rebuild servers, new machines and the antivirus that people invest in all too late. This could easily add a few more pounds or dollars to your bill.

Your bank account

If you or one of your team unwittingly gives security data to a cybercriminal, it could cost thousands. For example, Choice Escrow and Land Title LLC suffered a data loss incident in which cybercriminals stole the company’s online banking ID and password and transferred $440,000 ($320,580) to a bank account in Cyprus.

One small marketing business in Chicago had two separate accounts accessed by perpetrators within 12 months. The first breach was stopped by the bank, but the second account had $20,000 (£14,570) stolen in multiple withdrawals, before the business owner realized what had happened.

Fines and litigation

There are other important reasons to protect your data. In the US businesses must comply with a variety of State and Federal laws and regulations; in the UK, companies have to comply with the Data Protection Act.

Economic regions also have their own requirements that member and non-member states need to be aware of, such as the European Union General Data Protection Regulation (GDPR,) which came into effect on 25 May 2018.

Failure to manage your customers’ data in accordance with the relevant laws can result in fines, litigation, and even criminal convictions. Penalties for not complying with GDPR, for example, are up to 4% of your annual international turnover or, for the most serious breaches, €20million ($24million/£17.5million.) Failure to comply might also affect the ability to deliver a service or product to your customer.

Another important aspect to consider is that companies and individuals have the right to sue you, if you are the source of a breach of their data that you hold. Thousands of employees sued Morrisons supermarket over data breaches. The same fate befell Seagate, who were sued through the Northern California District Court for their data breaches.

Although small businesses are not affected by lawsuits to the same extent as bigger companies, one statistic states that the average small business earning $1million (£730,325) annually will spend about $20,000 (£14,600) on legal costs every year. So it’s worth considering the impact data breaches can make on any budget you set aside for litigation costs.

To help your business protect its data, it can follow the guidelines set out in ISO/IEC 27002, the international standard for information security. Alternatively, it could even achieve formal compliance.

Your team

Businesses have a responsibility to protect the data of their employees, and breaches can endanger your colleagues: people with families and livelihoods of their own.

Some businesses even end up having to close after an attack, which means everyone is out of business and looking for a job. By failing to protect your digital assets you are placing everyone at risk.

Reputation

And what about your reputation? You might say it’s hard to quantify value like that, but if negative press and subsequent distrust means your revenue drops by 20%, it’s easier to quantify.

Equifax is not only being sued, but its plummeting share price shows the impact of distrust.

Any loss in customer trust could also hamper your future success and the reputation of your brand or business. Your customers may reasonably think that, if you were hacked once, why couldn’t it happen again? Confidence in your brand or business can drain faster than the battery of your smartphone.

Protecting your business

9% of small businesses get burgled
0.1% of UK businesses were affected by fire*
90% of all data breaches affect small businesses.

You lock up at night. You have security cameras and burglar alarms. Your phone has a screen lock. You have smoke detectors and sprinklers. And then you insure your premises and other liabilities, to make sure that if these measures don’t work, you can recoup damage costs and rebuild your business.

So, why don’t small business protect their digital assets in the same way? It costs a fraction of an attack and gives you peace of mind, just as your locks, insurance and smoke detectors do.

Learn more about the price of protection compared to the cost of a cyberattack, or discover how AVG Business antivirus can protect your small business.

______________________________

FOOTNOTE:

*This figure is the number of fires (7209) as a proportion of the total number of businesses in the UK according to UK Gov: 5.7m.

2016 figures for number of fires by business sector:

1725 – retail premises

602 – Offices

2113 – Industrial premises

596 – Accommodation

1621 – food and drink premises

552 – agricultural premises

Total: 7209

Source: UK GOV.

Cybercriminals and the risks to small business

Why do cybercriminals target small businesses so much? And what can SMBs do to protect themselves?

Malicious hackers, better known as cybercriminals, are in the news a lot. From ransomware perpetrators extorting money to anonymous’ political hacktivism, cybercriminals are more active than ever – exploiting an increasingly connected world. But what are the risks to small businesses? And what can small business owners (SMBs) do to protect themselves from these malicious individuals and groups?

What cybercriminals do

It doesn’t take long to find a site or network with poor security. Threat actors don’t spend days or weeks trawling the internet looking for sites to hack. They create code that ceaselessly scans for weaknesses, flaws and open doors, such as weaknesses in accounting software, or social media.

A single hack may only result in a few hundred sets of credit card details. But that sensitive data is still highly desirable because of its value on the black market or to the business owner who will pay a lot of money to get it back.

Even if the cybercriminal doesn’t sell or share the data they steal directly, they can use it to set up other accounts online and create false or duplicate identities based on real people – your staff, your customers, your partners. These identities are then used to commit fraud or other crimes. Or simply to cause disruption and havoc.

Why target SMBs?

The evidence is clear. Regardless of company size or the cybercriminal’s objective, the main reason many small businesses are hacked so easily is because of the low-level security measures they have in place. A shift in attitude is required.

SMBs are attractive to bad actors because they tend to have weaker online security
If you have any Fortune 500 companies as customers, your company is an even more enticing target, as it can act as an entry point for cyberattackers
Perpetrators can easily steal information and hold it for ransom.

SMB negligence?

What is not so clear is why businesses are still leaving their keys in the ignition. Believe it or not, the most popular passwords in 2017 were still ‘123456’ and ‘password’.

Likewise, when a business owner thinks ‘I’m a small business, malicious attackers won’t be interested in me’, they may not bother investing in antivirus software.

If this is the case, they’re letting their guard down on at least two counts: a misguided belief and much weaker security. Both of these increase the attraction and ease with which cybercriminals can break in.

“One study reported that in 2017 only 17% of small businesses in the US used antivirus software.”.

A change in attitude

Think of your business as being in a constant state of compromise and flux. This doesn’t have to be as pessimistic or alarming as it sounds. It’s a pragmatic approach based on the recognition that trying to predict and defend against all possible attacks at all possible times is extremely resource intensive and costly. Rather, it is best to accept that a certain amount of compromise is always likely.

With that in mind, you can then maximize and allocate whatever resources are available in tackling the most likely attacks. This represents a constructive and helpful shift in attitude. It means you accept that you can’t always foresee every attack and instead you take steps to minimize the impact in case a big attack happens.

What can you do to protect yourself?

In a short amount of time, by carrying out a few straightforward measures, you can easily raise your level of security against the most common threats, without an extravagant cost to your business.

We recognize that small businesses owners can’t always afford dedicated IT support or commercial levels of antivirus. That’s why we created AVG Business’ multi-layered security antivirus software designed specifically for small businesses’ needs and budget.

As well as ensuring you have an up-to-date, high-quality antivirus, it is essential to train your employees to recognize threats, update their software and know what to do if they think they’ve been compromised.

Read our infographic article that details all of the points of entry cybercriminals can use to gain access to your business. This includes information on:

Mobile devices
Passwords
The cloud
Emails
Websites
Two-factor authentication
Public Wi-Fi

Cybercriminals: who are they and what do they do?

People are using the term ‘cybercrime’ more and more, but what exactly are cybercriminals? Who are they? What do they want? And, how do they get it?

This article explains who cybercriminals are, what drives them and how they access, infect, steal and extort – often without knowledge or consent.

Who are they?

Malicious attackers are a varied group. The hooded figure at a laptop stock image that appears on so many articles about cybercrime can be misleading: they’re not just young, male, individuals.

In this list of notorious cybercriminals you will see old and young, men and women, from all over the world – driven by a range of motives. Perpetrators are also often part of a criminal group.

What do they want?

Cybercriminals want a number of different things, including:

Money (extorting or transferring money from accounts)
Power/influence
Financial information
Personal profiling data (passwords, etc)
Corporate data
Sensitive information (government institutions, personal data from public/private companies)
Information relating to new product research and development
Access to systems (to create ‘zombies’)
To place software on your machine (adware, spyware.)

Sometimes what the bad actor initially wants – passwords, personal data, customer information etc – is just part of a grander scheme.

Why?

While perpetrators and their activities are secretive, we do know that their motivations vary. Most bad guys want to steal your money, and they use a number of approaches to get it, including those at the bottom of this page.

From social engineering threats to ransomware, money is often the main aim. This may include access to a number of types of data, from credit card information and contact information to IP addresses, usernames and passwords.

Another aim of many cybercriminals is corporate espionage: stealing information, data or ideas. It may be that the data itself is valuable or that the breach damages a business’ reputation.

Political hackers, or ‘hacktivists’ – such as the loose grouping known as Anonymous – put their skills to work exposing or attacking establishment bodies such as governments, financial institutions and other entities they see as corrupt.

Timeline of Anonymous activities

Who do cybercriminals target?

Larger corporations have more financial resources to invest in defense. Malicious attackers are well aware of this. So, alongside attacks on enterprises, they also logically target more vulnerable links in the chain: small businesses.

The data that these small businesses process is often extremely valuable, both to the SMB and to the client they are supplying or partner with. Cybercriminals know this too.

Anonymously, and from international bases, perpetrators produce programs and software designed to scour the web, hunting for those weak links, wherever they may be.

Types of attack

So, how do the cybercriminals get what they want? There are many ways to hack into a website or network – and it won’t always be obvious that an attack has happened – but the most common forms of attack to look out for include:

Cross-Site Script and Request Forgeries

Cross-Site Script (XSS): This enables bad actors to inject malicious code into legitimate webpages. It can then be used by the attackers to compromise the machines of users that access the compromised page, or bypass access controls, to carry out fraudulent transactions.

Cross-Site Request Forgery (CSRF): This is where an attacker takes on the credentials (e.g. IP address, browser information, cookies) of a user when they access a website and perform malicious actions without being identified.

Social Engineering Attacks

This is where a bad actor attempts to gain the confidence of an authorized user of your website or business systems and gets them to reveal information that will enable them to later compromise its security. They might reach out to your employees on social media in and out of working hours, or hang around a coffee shop near the office and strike up a leading conversation. Here are three examples of Social Engineering Attacks:

Phishing: cybercriminals will send you an official-looking email purporting to be from one of the sites or apps you might use e.g. PayPal. In the email they will ask you to click on a link or reply to it with a certain piece of sensitive information. These emails are usually sent out in large quantities, targeting as many people as possible.

Spear Phishing: spear phishing is similar to phishing in that an email is used to lure people into surrendering information or clicking a link. However, rather than sending these emails to as many people as possible, they are extremely targeted. The email may appear to come from someone you know – for example an employee who occupies a position of high authority or someone from a larger business you work with – and the bad actor will have spent time researching how to write the email in a way that will fool you.

