5 Unexpected Data Security Risks You Need to Address

Cyber security is looking more and more like a Wile E. Coyote/Road Runner cartoon every day. And sorry to say it, security pros, but we’re the Coyote in this situation.

The market for sophisticated cyber security solutions is already worth over $100 billion. Between 2017 and 2021, analysts believe businesses will spend over $1 trillion bolstering their defenses.

But where is all this spending getting us? Attackers seem to be ahead of these security solutions at every turn. The reason hacking Road Runners are making us look like the Coyote is a fundamental problem with how we approach data security risks.

8751683727_5e5a34a75b_o (1).jpg

Rather than playing right into the Road Runner’s hands (wings?), we have to start thinking about the unexpected data security risks that attackers are exploiting. Here are 5 vulnerabilities you may not be thinking about—but need to address quickly.

How Do I Know If I’ve Been Hacked?

Every day, we read a headline about a computer hacking or hear a personal story about a friend, family member, or colleague getting hacked. The signs of your computer or identity being hacked are often apparent, such as a menacing pop-up screen notifying you that all your critical files have been encrypted and a ransom is demanded to unencrypt them. Other times, though, the signs are subtle and not easily recognizable to the average user.

One of the easiest ways to recognize a hack or identity theft is to routinely check your credit report because one of the primary motives of cyber criminals is financial. Ensuring there aren’t unauthorized accounts opened in your name is a good first step in protecting your online safety.


Continue reading How Do I Know If I’ve Been Hacked on Avalon’s site for some tell-tale signs your computer may be hacked and your identity may be stolen:

The Value of Applying Digital Forensics

The use of digital forensics in any type of litigation or investigation can uncover tremendously valuable electronic evidence from laptop and desktop computers, tablets, smart phones, and other mobile devices, as well as e‑mail and network servers.

These devices have become an integral part of peoples’ daily lives; and many corporations have adopted “bring your own device” policies. This combination ensures that our handheld devices now contain a large amount of both business and personal information including call history, text messages, e‑mails, photographs, videos, calendar items, memos, address books, passwords, and credit card numbers.

Consider the fact that 90% of American adults own a cell phone, two thirds of which are smart phones. Americans use smart phones for many purposes.

Cell Phone Activity

Continue reading the full blog on Avalon’s website – The Value of Applying Digital Forensics

Ransomware – An Effective Money Making Menace

Written by John Walp, Vice President of Cyber Services 

Holding someone or something for ransom is an age-old, effective technique that has found a new home: the internet. This venue offers a level of anonymity and scale that is sometimes difficult to comprehend.

An estimated 40,000 people attended this year’s RSA Security Conference, February 13 through 17, in San Francisco, California. Security professionals from across the globe gathered to discuss the latest and largest cyber security threats and ways to keep consumers and businesses safe. The RSA Conference identified Ransomware as one of the biggest and fastest‑growing threats. Numerous sessions were dedicated to helping security pros understand the threat from Ransomware and, most importantly, what can be done to combat it.

20012126873_e376a09029_kPhoto Credit: Christiaan Colen / Flickr.com

Continue reading Ransomware – An Effective Money Making Menace on Avalon’s website.

Keep Your Friends Close and Your W-2s Closer, Beware of Tax Identity Theft

If Melissa McCarthy was behind every identity theft, it might not be so terrifying. Unfortunately, that is likely not the case (although, it has not been confirmed).

melissa-mccarthyIdentity thieves are getting more sophisticated by the day. They used to steal your credit card number to buy a video game and grab a slice at the food court, but now they’re stealing identities to file tax returns and collect refunds.

The IRS has certainly improved its defense against phony refund requests—last year, as of March 5, 2016, the IRS identified 42,148 fraudulent tax returns involving identity theft, and identified 20,224 prisoner tax returns for screening, with $227 million claimed in fraudulent funds.[1] But these are simply the cases the agency is aware of, and there are likely many more. The IRS continues to expand its efforts to detect tax refund fraud.

