Skip to main content

Blog

Guide Star Blog

Disaster Recovery | Cybersecurity | Cybercrime | Support Services | Security | Consulting

By: Larry Davis
May 24th, 2022

The Importance of Saved Images At Guide Star, we have top-tier IT security practitioners, also known as our Blue Team, that engage with small and medium-sized business (SMB) owners and managers. Our blue team experts implement means and methods to mitigate cyber risk as well as arm your organization against future threats.

Cybersecurity | Consulting

By: Evan Rice
April 20th, 2022

The systems development life cycle (SDLC) is a process any IT team member or software developer will be familiar with.

Cybersecurity | Consulting

By: Evan Rice
April 15th, 2022

Every second, data is being transferred to and from your employees’ computers. The data can be anything from a simple Word document to highly sensitive information. Keeping sensitive data secure is a big part of having a cybersecurity program. How do you accomplish this? For starters, your IT team will need to implement strong technical controls. A technical control is a system-based protection to reduce risk and/or the chance of human error that can introduce risk. Let’s say one of your company’s cybersecurity policies is having a nightly backup of your data. The technical control is having a system to automatically back up the data, instead of having an employee do it manually. Employee Stock Ownership Programs (ESOP) need to have technical controls to protect their employee-owners’ assets. Guide Star understands the intricacies of an ESOP and the importance of protecting your company with technical controls and encryption.

Security | Consulting

By: Evan Rice
April 6th, 2022

Managing your company’s data can be a tall task for any business, and every business will have a system that is owned and operated by a third party provider. Many choose to utilize a third party storage system for storing their data and assets. One of the more prominent examples of this is the cloud. It is becoming increasingly common for businesses to explore the option of moving their storage from a traditional server structure to a cloud-based model. The Department of Labor’s (DOL) best security practices for ESOPs recommend performing security reviews of the data you have stored on the cloud. While conducting a timely security review for the cloud is important, it’s critical to conduct these reviews for any third party IT structure you house data on. Better than safe than sorry.

Cybersecurity | Consulting

By: Evan Rice
March 29th, 2022

In today’s workplace, ensuring only authorized access to your company’s systems is a key component of any cybersecurity program. Bad actors are no longer just lurking in the dark corners of the internet, they are everywhere your systems are, and may even be working inside your company. One of the main tactics hackers use to gain access to your systems by hijacking legitimate credentials. They do this by social engineering. Social engineering is the art of manipulating people, so they give up confidential information.

Cybersecurity | Consulting

By: Evan Rice
March 22nd, 2022

One of the main components to planning for disaster is cybersecurity. Being prepared for the worst is something every business needs to consider. Whether it’s a natural disaster, dangerous scenario, or a cyberattack, having a plan in place to protect your assets and your employee-owners cannot be overlooked. By starting your Business Continuity Planning (BCP), you will help protect your employees, especially for businesses with Employee Stock Ownership Plans (ESOP). A business continuity plan covers how to respond and protect your (your employee-owners) assets when disaster strikes.

Security | Consulting

By: Evan Rice
March 15th, 2022

People are the driving force behind your business and its success. Without your employees, you wouldn’t be able to provide the services your customers depend on. Companies with Employee Stock Ownership Programs (ESOP) need to pay special attention to their employees, as they have a vested interest in its success. ESOPs start with people, and your cybersecurity program should have an emphasis on them as well. When the term “cybersecurity” shows up, people automatically think of having anti-virus software and ensuring you have a firewall in place. The last line of defense between your business and hackers is your employees. According to a study done by Stanford University and Tessian, approximately 88% of all data breaches are caused by employee error. Hackers have been getting better at creating legitimate phishing emails, and employees might not have the tools to see a threat. Cybersecurity is much more than hardware and software; it’s about giving your employees the education they need to prevent cybercrimes from happening.

Security | Consulting

By: Evan Rice
March 8th, 2022

Every cybersecurity program will have vulnerabilities. This can be especially scary for companies with an Employee Stock Ownership Program (ESOP). You want to keep your employee-owners and their assets safe, but how do you know that your cybersecurity program is doing enough? The Department of Labor’s cybersecurity best practices for fiduciaries recommends that your company’s cybersecurity program has a risk assessment program and undergoes a third party assessment. So, where do you start?

Cybersecurity | Consulting

By: Evan Rice
March 1st, 2022

Cybersecurity is one of the most important concerns for any business. Businesses with Employee Stock Ownership Programs (ESOP) need to pay special attention to keeping their employees safe from cyber-criminals. Cybercrime can be scary for any business, big, medium, or small. If your business doesn’t have the tools to protect your beneficiaries, Guide Star is here to help. In April 2021, the Department of Labor released cybersecurity best practices for fiduciaries to prevent vulnerabilities. Dive in deeper and learn about the first cybersecurity guideline recommended by the Department of Labor, which is how to create a formal program from scratch.