Drive-by Downloads: this is where a person visits a webpage and a piece of malware is downloaded without their knowledge or them even clicking anything. That malware may then allow other types of hacking to take place.

Malware

Malware such as Trojan Horses, Viruses, Worms and Spyware contain malicious code, sometimes hidden inside another apparently harmless looking program. When activated, they gain control of your computer and can delete or amend files, secretly capture your login details for other websites, or conduct other disruptive activities without you being aware.

Ransomware: This is where a bad actor uses malware to infect a network and block access to all or specific files. They then request a payment in exchange for the safe return of the files. If a ransom is not paid (or even when it is!) the data remains stolen or is permanently destroyed.

SQL Injection

This is where the cybercriminal adds Structured Query Language (SQL) code to a web form input box, which then gives them access to your resources or the ability to make changes to the data in your systems. This kind of malicious hack can go undetected and, in certain cases, seriously affect your search rankings.

How do I stop perpetrators damaging my business?

People play as big a role in cybersecurity as antivirus software like AVG Business. That’s why, in the battle to defend your business against cybercriminals, it’s essential to:

Invest in cybersecurity software for your business to immediately and comprehensively protect your business from a range of security threats
Train your employees to stop bad actors from gaining access to social security data, online accounts, bank account or other sensitive data, so that they don’t put your business at risk from attack.

Learn more about protecting your small business from cybercriminals.

How to protect a small business from hackers

A step-by-step guide detailing the areas small businesses need to address to protect themselves against cyber threats.

“Is your business protected? How can you make sure you’re protecting your business against cyber threats?”

You hear about hacks on the news. Maybe you know someone whose business has been hacked, contracted viruses, lost data or even been the victim of a ransomware attack. Or maybe it’s happened to your business? If it hasn’t, you’re one of the lucky 48 percent, because 52% of small businesses experienced cybersecurity breaches in the 12 months before September 2017.

Maybe there’s one going on right now? This question may seem sensationalist , but on average it takes a business 120 days to discover a data breach.

Protective steps

So, is your business protected? Is it enough? Do you know what you need? And how can you make sure you’re protecting your business against cyber threats?

FACT: Only 39% of small businesses have formal policies covering cybersecurity.

This short guide will cover a number of simple but essential areas to address:

Employee training

The best security policies start with the individual. If every staff member is well trained on the protective steps and security measures they can take, the chain is immediately reinforced at every stage.

FACT: Only 25% of small businesses gave their staff cybersecurity training in 2017.

Passwords

The first thing you and your teams can do is to use a strong and unique password for each account.

A strong password consists of a mix of the following:

Uppercase letters: F X W
Lowercase letters: k g m
Numbers: 7 4 9 0
Symbols: @ & ! $
12 or more characters

The second important means of defense is to keep your passwords strong and confidential!

You can put your business in a good position by:

Limiting how many people have access to your systems
Limiting what types of data people can see and edit
Changing the default password when you create an account
Using a password manager and choosing strong passwords
Not using the same password for multiple accounts
Not writing down your passwords

Check your tech

Defeating or deterring the cybercriminals doesn’t stop at strong passwords.

These simple checks will help ensure your IT security is in good shape:

Update your software

Make sure your apps and operating systems are up to date. Software updates improve efficiency and repair any apparent vulnerabilities.

Check your firewall and antivirus

Do you have them installed on each device in your network? Are they both up to date? Are the right settings applied? As the statistic below shows, it is essential to keep your antivirus up-to-date to protect against the onslaught of new virus strains and types of attack.

FACT: In a three-month period, 18 million new malware samples were captured.

Check your backups

Running a daily backup means you can restore everything to a recent point in the past, limiting the loss and helping you recover as quickly as possible if you are compromised. This has become particularly important as ransomware attacks continue to grow. By backing up your data on a completely separate system, you are limiting the impact of ransomware attacks – you’ll be able to access the stolen data using your backed-up copy, rather than taking the risk of paying the ransom (which offers no guarantee that your data will be returned).

Read our complete guide to protecting your business from ransomware attacks here.

FACT: Avast has blocked more than 122 million WannaCry ransomware attacks in 194 countries since Spring 2017.

Check your code

If you do not have the appropriate internal resources, invite an IT professional to scan your systems and perform a penetration test to confirm that the coding and hosting of your website is both robust and free of common errors.

You may want to invest in an SSL certificate, which is not expensive.

See our Point Of Entry infographic that shows the various ways cyber criminals can get into your business.

What to do if your business is breached

If your business is one of the 52% of businesses that gets compromised every year, knowing how to respond and what steps to take first could make all the difference. Taking these steps can prove to your customers that you are taking the problem seriously and reacting to their concerns and needs.

Focus

At this point you need to quickly understand what has happened, the impact it is having, the consequences, and how to fix it. This is not the time to go looking for a scapegoat, it is time for careful and considered action.

Be cautious

Don’t dive in straight away and try to fix the problem yourself because you might make things worse or disturb important evidence. Only fix it if you are certain you have the skills, tools, knowledge and authority.

Call in an expert

Experts cost money, but the potential losses could be far greater: a loss of new sales, reputation, and loyal customers. It goes without saying that experts cost far more than the price of protecting your business in the first instance.

Tell your customers

When you know what happened and how it affects your customers, tell them. Be open, up front and honest. Your reputation is just as important as your sales. Ask them to change their password if they have an online account with you.

Upgrade and update

If you were breached because of outdated software or hardware, this is the time to update and upgrade. If you were breachedked because of outdated business processes, implement new ones.

Stay vigilant

Keep an eye open for news about the latest threats, even if they happened to a large company or government. The same flaw may exist in your software, hardware, website or network. Find out what the cause was and figure out if it applies to you. If you’re not sure, call in an expert.

If you want to discover more about the risk level of your own business, head to our Small Business IT Security Health Check and run a diagnosis.

The price of protection vs the cost of attack: antivirus for small business

Running a business is a challenge, especially when simple decisions can have an impact on your bottom line. That’s why we’re taking the cyber protection conversation back to basics: comparing the price of antivirus to the cost of an attack.

Fail to prepare, prepare to fail

Small business (SMB) owners know the importance of being prepared. Predicting the future is hard at the best of times, so business owners need to prepare for the impact of events affecting business continuity on everything from reputation and cash-flow to productivity and profit. For example, managers will account for how a long-term sickness in the team or a sudden hike in supply cost can unbalance their books so contingency costs can be factored into budgets.

How can small businesses prepare for a cybersecurity incident?

While 60% of small businesses have been a victim of cybercrime, most small businesses won’t buy any cyber protection in the upcoming financial year. So, considering the multiple entry points that a business offers to hackers, why is the cost of a cyberattack not a priority for SMBs?

The answer may lie in the lack of resource in small business. While large organizations often have entire IT departments, start-ups and medium-sized businesses usually have other priorities – from cash flow to winning new business. So, when cash is tight, why fork out on cyber protection?

This article will answer that question.

By helping you to compare the cost of protection with the potential cost of a cyberattack, you will be armed with the knowledge you need to make the right decision for your business.

The cost of a security breach

Industry experts Cybersecurity Ventures have predicted that cybercrime will cost $6 trillion a year by 2021. This figure may sound alarming, but many SMBs fall victim to the idea that ‘we’re too small to be targeted’. The truth is that small business are targeted, and usually for the very reason that they are less protected than larger companies and therefore an easy target.

A survey conducted by the Federation of Small Businesses (FSB) in 2016 showed that, on average, a small business will be attacked four times every two years, costing them £3000 ($4,200).

Ransomware is an attack that holds sensitive data hostage until a payment is made – and it’s on the rise. By 2019, a business will fall victim to a ransomware attack every 14 seconds, compared to every 40 seconds in 2016. The average ransom asked for is about £3,000 per user ($4,200), and almost half the ransomware attacks in 2016 spread to at least 20 other users. If your company has 20 staff, that’s a hefty £60,000 you could be coughing up.

The cost of an attack to a business is not only immediate, it could have a long-term effect on your business. Do consumers or clients want their information to be held by a company that has had a data breach? According to the US Securities and Exchange Commission, six out of 10 small businesses close six months after a cyberattack.

Your employees also may have something to say. Hackers behind a phishing attack in early 2017 targeted businesses and requested employee’s personal tax information be sent to them. The attack was clever – and made to look like it was from an executive or official. More than 120,000 employee tax forms were handed over. Phishing attacks are the most common form of cyberattack, affecting half of small businesses.

The cost of antivirus for business

When money is tight, small business owners can’t be blamed for balking at the prospect of spending thousands a year on a security solution – after all, how often does an attack even happen to a small business? (answer: 52% of small businesses suffered a cyberattack in 2017).

However, most cybersecurity companies offer products specifically developed for small businesses, alongside their consumer and big business products. Consumer versions are consistently priced per device, no matter how many you buy, whereas SMB antivirus packages offer cost effective scaling options for cheaper buying in bulk.

Business protection ranges in price depending on the features and quality of the antivirus software. For example, you can expect to pay about £30-£40 ($42-$56) per year for business antivirus protection on one computer. The cost per computer then reduces to around £20 per device as you scale to cover more PCs. So, if you have a business with eight computers, you can expect to pay about £160 ($222) per year. In contrast, buying premium consumer licenses would cost upwards of £550 ($763.)

Most standard licenses last between one and three years and the best antivirus usually includes internet security, a firewall and remote management. Basic offerings may be advertised for free, but always check the features included in the free version as this is unlikely to offer the level of protection necessary to fully protect your business.

Cost of antivirus protection vs cost of a cyberattack

Reading all these facts and stats can be overwhelming, especially for a small business owner simply wanting to ‘do the right thing.’ So, to make the information easier to digest, here’s a side by side comparison.

Cyberattack

A colleague receives an email with a link which, when clicked, downloads a virus that impersonates email accounts of the staff in your business. Over the next few weeks, unbeknownst to you, the hacker responsible for the virus siphons information that allows them to access your business bank accounts and customer database.

Over the next week, the criminals steal almost £400,000 from your account (similar to the case of construction firm PATCO, who lost $545,000 and were reimbursed less than half of this by the bank) and corrupt your customer database (as happens in a fifth of cases.)

When you discover the attack, you must stop operating immediately to investigate the incident and check for further breaches. The loss in revenue is about £30,000.

After the attack, the team works extra hours contacting customers to explain the situation and ensure the details stored on them are correct. This costs the business about £5,000 in additional working hours and other admin costs. At the same time, a potentially lucrative business client pulls out as they are concerned about their data being compromised. You lose £6,800 from the collapse of this deal.

Total cost to your business: £441,800 ($616,824.)

Antivirus protection

You buy antivirus protection for your business’ 11 computers for the next five years.