Read more about fraudulent tax returns over on the Avalon blog…


Avalon and DIGITS Successfully Complete an Extensive Information Audit


Buffalo, NY (October 4, 2016)— Avalon Document Services and DIGITS LLC (a division of Avalon) have successfully completed the Shared Assessments Program Standardized Information Gathering and Agreed Upon Procedures (SIG AUP). The SIG AUP is an audit used by organizations to evaluate their information security program, which is inclusive of data protection, privacy, and business resiliency from IT failure. Avalon/DIGITS retained and independent CPA firm to complete the audit, which consisted of the evaluation of policies, procedures, and controls for the purpose of alignment with current regulations, industry standards, guidelines, and information security best practices.

To read more about this audit, continue to the Avalon blog…

Dropbox Dropped the Ball

You probably have enough managers in your life—your boss, your boss’s boss, your kids, your spouse, your dog—but we suggest you seriously consider getting just one more: a password manager.

password-866979_1920The good news is you don’t have to fetch coffee for or even talk to this manager. A password manager is a software application that stores and organizes your passwords, typically in an encrypted state. You create a complex, creative master password and use it to unlock and gain access to your entire password database. And if you get lazy, most password managers have the ability to generate, and subsequently store, unique complex passwords as needed.

Continue reading the full article on Avalon’s website: Dropbox Dropped the Ball 

Life’s a Breach

Written By: Mike McCartney, President of DIGITS, LLC – A Division of Avalon

stockvault-cyber-security-concept-open-and-closed-locks176755-768x540Typically, we consider ourselves pretty serious nerds when it comes to computers. But, we have to admit, cyber attackers are a challenge even for us. They hack into other people’s secure information, and they’re good at it. So it’s important to protect yourself and your company from these cyber assailants.

Many large, internationally known corporations—Target, eBay, Stubhub, and many others—have become victim to such attacks. But small, unknown companies are suffering as well. No one is immune to this alarmingly increasing trend.

Continue reading the full article on Avalon’s website: Life’s a Breach

The Cloud for Dummies Like Me

Written by: Ashley Hazlett, Director of Marketing – Avalon & DIGITS LLC – A Division of Avalon

Cloud-Data-Thumb-DriveWe all know someone who takes photos with their digital camera, uploads those photos to Facebook or a photo-sharing site, and then never deletes the images from the memory card.

I’m looking at you, Aunt Christine.
And for what? For fear of never having access to them again? With the increasing popularity of the cloud, those fears can now go away.

Aside from the previous sentence, you have no doubt heard the term “the cloud” upwards of 27 times just this week. You might have even used it yourself. But do you know what this trendy buzzword really means?

Continue reading the full article on Avalon’s website: The Cloud for Dummies Like Me

Law Firms & CPA Firms are Targets of Organized Hackers

Written By: Michael McCartney, President of DIGITS, LLC – A Division of Avalon

I think we can all agree that the FBI is badass. So when they say something is threatening us, it’s for real. In November 2009, the FBI issued their first official warnings concerning spear phishing attacks targeting U.S. firms.

stockvault-hacking-concept-transparent-hands-over-computer-keyboard180407-768x505A spear phishing attack is when an e-mail is sent to a high-level executive of a firm that appears to originate from another high-level executive within the firm. The e-mail from the attacker has the same e-mail convention that the firm uses (e.g., john.smith@lawfirm.com) and the content of the e-mail can be as simple as, “After our conversation last week, I found this interesting article that I thought was very much on point for your matter.” The e-mail has an embedded link that, if clicked, takes the recipient to a website that downloads the referenced article as well as a payload allowing remote access to that computer system. This is an entry point into the corporate network and, depending upon the level of access the victim has, the hacker can laterally access other resources and data as well.

Continue reading the full article on Avalon’s website: Law Firms & CPA Firms are Targets of Organized Hackers