Total cost to your business: £1,650 ($2,317)

Conclusion

Antivirus is an annual cost that’s probably less than you think, and one that you can easily account for in your yearly budget planning. An attack may never happen to you – but cybercrime is on the rise, and if you are attacked, could you easily recover? How many customers might you lose after an attack before you can no longer balance your books? How important to you is continuity of service?

There is no simple answer when it comes to weighing up decisions around business spending, but from what you’ve learned here, you should be feeling more empowered and more informed.

If you’re interested in learning more about security solutions for small business, you can compare our solutions here.

Congratulations to the winners of the Google Play Indie Games Contest 2017 in Europe

Posted by Adriana Puchianu, Developer Marketing Google Play

We have just wrapped up the second edition of the Google Play Indie Games Contest in Europe! The iconic Saatchi Gallery in London welcomed 20 developers, from 12 countries, who showcased their games to the audience of gamers, industry experts, and journalists.

The finalists' games were on show to the public, who spent three hours trying out their games and voting for their favourites, alongside the Google Play team. The top 10 finalists were then selected, and went on to pitch their games, and compete for the big prizes in front of our jury.

Please join us in congratulating the winners! They will be bringing home a well-deserved diploma, along with a prize package that will help them reach more gamers worldwide; including premium placement on the Google Play Store, marketing campaigns of up to 100,000 EUR and influencer campaigns of up to 50,000 EUR, the latest Google hardware, tickets to Google I/O, and much more.

It's really inspiring to see the excitement around this second edition, and great to see the new wave of indie games coming from Europe. We are already looking forward to playing the games that will be developed in 2018!

Check out the main winners and the other finalists on the Google Play Store!

Winner

Bury me, my love

Playdius

France

A reality-inspired interactive fiction designed for mobile phones. It tells the story of Nour, a Syrian woman trying to reach Europe in hope of a better life.

Runners up

Old Man's Journey

Broken Rules Interactive Media GmbH

Austria

A story game about life's precious moments, broken dreams, and changed plans.

Yellow

Bart Bonte

Belgium

A puzzle game for you! A love letter to a marvelous colour and to the little wonder called touchscreens. Warning: very yellow!

The other games that have made it into top 10 are:

Captain Tom Galactic Traveler

Picodongames

France

An open world platformer and space exploration game. Embark on an exploratory mission, discover planets, collect oxygen, play with gravity.

I Love Hue

Zut!

United Kingdom

A minimalist, ambient puzzle game influenced by mindfulness apps and abstract art. Players arrange shuffled mosaics of coloured tiles into perfectly ordered palettes.

Jodeo

Gamebra.in

Turkey

Jodeo is a 2D jelly critter. There's something it's curious about: what if 3D objects and 2D physics are in the same game? How can 2D objects interact with 3D objects?

Kami 2

State of Play

United Kingdom

The calming yet addictive puzzle game is back! With over 100 handcrafted puzzles, it takes you on a mind-twisting journey that combines logic and problem-solving.

Kenshō

FIFTYTWO

Russia

A tile sliding puzzle with a wonderful soundtrack. Mysterious things happen in a ruined room. Doors inside that room lead to different worlds and beautiful landscapes.

No More Buttons

Tommy Søreide Kjær

Norway

A hand-drawn platformer where the buttons are part of the environment.

The Big Journey

Catfishbox

Ukraine

Designed for kids and adults alike, this a beautiful, casual adventure. Tilt to roll around and explore a beautiful world with Mr. Whiskers.

How useful did you find this blogpost?

★ ★ ★ ★ ★

Meet the finalists of the Google Play Indie Games Contest in Europe

Posted by Adriana Puchianu, Developer Marketing Google Play

Back in October we launched the 2nd edition of the Google Play Indie Games Contest in Europe, with the aim to identify, showcase and reward indie gaming talent from more than 30 countries. We were amazed by the innovation and creativity that indie developers from the region have to offer.

Selecting just 20 finalists has once again been a huge challenge. We had a lot of fun playing the games that will go on to showcase at the Saatchi Gallery on February 13th in London. Without further ado, we are happy to announce the Top 20 finalists of this year's edition. Congratulations to the finalists and thanks to everyone else who has entered the contest.

A Planet of Mine
Tuesday Quest
France

Bridge Constructor Portal
ClockStone Softwareentwicklung GmbH
Austria

Bury me, my Love
Playdius
France

Captain Tom Galactic Traveler
Picodongames
France

Core
FURYJAM
Russia

Flat Pack
Nitrome
United Kingdom

Fern Flower
Macaque
Poland

I Love Hue
Zut!
United Kingdom

Jodeo
Gamebra.in
Turkey

Kami 2
State of Play
United Kingdom

Kenshō
FIFTYTWO
Russia

No More Buttons
Tommy Søreide Kjær
Norway

Old Man's Journey
Broken Rules Interactive Media GmbH
Austria

Radium 2 | Ra²
Developster
Germany

The Big Journey
Catfishbox
Ukraine

The House of Da Vinci
Blue Brain Games, s.r.o.
Slovakia

The Office Quest
11Sheep
Israel

Unbalance
TVEE
Turkey

Undervault
Andriy Bychkovskyi
Ukraine

yellow
Bart Bonte
Belgium

Check out the prizes

All the 20 finalists are getting:

A paid trip to London to showcase their game at the Final held at Saatchi Gallery
Inclusion of their game on a promotional billboard in London for 1 month
Inclusion of their game in a dedicated Indie Games Contest collection on the Indie Corner for one month in more than 40 countries across EMEA
Two (2) tickets to attend a 2018 Playtime event, an invitation-only event for top apps and games developers on Google Play
One (1) Pixel 2 device

They will also have the chance to win more prizes at the final event.

Join the Google Play team and the finalists at the final event:

Anyone can now register to attend the final showcase event for free at the Saatchi Gallery in London on 13 February 2018. Come and play some great games and have fun with indie developers, industry experts, and the Google Play team.

How useful did you find this blogpost? ★ ★ ★ ★ ★

The Importance of Design in Business Strategy

Consumers care about aesthetics. Steve Gustavson, executive creative director at Adobe, reported during the MAX session “Making Sure Design Has a Seat at the Strategy Table” that 50 percent of companies surveyed claim that design plays a huge role in how they achieve success. Companies that focus purely on data-driven strategies, without considering how design influences consumers’ impressions, run the risk of turning people away.

With design holding such importance in modern business, it needs to be an integral part of your decision making process. Design culture and thinking should be heavily involved in every business strategy, and that requires making sure your design teams and professionals have a say in company decisions.

Evolving your company mindset from a sole focus on numbers to a joint focus on design and data takes some work. Communication is key. Using resources like Creative Cloud for teams can help your company get on the same page and facilitate design conversations throughout the business. The sooner you start incorporating design principles, the easier it will become to shift your focus. The following tips will help.

Understand the purpose of design.

Good design tells a story. It unifies your brand and drives innovation. Simone Cesano, senior director of design operations at Adidas, shared the story of his company at Adobe MAX. Adidas was founded in post-World War I Germany due to the rising popularity and accessibility of sports. Its founder worked hard to figure out the design for the best possible athletic shoe, and it paid off. Jesse Owens was wearing Adidas when he won his four gold medals in track and field, and professional athletes continue to perform well wearing Adidas spikes.

Adidas found success because it started with a good product, and has continued to build on that product. Rather than stagnate, it hires designers to explore new options for shoe material and design to help propel the company into the future. Designers help Adidas remember its story and traditions, which pushes the company to seek high-quality products, and they also help the company stay ahead of the game. If given the chance, your designers can do the same for your business. Recognize that designers have the power build on the past and control the future.

Encourage collaboration.

Your employees may not realize the role design can play in helping your company succeed. The designers may feel like they operate in a silo. And product managers or marketers may assume the designers have nothing to contribute to strategy. The first hurdle you must overcome is getting your teams to understand that the whole company is working toward a single goal.

Creative teams crave information. And the best creative solutions are formed when they have access to the right information like demographic, psychographic, or other audience insights. When teams are armed with these strategic insights, they’ll produce better work, and you’ll spend less time doing revisions for work based on incomplete or incoherent briefs. When marketing, product, and design teams collaborate to create delightful experiences for customers, brand loyalty and love will increase.

Collaboration can also help you avoid redundancy and harmful competition. And collaboration requires trust. Pitting your internal creative team against an outside agency — based on who’s better, cheaper, or faster — is the exact wrong way to build it. When treated like a commodity, trust is lost and communication suffers. Leading brands are building amazing in-house creative teams because they want design leaders who can play a strategic role in building content and products. Know when to use external agencies for fresh insights, but involve your internal team in the process.

Get everyone involved.

Many designers — and employees in general — don’t want to take orders. Cesano noticed that his team often received a lot of pushback when they made requests, so they changed the way they approached their employees. “We stopped thinking of the organization as an army where the general speaks and things are done. We started looking at the organization as a bunch of people that we had to convince.”

They started listening to their employees more, asking everyone in the organization for insights on how to do things better, and keeping all employees informed of company developments. As a result, the company began inviting everyone to regular meetings to discuss information, as well as to receive training on new tools. These breakfast meetings evolved into opportunities for employees to learn how other departments operated and for everyone to learn new skills and share ideas. It improved company culture and allowed all employees to have a say in business development.

Give your designers the best tools.

Digital technology is constantly changing and improving, and training your designers to use new resources will not only ensure you get state-of-the-art content, but will also drive creativity and employee satisfaction. Improving digitized processes also means the work gets done faster, while remaining high quality and allowing for innovation.

Provide the necessary resources and training. Any time lost learning new skills will be paid back with improved efficiency.

Put design to work for your company. Invite your design leaders to be more involved with your business strategy so you can deliver better results. Because when you give design a seat at the table, your customer’s experience will improve — and so will your bottom line.

If you’re looking for more ways to build collaborative teams, start with Creative Cloud for teams.

Point of entry: how hackers could get into your business

Look around your office. Windows, doors, maybe you have big air conditioning vents. That’s not the only way criminals can steal from or damage your business.

You may have heard about viruses, malware and even the WannaCry ransomware attack in May 2017, but do you know about the ways these threats can get into your business?

This cyber threat map shows you all the ways malicious parties can get inside your business, from your desktop computers to Wi-Fi and staff mobile phones.

How does a computer hacker get into a company’s network?

Stopping hackers from different points of entry

Staff computing devices

Various groups and individuals try to get employees of businesses to install spyware, adware, malware or viruses to their computing devices, like laptops, notebooks, and desktop computers. These devices are vulnerable because they run complex operating systems that aren’t walled off like a mobile device.

A common malware entry point for desktops/notebooks is directly from the web. The two methods employed are:

Drive-by download (a program automatically downloaded to your computer without consent or knowledge). Drive-bys occur when a vulnerability in the web browser or a browser plugin is exploited.
Social engineering. The user is tricked into accepting a download from the web that is actually malware.

Another common entry point is via email. Opening attachments that are either malware or a malware install program is the most common method of infection via email.

Finally thumb drives can be configured to automatically run a program when accessed. Unknown thumb drives either found or received from an unknown source can and occasionally do contain malware that will automatically infect when the thumb drive is inserted.

This topic is especially important because people use these endpoint machines to store lots of data and intellectual property (IP). Some is stored on servers and/or the cloud, but not all. Once a piece of malware is resident on your PC/Desktop/Notebook, it can execute and start doing things to your data.

Making servers more vulnerable still is the fact they often have applications that provide services across the network and these services can be compromised – affecting or infecting multiple machines. Once inside one machine, malware can crawl other linked machines on the same network and infect them.

Your server may be at risk from hackers because it’s a target for many types of attacks. For example: many servers that store critical data for websites and services use SQL (‘structured query language’ – a programming language used to communicate with databases) to manage the data in their databases. A SQL injection attack uses malicious code to get the server to expose information it normally wouldn’t.

Network

A network is a collection of computers, servers, network devices and/or other devices connected to one another. While this is done to allow the easy sharing of data, it also opens up multiple attack vectors to threats.

The network is typically used as a transportation mechanism for malware once inside, but there are also threats that attack directly from outside.

As such, there is a wide and terrifying array of network security attacks that use the network to reach your business’s devices. It is essential to protect your network against external or internal attacks.

The Cloud

Cloud computing has been beneficial to most businesses, with its access allowing increased efficiency of collaborative working and delivery of digital assets amongst others. But with convenience come dangers.

By having your private and/or sensitive data stored outside a locked box – outside your network – it is vulnerable to hackers.

The cloud can leave you open to data breaches (theft), data loss and service hijacking. Making this more hazardous is week user credentials.

Good quality cyber security and two-factor authentication are essential for those using the Cloud for business.

Passwords

This is a key way in which hackers acquire access to your assets whether internal or in the cloud, so it’s essential to keep your passwords protected. While instituting a strict company password policy is a sound business practice, it is not always enough. Use a secure password manager in tandem with your policy and you’ll be safer.

Many organisations use two-factor authentication to further secure their systems.

Mobile devices

The proliferation of mobile devices in the work place has brought new threats. Whether you operate a BYOD policy (bring your own device) or you provide company devices for work, your business is open to new risks.

The main threat comes from devices without a PIN (or a weak PIN) that get stolen. And while there is often not much data on the devices, they allow access to company systems and software. Strong passwords on mobile devices are essential.

A key challenge is making sure the owner’s activity is safe. If they access something malicious by accident in their own time – from their personal email or a website – they may endanger the whole business by giving access to hackers. Many businesses advise their staff not to use public wi-fi while out of the office – as it is a key entry point for hackers and malware.

Staff

As well as external attacks, many companies worry about internal threats from employees taking advantage of access: stealing data or damaging/infecting systems on purpose. EY found that 56% of executives saw employees as the most likely source of cyberattacks.

The actions of your staff cover a range of potential threats – as it is often their failure to spot a threat that allows hackers and malware into systems and software. Social engineering threats are designed to trick people and many click on links in emails or open attachments that infect whole networks. What makes this harder is that many staff either don’t know, or try and conceal their mistake.

Most businesses closely monitor the software their people use and don’t allow the download of free or unauthorised software or apps – a wise move.

Many organisations are now training their staff to be vigilant and know how to recognise vulnerabilities and threats.

The Internet of Things

Connected devices is one of the latest new potential entry points. If you have connected items, you may be opening your company up to cyberattack. The problem is that many IoT devices have poor communication implementation between the device and supporting cloud service. This can make many devices vulnerable, in some cases allowing attackers to take over your IoT devices for further attacks or even spy on your business – where think cameras are connected.

Not only is privacy a key concern, but people may be able to hijack your devices and take control of what those devices control.

It is predicted that 50 billion devices will be connected to the internet by 2020, so it is essential that we make sure they, and our businesses, are protected.

Emails

Emails are a common source of entry, from phishing to malware.

Email phishing is one of the oldest and most successful hacking techniques.

Attackers send out mass emails disguised as an authentic communication from a bank, subscription service or online payment site. The email tells the recipient to verify their account information by clicking on a link. The victim supplies log-in information and the hackers take money from that account or divert money to theirs.

Websites

Many websites carry malware and other threats – some without even knowing it. Hackers can break into a company’s website, steal data (cross-site scripting) and/or use it to deploy malware and viruses onto unsuspecting visitors.

Buffer overflow techniques are used by high-level hackers who gain access to customer data via online forms. Hackers navigate to an online form and provide excessive data in a form field. Sophisticated hackers can often break through the system with complex lines of code to steal data, cause damage, or provide the hacker with an alternate point of entry. Simple security techniques are often unable to combat these attacks.

Two-factor authentication

While two-factor authentication is becoming a standard in business, it is no longer recommended. The fact that people think that ‘it is safe’, means it is prone to social engineering attacks. Hackers have been known to target individuals, saying they need to download an app to do two-factor authentication, which then monitors their texts, stealing passwords when they arrive on the second device.

Unsecured Wi-Fi

Unsecured or public Wi-Fi can be as hazardous for users as it is for providers. By offering unprotected internet to your staff or guests, you may also open yourself up to threats from hackers.

Protect yourself from these threats and more, by using subscription-based cyber security software.

Google Play’s Indie Games Contest is back in Europe. Enter now

Posted by Adriana Puchianu, Developer Marketing Google Play

Following last year's success, today we're announcing the second annual Google Play Indie Games Contest in Europe, expanding to more countries and bigger prizes. The contest rewards your passion, creativity and innovation, and provides support to help bring your game to more people.

Prizes for the finalists and winners

A trip to London to showcase your game at the Saatchi Gallery
Paid digital marketing campaigns worth up to 100,000 EUR
Influencer campaigns worth up to 50,000 EUR
Premium placements on Google Play
Promotion on Android and Google Play marketing channels
Tickets to Google I/O 2018 and other top industry events
Latest Google hardware
Special prizes for the best Unity games

How to enter the contest

If you're based in one of the 28 eligible countries, have 30 or less full time employees, and published a new game on Google Play after 1 January 2017, you may now be eligible to enter the contest. If you're planning on publishing a new game soon, you can also enter by submitting a private beta. Check out all the details in the terms and conditions. Submissions close on 31 December 2017.

Up to 20 finalists will showcase their games at an open event at the Saatchi Gallery in London on the 13th February 2018. At the event, the top 10 will be selected by the event attendees and the Google Play team. The top 10 will then pitch to the jury of industry experts, from which the final winner and runners up will be selected.

Come along to the final event

Anyone can register to attend the final showcase event at the Saatchi Gallery in London on 13 February 2018. Play some great indie games and have fun with indie developers,industry experts, and the Google Play team.

Enter now

Visit the contest site to find out more and enter the Indie Games Contest now.

How useful did you find this blogpost? ★ ★ ★ ★ ★

Future of technology: what are SMBs’ worried about?

As new technologies emerge, small businesses are often the first to put them to work, from the internet and social media to BYOD and cloud computing. Technology has revolutionized the way business is done. With irrefutable benefits – speed and reach of communication, efficiencies and access to global markets – come new threats.

A positive and proactive approach to using new technologies to grow businesses has been a hallmark of SMBs and start-ups – but do owners and employees place enough emphasis on tackling accompanying threats to cyber security? Are SMBs concerned about data breaches, rogue artificial intelligence or the use of genetic screening for employees?

We surveyed more than 100 small businesses with 19 questions about cyber security, privacy and artificial intelligence.

Below is a countdown of the answers – starting with the threats that small businesses were most concerned about.

Key findings:

Hacking and security breaches are the main concern of SMBs
Privacy, surveillance and personal data is a key concern
SMBs and their employees are concerned about governments and big business using technology against competitors – and even their own staff
SMBs aren’t that worried about artificial intelligence and robots.

AVG RMM Platform for MSPs now includes security assessment

New AVG Managed Workplace from Avast now offers MSPs an easier way to identify, communicate and resolve security risks at their business customers’ sites, directly from our RMM platform.

Small and medium-sized businesses have just as great a need as large enterprise to keep their data safe and secure. But costly, complex assessment and monitoring solutions are often all that’s available. Starting today, Avast is offering Managed Service Providers (MSPs) a simplified way to perform real-time security assessments and consolidate the data into easy-to-read reports that prescribe solutions for issues. From these reports, MSPs can quickly recommend solutions, take actionable steps to remediate issues, and demonstrate how they are keeping businesses safe and secure – all from the Managed Workplace remote monitoring and management platform (RMM).

AVG Managed Workplace site security dashboard

Security threats and data breaches can be catastrophic for SMBs, which increasingly are targeted by cybercriminals. This heightened vulnerability is yet one more challenge for MSPs, not only because security expectations have increased, but also because MPSs’ critical role is more visible. Recent CompTIA research noted that the managed services sector is expected to grow at the same rate as high-growth market categories such as Internet of Things: nearly 30%. While monitoring and management will help MSPs with their daily work and this expected demand for their skills, these tools and platforms must focus on the security of networks and devices. The new Managed Workplace security assessment enables MSPs to do a health check on customers’ networks right from the RMM platform, providing real-time assessments that are easy to generate and communicate, coupled with the actionable plans needed to stay ahead of threats and protect SMBs.

The new Managed Workplace security assessment includes 4 core components:

Site security dashboard: From the dashboard, MSPs can add or remove sites, view all of the sites they manage, and easily navigate to each site’s security overview to display details for categories that include antivirus security, patch security, and user security.
Site security assessment: This powerful tool performs a security assessment for any or all managed sites, analyzing various aspects of security, such as status of antivirus software,

password management policy, or patch management.

Site security score: When an assessment runs at a site, MSPs get a security score of vulnerabilities at that site and can see issues contributing to the score. The individual assessments will also show what is at risk, how to mitigate this, and what action is needed.
Site security reporting: Three reports are available depending on the level of detail needed, including a security summary, a site security report, and a site security detailed report. Through the reports, MSPs can easily demonstrate what steps they are taking to keep their clients’ business safe and discuss areas for ongoing improvement.

AVG Managed Workplace security overview, user security

Industry research has shown that more than half of the SMB data breaches in the past year have involved customer and employee information, which companies have spent more than $800,000 to recover. And our channel partners have told us that helping their clients understand the role people play in security issues is one of their biggest security challenges is – a challenge that can often be resolved by knowing what measures to take to prevent these risks. The trouble is, most security monitoring and assessment tools only solve for some of what MSPs need. We knew we needed to provide MSPs with a better way to communicate both the specific factors contributing to their clients’ security risks and the ways in which their services resolve these issues. Managed Workplace 11 equips MSPs with the tools to have valuable security conversations with their clients and demonstrate tangible solutions.

For more information about AVG Managed Workplace 11 and to access a free trial, please visit us online.

Protecting your business from the next ransomware attack

With more than 120 million ransomware samples in 2015 alone, now as of 2017, it has become one of the fastest growing and lucrative threats to businesses on the web.

Ransomware disguises itself by hiding inside of email and website links and then hijack your computer until you agree to pay the ransom. Prevention is possible and important to avoiding these types of attacks. Our AVG Business survival guide will help you protect yourself and your business before the next threat occurs.

Photo credit: Unsplash photographer Illya Pavlov

WannaCry and Bring Your Own Device – What next for SMBs?

Bring your own device policy develops a need for key best protection practices after WannaCry ransomware attacks creates an immediate demand from businesses for stronger cyber security and patch installations.

After WannaCry saw businesses worldwide held to ransom, the need for better cyber security and installing the latest software patches has become a high priority.

To protect from cyber-attacks, best practice recommends updating software, running antivirus, and backing up data. But this is not always quick and easy to do – especially if the business has a bring your own device (BYOD) policy in place.

Many employees now use their personal devices for business. This offers the convenience of being able to work remotely and reduce the cost of managing IT for the business. But because it’s a personal device, it is also natural for employees to want to keep control of it.

In other words, how can a balance be struck between personal privacy and protecting business systems and data which the device might have access to?

One solution

With the agreement of the employee, businesses can use Mobile Device Management (MDM) software to check that personal devices used for work, such as smartphones, tablets, and laptops, are updated.

However, this software can also track a device’s location and potentially wipe its data remotely, if it is stolen for instance. This presents something of a dilemma for the employer and employee.

There is a risk that employees would feel pressured to agreeing to such software being used – even if for positive reasons – or that it is implicitly giving the employer permission to spy on them.

Personal control

The major anxiety for employees surrounding MDM is the danger of either losing personal data or it being seen by other people outside of their private circle. If the device was stolen and the company chose to wipe it, personal content like family photographs, could be destroyed alongside business data.

The concern for business is that by not having such controls in place, they may not be able to prevent unauthorized access to business data or systems. Regarding their employees, the concern for business is that their anxieties are not unfounded.

Even a simple connection to a company system like Microsoft Exchange ActiveSync means that IT staff could remove or delete personal data from an employee’s phone. MDM potentially increases this access to make photographs, private documents and browsing history accessible to employers too.

Furthermore, if the business faced litigation or were involved in an official investigation of some sort, the employee’s phone, along with their personal content, might be seized and the content viewed by investigators, lawyers, a jury and judges.

Gaining trust

While employees’ concerns are valid, if the business clarifies what the MDM does and why it is important, this could go some way to building trust and agreement.

While small businesses might not have a dedicated IT specialist or the technical know-how to implement MDM, having a brief and honest chat with employees is unlikely to be enough to allay their concerns.

Developing an acceptable use policy for BYOD is best practice, but technical language or legalese could further confuse employees who might not quite understand what they are agreeing to. What is required are BYOD policies that are easy to understand, transparent and updated regularly to maintain their effectiveness.

Balance

While it is easy to frame the concerns around MDM as a conflict between maintaining personal privacy and keeping business systems safe and data confidential, the reality is different.

Attacks like WannaCry pose a threat to both business and individuals because any of the information on an unprotected device could be held to ransom, stolen or corrupted.

Security is not something just for IT staff to deal with, it is something everyone has to be involved in for it to succeed. This will require regular and practical training to boost understanding and develop trust. With that in place, employer and employees are more likely to work together to combat potential cyber-attacks in the future.

Three steps towards cyber safety for SMBs:

Assess yourself

AVG’s Small Business IT Security Health Check is a starting point to assess how strong the digital security of your business is. The results point out practical steps SMBs can take to re-assess cyber security.

Take advice

Check the best practice for your region. Official advice recommendations from US-CERT include applying relevant patches, enabling strong spam filters, and ensuring antivirus software is set to scan regularly.

Educate yourself

While BYOD has many benefits, understanding the pitfalls is essential to building a successful policy. AVG’s free Bring Your Own Device eBook will guide SMBs and help to construct a BYOD policy that is beneficial for everyone.

Synnex and Avast announce an exclusive internet security solutions partnership in Australia and New Zealand

Synnex announces an exclusive internet security solutions partnership with Avast to roll out the entire AVG security software portfolio by Avast to its channel partners in Australia and New Zealand.

Melbourne, Australia / Redwood City, California, May 8th, 2017 –

Synnex today announces an exclusive partnership with Avast, the global leader in digital security products for businesses and consumers. Synnex is rolling out the entire AVG security software portfolio by Avast to its channel partners in Australia and New Zealand.

Kee Ong, CEO, Australia and New Zealand, Synnex, said, “The exclusive partnership with Avast represents a strong offering in our security software and cloud services portfolio for ANZ. Channel partners can leverage the extensive security solutions by Avast across SMB and Mobile Enterprise businesses. This represents many opportunities for our existing Mobile hardware vendors and channel partners to formulate bundled security solutions to drive additional revenue streams.”

Synnex partners can now extend their service offerings to include AVG’s managed workplace, RMM and antivirus protection software solutions, to help businesses protect their data and streamline their IT infrastructure. The move reinforces Synnex’s commitment to continue to invest heavily in its Channel Cloud marketplace and expanding its Cloud vendor portfolio.

Michael Tea, General Manager, Ecommerce & Cloud Services at Synnex, said, “We have been in discussions with Avast for well over 12 months and it’s been a long and fruitful road to formulate this exclusive partnership. We are excited to be launching with AVG Security products by Avast and are looking forward to extending the partnership to the rest of the APAC region. As part of our exclusivity, Synnex will also add another 1,500 AVG Partners to its valued reseller base.”

Out of a user base of 400 million Avast users worldwide, 160 million of them are mobile users. Avast has the most advanced threat detection network in the world. The security technology runs in the cloud, based on a vast machine learning network. Each of the endpoints acts as a sensor for malicious files and activities. When Avast’s artificial intelligence technology determines that a file is malicious, it pushes this information to their cloud servers, resulting in full protection of more than 400 million users, in nearly real time.

“SMBs face similar security challenges enterprises do, but often lack the time and resources needed to manage and secure their IT infrastructure, which is where our partners can help them,” said Erik Preisser, Senior Sales Director at Avast. “Synnex’s large IT channel footprint in Australia and New Zealand, as well as their high quality standards and capabilities to sell complex products will significantly help us expand our reach in the market.”

About Synnex

Synnex Australia Pty Ltd is the largest ICT distributor in the Australian market, providing quality branded computer, IT devices, telecom products, servers, components, peripherals, imaging and printing, consumables, networking, storage, software, enterprise solutions, volume licensing, security surveillance solutions, and Cloud services. Synnex Australia commits ourselves as a world-class leader in ICT distribution. Through its established strategic partnerships with leading ICT manufacturers, Synnex is dedicated to offering their customers a wide range of products and solutions backed by comprehensive infrastructure, knowledgeable support, competitive pricing and superior services. Synnex Australia Pty Ltd is a division of Synnex Technology International Corporation, the largest IT distribution company in the Asia Pacific region and ranked third largest worldwide. In Australia, Synnex services over 8,000 resellers, all business types in the IT industry businesses including SME Resellers, System Integrators, Computer Retailers, Original Equipment Manufacturers, Corporate Retailers, National Retailers and VARs.

For more information on Synnex, please visit www.synnex.com.au.

For more information on AVG Business by Avast on Synnex, please visit www.synnex.com.au/go/avg

About AVG Business by Avast

Avast (http://www.avast.com), the global leader in digital security products for businesses and consumers, protects over 400 million people online. Offering products under the Avast and AVG brands, Avast protects data, devices, people from threats on the internet and the IoT threat landscape. The company’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. The AVG Business by Avast portfolio provides solutions that secure, simplify and optimize the IT experience for SMBs worldwide.

AVG Business by Avast’s cloud and on-premise security solutions are tailored for the channel and include a remote monitoring and management platform with security built into the core. Channel partners are also supported by Avast’s comprehensive partner program which provides the tools and knowledge to help them sell AVG Business by Avast products.

Synnex Media Contact:

Michael Tea

E-mail: michaelt@au.synnex-grp.com

http://www.synnex.com.au/

RMM Is MSSPs’ gift that keeps on giving

The opportunities for growing your MSP/MSSP business are huge. Start with a proven and flexible remote monitoring and management (RMM) platform for the optimal health and security of SMB.

Remote monitoring and management (RMM) is the backbone for MSPs/MSSPs to ensure the health, availability, and security of their SMB customers’ networks, but not all RMM solutions are the same. With security as a service (SECaaS) growing in popularity – and profitability: the MSSP market is expected to experience a compound annual growth rate (CAGR) of 14.8% between 2015 and 2020, from $17.79 billion to $35.53 billion – it’s vital that service providers select the RMM solution most appropriate to their clients’ needs and the current threat landscape. Doug Cahill, senior analyst with Enterprise Strategy Group, said, “ … there are tremendous operational and efficacy benefits an organization can realize from security-as-a-service and it’s the delivery model that should become the new normal.”

The main benefits of managing through RMM are well known, including recurring revenue, the ability to handle more clients, disaster prevention (business continuity), and lower travel costs. Additional benefits allow the MSP to offer additional SECaaS services incrementally, including continuous monitoring, data loss prevention, encryption, identity and access management (IAM), intrusion management, security information and event management (SIEM), and vulnerability scanning.

But not all RMMs (there are more than 20, e.g. AVG Managed Workplace) are equal. Critical capabilities include:

System security
Work on multiple devices at the same time
Centralized management
Solve service issues without impacting client performance
Automation
Compatibility with a service desk tool

Other capabilities to be considered include ability to scale, asset inventory, patching, and discovery/monitoring.

AVG Managed Workplace, the only RMM offering from a security company, provides these capabilities and more. In addition to reports, patch management, and support of iOS and Android devices, Microsoft Office 365, and VMware ESXi Management, the key features of AVG Managed Workplace 10 include:

Service dashboards for fast corrective actions and results
Task automation with advanced scripting capabilities, to automate resolution of common issues, conduct system maintenance, and perform administrative functions
Insightful reporting to support your clients and demonstrate your value before and after the sale
Patch management – review, approve and automate deployment of security patches – for Microsoft and other third-party software
Network monitoring and alerting, supporting over 500 applications and devices to prevent or resolve potential issues
Asset management that systematically tracks software and hardware assets with comprehensive reporting for you and your clients
PSA integration with the industry’s leading professional services automation tools, including Autotask, ConnectWse, Tigerpaw, Servicenow, and SalesForce
Premium remote control that connects you to users’ Windows devices to resolve issues, transfer files, chat with the user, and perform administrative tasks.

With internal and external threats growing and SMB cybersecurity resources falling further behind, RMM and SECaaS are the optimal choices when it comes to MSPs’ protecting their businesses, minimizing downtime, and reducing their operating and capital expenses. Effective cybersecurity is essential to keeping a business’s doors open, and smart MSPs are capitalizing on this growing opportunity.

5 ways to use RMM to generate recurring revenue

Auto-fix service issues for your clients, i.e. create proactive monitoring that responds to and resolves common service issues, such as failed critical services
Detect opportunities by using the asset inventory and a selection of reports to identify prescriptive improvements.
Offer freemium services that automate a variety of services presenting high value to customers to build loyalty and ease renewals. E.g., identify hard drives that are close to capacity and remove temp files through automation, avoiding trouble before it starts
Deploy third-party software on demand and easily roll-out software such as Adobe Reader or remove browser toolbars with a single command
Use patch management to remove system vulnerabilities, i.e. use your RMM tool to deploy patches per your approval policy to bring non-contract clients up-to-date on their patches, especially during times when those very public security vulnerabilities make the news.

AVG Business by Avast awarded ‘Security Vendor of the Year’

AVG Business by Avast proudly accepted the “Security Vendor of the Year” award at the European IT & Software Excellence Awards held in London on March 30.

The annual awards is the leading pan-European awards for resellers, ISVs, Solution Providers and Systems Integrators, and their vendor and distributor partners. Avast’s PR Director, Stephanie Kane, accepted the award on behalf of the AVG Business team.

Run by top European channel publication, IT Europa, the awards are in their ninth year. More than 500 entries were received this year with 154 finalists vying for just 26 trophies, so the competition was fierce. The Security Vendor of the Year award recognizes best practices in customer solutions, as well as service excellence from vendors and distributors.

“This category is voted for exclusively by readers of the magazine,” said Kevin Chapman, Senior Vice President and General Manager for Avast’s SMB business. “This award is a great testament to our products and to our people who work with our channel partners every day. We should be very proud of winning this well-deserved accolade for the second year in a row.”

“The investments we have begun to make this year in rigorously improving our products and expanding our partner program offerings will lay the foundation for another year of joint success that we believe will enable us to win more such industry awards in the future,” said Chapman.

“We look forward to maintaining a strong relationship with IT Europa, a publication that has been instrumental in keeping AVG Business by Avast in the minds of our channel partners and end users.”

AVG Business at MSPWorld 2017 Conference in New Orleans

AVG Business by Avast is proud to be a Gold sponsor of MSPWorld®, the premier conference for cloud and managed services professionals.

You may have thought the New Orleans Jazz and Heritage Festival was the highlight of springtime in “The Big Easy”, but for MSPs across the country, the event of the year is MSPWorld which takes place in New Orleans, Louisiana from March 26th to 28th. MSPWorld is the perfect place for people working in the managed services industry to learn from their peers, because this world-class conference is run by MSPs, for MSPs.

While you’re at MSPWorld, please stop by booth #33 to meet the AVG Business by Avast team and register for your chance to win an iPad Mini. We are there to share our expertise on how to develop pricing models to support revenue growth, provide cost effective 24/7 support, and ensure your customers’ environments are secure and performing optimally. Visit AVG Business by Avast MSPWorld 2017 for more information.

We want to have some fun with you too, so plan to arrive early and join us Tuesday from 11:00am – 4:00pm at the Lakewood Golf Club for the MSPWorld Golf Tournament. Reserve your spot to chill with us afterwards for an exclusive AVG Business Partner Event cruising on the Steamboat Natchez Tuesday evening.

Steamboat Natchez

Your schedule can get busy quickly at MSPWorld, so mark your calendar in advance for the following speaking sessions:

Special Introductions

Date: March 27, 2017
Time: 9:45am to 10:15am
Location: Gallery 1-3

Creating a competitive MSP Pricing Model

Date: March 27, 2017
Time: 2:15pm to 3:00pm
Location: Gallery 1

Ryan Vallee, Product Management Lead for AVG Business by Avast, will be speaking about the importance of properly pricing your service to stimulate business growth. The science to calculating labor cost, overhead, software solution, etc. to achieve a desired margin can be a bit of a mystery to many. Whether you offer reactive, proactive, or fixed-fee models, this session will guide you to develop profitable service plans that take into consideration all known costs to provide a Managed Service to your customers; AND, help you evolve your business into higher levels of profitability.

Scaling your Managed Services for NOC & Help Desk

Date: March 28, 2017
Time: 10:40am to 11:25am
Location: Gallery 3

Staale Swift, Chief Executive Officer at NOCDOC will address what is going on in the market today and its impact on managed service providers. He will answer questions MSPs have about growing or expanding their businesses, what you can offer your clients, considerations when you are building up your offering, and the value you bring to the table.

We look forward to seeing you at MSPWorld. Visit our website to get your MSPWorld discount and for our exclusive partner event cruising the Mississippi River. Stay a few more days for Jazz Fest 2017.

AVG Business by Avast speaking at Cloud Security Expo 2017

Two presentation sessions will showcase how IT Service Providers can add value and help small and medium businesses minimise the latest cyber threats.

AVG Business by Avast will be presenting during London’s premier annual business technology event, Cloud Security Expo. With Gartner predicting 8.4 billion more devices will join the Internet of Things this year, how small to medium businesses (SMBs) manage the risk to their security as these devices enter the modern workplace presents one of their greatest challenges. At the same time, this is also an opportunity for managed service providers to build new programmes that offer the value and support their clients require and extend new revenue lines for their own business.

PRESENTATION 1: Add a Million pounds to your valuation – or 10 million

WHAT: This presentation is about helping IT Services providers understand their value and how to apply their expertise to the managed security opportunity. Hear how to build programmes that drive recurring revenue whether that is 1 million or 10 million pounds.
WHO: Patrick McKay, Sales Manager, AVG Business for Avast
WHEN: Wednesday, 15th March 12:15 – 12:55
WHERE: Security Service Providers and Security Innovation Theatre

PRESENTATION 2: How to protect your business from – and minimize – cyber threats

WHAT: This presentation will discuss how small and medium businesses worldwide are under increasing pressure to secure themselves and their customers’ data against a variety of cyber threats. This is compounded by several factors, such as the pace of technology adoption, the trend toward a virtual non-collocated workforce, and compliance with complex new legislation. The latest solutions deployed and managed from the Cloud offer across-the-board protection and low intrusion, but provide limited defence in-depth. Traditional security measures that operate completely inside four walls can still play a role in an overall security plan, but do not provide the necessary coverage. Find out more about these challenges facing small and medium businesses and the emerging product trends designed to solve them.
WHO: Greg Mosher, VP of Engineering SMB, AVG Business for Avast
WHEN: Thursday, 16th March 10.45-11.10
WHERE: Security Service Providers and Security Innovation Theatre

AVG Business by Avast will also be showcasing its flagship products at Stand 1130 at the show. AVG Managed Workplace is the complete managed IT solution which provides unmatched ease of use, security and control of the entire IT infrastructure including all devices, applications and networks from a single pane with end-to-end visibility and remote monitoring and management.

AVG CloudCare is a SaaS endpoint protection suite that enables Managed Service Providers and resellers to remotely support their clients and deploy a robust portfolio of cloud security solutions for multiple clients also through a single pane of glass. It combines an uncomplicated cloud-based IT management capability with AVG’s award-winning AVG AntiVirus and AVG Content Filtering at an affordable price.

Six security lessons for small business from 2016

Historians will look back at 2016 as the year that cybersecurity moved from being an important issue to a critical one on both sides of the Atlantic. In the United States, the two main presidential candidates traded insults over email security and claims that Russian hackers were trying to influence the election’s outcome by leaking stolen data.

Democrat candidate Hillary Clinton was under fire for allegedly using a private email server for classified documents while working as Secretary of State. Republican candidate Donald Trump was accused of encouraging foreign powers to hack his rival and publish whatever incriminating or embarrassing information they could find. But both candidates agreed that cyber security was a vital issue of national security.

In Britain, the Chancellor of the Exchequer, Philip Hammond, unveiled a new £1.9billion cybersecurity strategy to ensure the country could “retaliate in kind” against any digital attacks on national infrastructure like the electricity grid or air traffic control systems. But behind the politics, what were the real security lessons of 2016?

The Internet of Things is vulnerable

An attack on Dyn, one of the companies behind the infrastructure of the internet, in early October revealed how the new generation of connected devices has created fresh opportunities for hackers. Major websites – including Netflix, Twitter, Spotify and Amazon – all came under attack. Security analysts revealed that compromised Internet of Things (IoT) devices such as digital cameras and video recorders had been the entry point for hackers. A basic security vulnerability with these devices – factory-default security settings – had allowed hackers to disrupt the internet infrastructure.

The message for manufacturers, consumers and businesses was self-evident: The Internet of Things needs an urgent security upgrade.

Rise and rise of ransomware

You can trace the early origins of ransomware to the days of pop-up bogus “official messages” warning that your computer has been infected, or that you’d been caught doing something illegal. Today, the tactic has evolved into attempts to lock businesses out of their own network, critical files or services until money is handed over. What has made 2016 different is a step-change in the scale of the problem.

The analyst firm Gartner reported $209 million was extracted through ransomware attacks in the first three months of 2016, compared to $24 million that was extracted from US businesses in 2015. Businesses, hospitals and universities have all been targets and an increasing number of victims are paying up to regain control of their network or vital files. A recent survey also revealed that 1 in 3 businesses were clueless about ransomware: either not knowing what it was at all, or misunderstanding what it was.

The lesson for business is clear: understand what it is and its possible impact on your business, and have a plan in place that outlines what to do if a ransomware attack happens.

Rise of encryption

One of the tech stories of the year was the clash between Apple and the FBI over access to data in the iPhone of one of the San Bernardino bombers. The public debate about privacy and security that followed saw the instant messenger (IM) service WhatsApp decide to add end-to-end encryption to users’ messages.

In theory, the move meant that no-one apart from the sender and intended recipient can read messages – not even WhatsApp itself. The move put pressure on other IMs, email services and social channels to reassure users that messages were snoop-proof and encrypted. The need to use encryption to secure your data has never been stronger. Cybercriminals are becoming more sophisticated and as they do so we need to step up and take proactive steps to stay ahead of them.

There was a two-fold lesson for businesses: firstly, to understand how data was being shared inside and outside their organization; secondly, to consider encrypting the most sensitive files.

Reinvention of the log-in

The password isn’t quite dead yet, but 2016 saw a broad effort to push users towards more secure log-in procedures. Both Google and Apple rolled-out improvements to multi-factor verification and authorization –using multiple devices or security steps to approve a key action or transaction.

A growing number of banks and financial institutions began testing biometric verification – fingerprint and voice recognition – seeing it as an important way to reduce fraud. The lesson of the year was that the days of logging in with just a username and password are coming into an end.

Businesses need to think of how they can create and encourage employees and customers to use more secure pathways to access account, order or profile information.

The threat from inside

Reports about cybersecurity tend to be dominated by headlines about hackers, whether individuals, criminal gangs or countries testing other nations’ cyber defences. Looking back at some of the biggest security breaches of 2016 you’ll find a common factor: the loss of data involved someone from inside the business.

In some cases, the leak started with the loss or theft of a company laptop, memory stick or mobile phone. In others, employees shared data they shouldn’t have, either accidentally or by deliberately trying to sell confidential information. According to the Ponemon Institute, the cost to businesses of clearing up data leaks is going up year after year.

The lesson for businesses is to ensure that staff understand security risks, have regular training, and that procedures are in place to cut the chance of confidential data leaking out. Restricting access to only those employees that need it also helps businesses reduce the risk of loss of data and reputation.

No-one is immune

2016 was the year that saw millions of user account details stolen from some of the best-known tech brands – Yahoo!, LinkedIn, Twitter – go up for sale on the Dark Web. It was also the year that the presidential campaign put the spotlight on government security – with a stream of leaked data and questions about unsecure email servers allegedly being used for classified information.

But don’t be fooled into thinking that big brands or big targets are the only game in town. Research by the Federation of Small Businesses in the UK in 2016 found that two out of three small firms had been victims of cybercrime in the previous two years. According to the FSB, the financial costs suffered by small firms from an attack are “disproportionately bigger” than larger firms.

One of the biggest lessons to take from the year is that no business is immune from cyber threats – and the risk to business survival is higher the smaller the company is.

Senior Security Evangelist, Tony Anscombe of AVG Business said: “Cybersecurity has had a high political and media profile this year, thanks to the US presidential elections. But businesses shouldn’t make the mistake of thinking that the issue is all about nations waging digital warfare or politicians being hacked. The key lessons of the year are about the rise in ransomware, and the new attack vectors that are being created for hackers by the increasing number of connected devices, often with poor built-in security. Business owners need to be thinking harder than ever about internal security, training and procedures, the tools and tech they are bringing in to their organisation, as well as the security they deploy across their network.”

Seven security predictions for small business in 2017

Digital life for businesses started out with dumb screens, keyboards and the days of the mainframe. This gave way to a simple set-up: a few PCs connected to a server with staff tapping away on keyboards at their desks. Then came laptops, mobiles, tablets and the era of computing on the move.

Next, cloud computing took digital storage and services and put them wherever you and your team needed to work. But with each evolutionary step came new security threats. And in 2017 we’ll see an ever-broadening range of connected devices becoming new “attack vectors”.

Hackers will exploit new methods to get into networks and find new ways to cause business disruption.

Here are seven emerging threats to watch out for next year:

Biometric hacks

From Apple’s TouchID fingerprint scanning to banks trialing voice or retinal recognition, biometric security has been growing fast in recent years. The traditional log in to an account via username and password is being replaced by more sophisticated technologies.

But is it any more secure? Hackers and security experts have used photographs to beat biometric checks, including claims last year that a high resolution image of an eye could be used to hack retinal scans. Researchers have shown how high definition video of someone’s face, complete with a couple of blinks, is enough to break in to some devices.

Hackers have even shown that impersonation can crack voice recognition. It can be bypassed simply by grabbing a short recording of someone’s voice, either by making a spam call or stealing a voicemail message, so expect to see more biometric hack stories in 2017.

Connected car hacking

Security researchers made headlines in 2015 when they hacked a driverless Jeep and drove it off the road. Since then trials of driverless cars and autonomous systems – like Tesla’s autopilot mode – have clocked up millions of road miles.

We’re still a few years away from seeing truly autonomous cars for sale on garage forecourts, but the threat of cyber-sabotage was enough to prompt the FBI to warn in 2016 that owners of connected cars would need to ensure software was secure and up-to-date. As more cities and States in the US open up to driverless trials, and more road tests get under way in the UK, there is sure to be more news about car hacking next year.

Internet of Things hacks

A major botnet attack on Dyn, one of the companies behind the infrastructure of the internet, in late 2016 revealed the vulnerability of the Internet of Things. The attack – which caused disruption for major websites like Netflix, Twitter, Spotify and Amazon – started with hackers exploiting factory-default security settings in hacked digital cameras and video recorders. As more and more previously inert, unconnected devices connect to the internet – from fridges, to toys and thermostats – expect news of more Internet of Things-related hacks.

Mobile hacks

2016 will be remembered as the year that mobile web browsing overtook desktop browsing for the first time. Hand in hand with mobile browsing comes mobile malware and an ever-rising tide of malicious software designed specifically to target Apple’s iOS or Google’s Android mobile operating systems.

Through 2016 Google stepped up its efforts to clear malicious apps from the Google Play store, while Apple quickly released security patches for iPhones after the discovery of the “Pegasus” malware package that could read users messages or steal contact information. As mobile usage grows, there’ll be more news than ever of mobile malware.

Virtual reality hacks

Virtual reality headsets generated the biggest tech buzz of 2016. Facebook founder Mark Zuckerberg gave a sneak look at what Oculus Rift has in store in the future; while Google unveiled its new Daydream headset. But as VR grows, expect to hear more about the location and personal data being collected by devices. As more and more apps are developed for VR tech, it would be no surprise to soon hear about the first hacks of VR in-game payment systems.

Contractors under attack

But it’s not just devices that are vulnerable: it’s people. It’s become a fact of digital life that hackers will look for easy routes into their targets. So, if they want to hack a big business … they look at its contractors.These are often smaller businesses with more limited security systems, processes and resources. There’ll be more news in 2017 of major hacks that originate with small businesses in the supply chain – and there’ll be a growing expectation on small firms to step up their security if they want to win big contracts.

Cloud under attack

A list of the “treacherous 12” vulnerabilities of cloud computing was unveiled at a major conference in 2016. These ranged from hacked APIs and broken authentication to denial of service (DoS) attacks. But the benefits to business of being able to access data wherever they are – and cut the cost of IT infrastructure by using cloud services – make it an attractive proposition that’s unlikely to lose its appeal any time soon.

But as more businesses adopt cloud storage and services, do not be surprised to read more reports of businesses being locked out, hacked or losing data. It’s a story that’s not going to go away.

Tony Anscombe, Senior Security Evangelist, AVG Business suggests what may be in store for the New Year, “Overall, I think the big story of 2017 is going to be about the broadening range of tactics, channels and platforms that hackers try to exploit to steal data and extort money from businesses. The buzz around new tech – particularly IoT devices – needs to be tempered with serious questions about security.”

“Manufacturers are racing to get products to market and security is being left behind… businesses of all shapes and sizes need to be careful about what new tech they adopt and how they use it. They also need to bridge their knowledge gaps, 1 in 3 businesses we recently surveyed were clueless about ransomware for instance. Small businesses, in particular, need to be more aware of how their data and systems can be hacked and exploited

The 24-hour working day: SMBs and our changing world of work infographic

An understanding of the evolving work environment and the roles of small and medium-sized businesses through a comparative analysis of the technological differences between the US and UK SMB world.

Small and medium-sized businesses play a huge part in western economies. AVG Business explores SMBs’ roles in these economies as well as their effects on owners. The infographic also looks at how the world of work has changed over the years, comparing US and UK SMBs as new technologies are increasingly used in marketing and new business.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic1

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic2

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic3

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic4

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic 5 1

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/12/avg infographic 5 2

Avast and AVG combine to better protect your business

We are now one company . . . whether you use an AVG or an Avast product, we will continue to offer and support both AVG and Avast branded products.

In July, we announced that we signed an agreement to acquire AVG. We have now acquired a majority stake in the company, completing the initial tender offer for all of the outstanding ordinary shares of AVG Technologies. That means we will operate as a single company as of Monday, October 3, 2016 and can officially welcome AVG business users to Avast! I have been leading Avast’s SMB business since 2015, and will drive the integration of the two company’s business divisions. With an existing SMB business and reseller base that was many times larger than Avast, we will be integrating Avast’s program into the AVG business program.

The acquisition will overnight vault Avast into a leadership position in the SMB security market. Our gain will also be your gain. By combining the strengths of Avast and AVG under one company, you can now look forward to a stronger threat detection network powered by the largest install base (by far) of any competitor. The new Avast now protects more than 400 million mobile and PC users worldwide, each of which acts as a sensor. Whenever one of these sensors encounters a new threat, the threat is sent to our Threat Labs for analysis and a detection is created to protect the rest of our network. This means your business is already being better protected from the latest threats.

Avast will continue to offer and support both the AVG and Avast branded products for the foreseeable future (more details about this can be found here). We want our customers to be reassured that whether you use an AVG product or an Avast product, we will continue to have experts support you. We are nothing without our customers and partners like you, who helped us get to where we are today.

We are thrilled about what the future will bring and are looking forward to finding new ways to add value for you, our customers. We are looking forward to the innovative products this acquisition will produce and the momentum it will create in the market.

Forward-Looking Statements

This press release contains forward-looking information that involves substantial risks and uncertainties that could cause actual results to differ materially from those expressed or implied by such statements. All statements other than statements of historical fact are, or may be deemed to be, forward-looking statements within the meaning of the federal securities laws, and involve a number of risks and uncertainties. In some cases, forward-looking statements can be identified by the use of forward-looking terms such as “anticipate,” “estimate,” “believe,” “continue,” “could,” “intend,” “may,” “plan,” “potential,” “predict,” “should,” “will,” “expect,” “are confident that,” “objective,” “projection,” “forecast,” “goal,” “guidance,” “outlook,” “effort,” “target,” “would” or the negative of these terms or other comparable terms. There are a number of important factors that could cause actual events to differ materially from those suggested or indicated by such forward-looking statements and you should not place undue reliance on any such forward-looking statements. These factors include risks and uncertainties related to, among other things: general economic conditions and conditions affecting the industries in which Avast and AVG operate; the uncertainty of regulatory approvals; the parties’ ability to satisfy the conditions to the contemplated tender offer, AVG’s delisting from the New York Stock Exchange and suspension of AVG‘s reporting obligations under the Exchange Act and to consummate the transactions and their plans described in this press release; and AVG’s performance and maintenance of important business relationships. Additional information regarding the factors that may cause actual results to differ materially from these forward-looking statements is available in AVG’s filings with the U.S. Securities and Exchange Commission, including AVG’s Annual Report on Form 20-F for the year ended December 31, 2015. These forward-looking statements speak only as of the date of this release and neither Avast nor AVG assumes any obligation to update or revise any forward-looking statement, whether as a result of new information, future events and developments or otherwise, except as required by law.

Additional Information and Where to Find It

This press release does not constitute an offer to purchase or a solicitation of an offer to sell any securities of AVG. The solicitation and offer to purchase ordinary shares of AVG is being made pursuant to a tender offer statement on Schedule TO, including an Offer to Purchase, a related letter of transmittal and certain other tender offer documents, filed by Avast with the SEC on July 29, 2016 (as subsequently amended, the “Tender Offer Statement”). AVG filed a solicitation/recommendation statement on Schedule 14D-9 with respect to the tender offer with the SEC on July 29, 2016 (as subsequently amended, the “Solicitation/Recommendation Statement”). AVG shareholders are urged to read the Tender Offer Statement and Solicitation/Recommendation Statement, as they may be amended from time to time, as well as any other relevant documents filed with the SEC, carefully and in their entirety because they will contain important information that AVG shareholders should consider before making any decision regarding tendering their securities. The Tender Offer Statement and the Solicitation/Recommendation Statement are available for free at the SEC’s website at www.sec.gov. Copies of the documents filed with the SEC by AVG will be available free of charge on AVG’s website at investors.avg.com.

1 in 3 small businesses is clueless about ransomware!

A third of small to medium sized businesses surveyed by AVG had never heard of ransomware, demonstrating an urgent need for education on one of the fastest growing malware categories.

Ransomware is one of the world’s fastest growing malware categories. In June, we surveyed businesses to understand who had heard of the term ‘ransomware’ and what they understood about it. 381 of our small-to-medium business (SMB) customers in the US and UK responded to our questions and the results proved revealing and concerning.

Here are the key points:

68% of respondents said they had heard of the term ‘ransomware.’

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/avgransomware

That may look like a good percentage, but this also indicates that even with security industry, media and governments working hard to educate businesses about the risks, nearly 1 in 3 is still not aware of this significant risk.

So what is ransomware and how does it impact businesses?

Ransomware is a generic term for a category of malware that restricts access to a device or the file(s) on a device until a ransom is paid. It’s a method for criminals to make money by infecting the device and has become very effective at causing havoc for a business or organization that is unfortunate enough to become a victim.

It’s not new, which is why the 32% concerns me. The first cases were reported as far back as 2005, which took the form of fake antivirus software claiming you had issues that required payment in order to be fixed.

Over time, ransomware morphed into scareware messages. Scareware messages, designed to trick users into downloading malicious software and often disguised as communications from law enforcement, typically claim that a device has been infected or that the usage history of a device shows illegal activity—or in some cases blatantly locking files until you call and pay the ransom.

The 68% of respondents claiming to know what ransomware is had very different opinions, many of them inaccurate. When asked to explain the term, it turns out that 36% (of the 68%) didn’t actually know what it was.

A major security concern

Since 2013 when Cryptolocker ransomware first surfaced, ransomware has now become a major security issue with organizations being held to ransom – and in some cases paying to get their data unlocked. Numerous incidents have been cited where thousands of dollars have been paid: hospitals, charities, hairdressers have all been held to ransom. One university has suffered 21 attacks in the last year alone!

The true scale of the problem is somewhat hard to define though because, understandably, many businesses and organisations are reluctant to reveal they’ve been held to ransom because of fears about being targeted again, or losing existing or new customers.

People are held to ransom in just a few seconds

Unsuspecting victims are infected through emails impersonating customer support personnel from well-known company brands. Once activated, the malware encrypts files and demands payment, typically a few hundred dollars within a timeframe of 48 or 72 hours.

Last year alone, the FBI received 2,453 complaints about ransomware hold-ups last year, costing the victims more than $24 million dollars! Earlier this year, the UK National Crime Agency claimed ransomware attacks have increased in frequency and complexity, and now include public threats by the perpetrators to publish victim data online, as well as the permanent encryption of valuable data.

4 ways to protect your computers and networks against ransomware

Stay vigilant. One of the most common methods of infecting a system is via a spearheading email with a malicious attachment or link. If you are not expecting the email, or it looks suspicious in any way, do not open it and delete it.

Back up your software and systems. It’s really important you keep your software and operating system updated. Back-up your files regularly and don’t forget to keep your backup media disconnected from your PC. Otherwise, your backups might get encrypted as well. This also applies to storage and network drives e.g. Google Drive, Dropbox, etc.

Use the latest protection software. At AVG, we take ransomware very seriously and our AVG Internet Security and AntiVirus Business Edition solutions detect and block ransomware and other malware variants from infecting your devices and servers – leaving you to focus on what matters.

Don’t pay. If you do fall victim, do not pay. Funding these criminals only encourages them to attack other people. Research the specific infection to see if there is a decryption tool. We offer 7 of these tools for free with more on the way.

Don’t be the 1 in 3

Taking proactive steps to protect your organization from a ransomware attack is essential to the smooth running of your business—it is your livelihood, after all. Contingency and remediation planning are also crucial to business recovery and continuity, and these plans should be tested regularly.

New Distributors Join AVG Channel, Extend SMB Footprint in Europe

The spotlight is on Europe this week as we welcome new distribution partners to our AVG channel . . . Sigma Software Distribution in the UK and Dexceo in Denmark.

As our GM Fred Gerritse has shared this year, our distribution go-to-market model has been top of mind for us this year and key to driving value for our partners.

Building a strong distributor network lets us better respond to the security needs of business customers as our AVG channel grows and scales globally. Central to this is finding distribution partners that share our security commitment and bring the expertise and capabilities to sell our full line of AVG Business solutions.

This week, we are announcing the addition of two new European value-added distributors to our AVG channel: Sigma Software Distribution in the UK and Dexceo in the Nordics. Both distributors will provide our full line of AVG Business solutions.

Sigma, who was named CRN UK’s Specialist Distributor of the Year, is a great example of a partner that aligns to our vision with the track record to show they mean business.

Sigma General Manager Jane Silk shared her thoughts on the new Sigma-AVG relationship, “We always strive to truly understand our partners’ needs and establish long term relationships that drive opportunities. The AVG relationship is one where we can work transparently, develop the best model for the channel and then prove this in the marketplace.

“AVG’s proven security expertise and its advanced technology will help us immediately respond to challenges our partners face in the current threat landscape. Product innovations such as AVG Managed Workplace that offer a centralized, automated platform to manage security while also helping our partners provide more services to their customers, have us very excited.”

Sigma has demonstrated consistent and sustainable growth in its specialty field. As proof, the company has delivered seven consecutive years of revenue and profit increases. Sigma’s operating model includes a dedicated sales development team with the knowledge base to work closely with re-sellers to support training, identify cross-sell opportunities, manage deal registration and more.

Our UK team is at the Insight Technology Show in Manchester today and will be sharing more about the Sigma-AVG relationship.

Dexceo, a leading Scandinavian security distributor and our first AVG Business solutions distributor in Denmark, is also ready to start marketing AVG Business solutions. The Dexceo team shared its AVG news this week with Danish media.

Dexceo specializes in IT security and network solutions for an international business client base and carefully selects its IT suppliers and re-sellers to maintain the company’s high quality and service standards. Dexceo is a relatively young company but we are impressed by the team’s experience, knowledge base and growing partner network. The company has also acknowledged a need to complement its security portfolio with cloud security and remote monitoring and management solutions. Both AVG Managed Workplace and AVG CloudCare will support Dexceo’s needs to deliver increased visibility across IT environments and efficiency in deploying and maintaining security services.

Dennis Wøldike, founder of Dexceo, shared his view of the AVG opportunity for Danish businesses, “We are looking forward to building our relationship with AVG and extending new benefits and opportunities to our partner network. As an AVG trusted partner, we can offer new security innovation and a range of solutions and services for the Scandinavian market.”

The additions of Dexceo and Sigma are a natural extension of our partner-focused model and complement our specialty focus, as well as our existing and valued broad line distributors.

We look forward to building strong relationships and sharing big results.

AVG Receives AV-TEST ‘Top Business Security Product’ Score

Independent Security Research Leader AV-TEST recently put our AVG Business solutions to the test. The result was a Top Product award that AVG channel partners can share with their clients.

At AVG, we never miss an opportunity to promote the detection and protection capabilities of our business security software. It’s even better when independent experts are also communicating the power behind our security engine. Our recent AV-TEST scores are a great example.

Our AVG Business solutions were recently awarded a Top Product score by AV-TEST in its May-June 2016 evaluation of 13 business endpoint protection software products. AVG was one of only 4 of 12 security vendors to receive this product score.

In this AV-TEST evaluation, our security technology was put through realistic test scenarios and challenged against real-world threats. We are also proud to share that this is our second consecutive high rating by AV-TEST this year.

AV-TEST, an international, independent leader in IT security and antivirus research, uses comprehensive comparative analysis methods to detect and analyze new malware. In its analysis process, AV-TEST engineers evaluate security solutions for reliable malware detection and low false positive rates.

Here is a brief look at our results:

Our AVG Business products scored 100% for real-world detection with no false positives across protection, performance and usability categories, achieving 17.5 out of a total score of 18, across these categories:
- Protection 6/6: This focuses on protection against malware infections (viruses, worms or Trojan horses)
- Performance 5/6: This focuses on the average influence of the product on computer speed in daily usage.
- Usability 6/6: This focuses on the impact of the security software on the usability of the whole computer

AV-TEST CEO Andreas Marx also shared his feedback on our test results. “With the market’s leading business security software solutions promoting similar features and capabilities, independent test results like ours help the decision-making process for both the IT channel and business customers. AVG’s business products have performed consistently strong in our recent tests this year and this is important for channel providers making product portfolio decisions and managing security for their business clients,” said Marx.

Our consistent product performance is a testament to our 100% focus on SMB security. We continue to be committed to helping channel partners build their businesses and put the best security defense in place for their clients’ IT environments.

Please share these results with your teams and client base. You can find more information about our AVG Business solutions at http://www.avg.com/partners. Thank you for your continued support.