The Architect, Designer and

Builder’s Guide to Cybersecurity

Presented by
 Table of Contents
Introduction ..................................................................................... 3

Why Firms Need to Be Thinking About Cybersecurity.................... 4

Common Types of Security Breaches ............................................ 5

Viruses.........................................................................................................................................6
Ransomware ...............................................................................................................................6
Phishing .......................................................................................................................................7
In-House ......................................................................................................................................7
DDoS ...........................................................................................................................................8

How Firms Can Improve Cybersecurity .......................................... 9

Create Strict Password Policies ................................................................................................10
Improve Your Email Security .....................................................................................................10
Improve Web Security ............................................................................................................... 11
Run Anti-Virus Software ............................................................................................................ 11
Back up Your Data .....................................................................................................................12

Protecting Your Firm with Disaster Recovery ............................... 13

Are You Ready to Secure Your Network? ..................................... 14

PAGE 2 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 PART I
Introduction
Most small businesses today are not proactively addressing the threat of cybercrime,
and architecture firms, designers and builders are no exception. There’s a common
misconception that only large corporations are targets of cybercrime, and as a result these
smaller organizations fall into the 97% of small businesses not prioritizing improvements to
data security.

Unfortunately, the belief that cybercriminals only target large companies could not be further
from the truth: 60% of targeted cyber-attacks hit small and medium sized businesses. As
CyberArk CMO John Worrall puts it, “Everybody is a target for attacks because everyone
has something of value.” *

Not only are smaller firms frequent victims of cybercrime, but they aren’t always able to
recover from its impact. Nearly 60% of small businesses will be forced to close within six
months of being a victim of cybercrime.

If you’re reading this, you’re taking the first step to change that.

Source: http://www.constructiondive.com/news/how-construction-companies-can-improve-cybersecurity/424217/

PAGE 3 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 PART II
Why Firms Need to Be Thinking About Cybersecurity
You may have a lot more to lose than you think.
A common theme among firms in industries such as architecture, design and construction is a relegation of
cybersecurity to the background. Only minimal attempts are made to protect data, because the likelihood of attack
seems so small. Unfortunately, this attitude is exactly what cybercriminals are hoping for.

YOUR FIRM IS AN APPEALING TARGET

There are thousands of cybercriminals who wouldn’t think twice about going after small businesses; in fact, there are
many who target them specifically because of the relative lack of security. So, what do these criminals have to gain?

• Company financial information and employee W2s

• Ransomware payments from firms who desperately need to unlock their systems
• Sensitive client information that can be used for blackmail and fraud
• More computers for a botnet that can be used for DDoS attacks

THE NUMBER OF ATTACK VECTORS ARE INCREASING

The amount of client and company data is going to increase dramatically over the next few years, and firms are going
to have to be prepared to protect it. A rising level of software embeddedness and interconnectivity in industries like
construction demands that security keep up with it, yet cyber safeguards seem to be falling behind.

According to Alexander Heid, chief research officer at Security Scorecard, malicious activity directed at these firms “is
expected to increase significantly within the coming years as construction firms begin standardizing the integration of
‘smart’ devices and IoT devices such as thermostats, water heaters and power systems…These new IoT devices will
create a larger attack surface that previously did not exist.”

These industries, which might not have been very digitally active in the past, need to embrace the growing
responsibility that comes along with increasing technological dependence. The old way of working with data is not
going to work, and the explosion of cybercrime in recent years has made it absolutely crucial for firms to take charge of
their security.

A SINGLE CYBERATTACK CAN COST YOU HUNDREDS OF THOUSANDS OF DOLLARS

Once a cybercriminal has access to your network, your business is in danger of much more than just a bricked
computer. With access to your system, these attackers can destroy your crucial files such as contracts, drawings and
project plans. Ransomware attacks can hold your data hostage, and can erase thousands of hours of work if you don’t
pay up (and sometimes even if you do).

Identity theft and breach of confidentiality can be even more damaging to a firm. If potential clients don’t feel safe doing
business with you, they won’t want to risk their own data by engaging with your organization. A firm’s reputation is its
most valuable asset, and the impact of a data breach can be devastating.

In short, a single attacker can and will bring your organization to a grinding halt just so that they can make a few
hundred bucks. Without the proper measures in place, these intrusions can derail your projects and even cause you to
lose customers.

Source: http://www.constructiondive.com/news/how-construction-companies-can-improve-cybersecurity/424217/

PAGE 4 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 PART III:
Common Types of Security Breaches
What types of attacks should you be prepared for?
The cybersecurity landscape is constantly evolving, with new threats being discovered regularly.

Most security breaches fall into one of a few categories

• VIRUS

• RANSOMWARE

• PHISHING

• IN-HOUSE

• DDOS

PAGE 5 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Viruses
A computer virus is designed to spread from host to host and has the
ability to replicate itself.
In order for a virus to infect your computer, you have to run the program the virus attached itself to, which in turn
causes the virus code to be executed.

This means a virus can remain dormant on your computer without showing major signs or symptoms. However, once
the virus infects your computer, the virus can infect other computers on the same network.

Viruses are capable of many malicious activities, including

stealing passwords and other sensitive data, logging keystrokes,
corrupting files, spamming your email contacts and taking control
of your computer.

Ransomware
Ransomware is a type of malware that prevents users from accessing
their computer system and demands a ransom to restore access.
Sometimes, ransomware only encrypts specific data on a computer system. Other times, these programs will encrypt
an entire system. In order to regain access, users are forced to pay a ransom to the attacker.

Victims of ransomware have three options:

1. Pay the ransom in bitcoins (usually hundreds or thousands of dollars) to retrieve their data

2. Refuse to pay the ransom, but lose their data

3. Restore their data from a backup they previously made

Current ransomware threats include Cryptowall and Cryptolocker.

PAGE 6 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Phishing
Phishing occurs when a cybercriminal poses as a trusted entity or
person in an effort to collect information like usernames, passwords
and bank account information from an individual.
Phishing attacks frequent target employees who are responsible for finances via malicious emails. These emails are
designed to look like they are being sent from someone the victim knows. Once the phisher obtains this information,
they can use it to steal from the institution and its clients.
Firms are an especially appealing target for phishing because of the trusting nature of the employees, lack of
cybersecurity training and absence of email screening software.

In 2015, phishing campaigns targeted small businesses 43% of the

time, because they know that smaller organizations (including firms)
are less likely to be prepared for such attacks.

In-House
The most common security incidents are caused by employees failing
to follow cybersecurity best practices.
Your employees may allow an intruder to easily access their account information or infect their computer with malware
when they aren’t proactive about security. This breach has the potential to infect not only the employee’s computer, but
your organization’s entire network as well.

Some of the many ways in which employees threaten the safety of their organization’s network include:

• Opening emails that contain malicious links or attachments

• Having unrestricted administrative rights that allow employees to install any program to their computer
• Using weak, easy to crack passwords

In 2016, employees accidentally installed malicious software onto

their company’s network once every four seconds.

PAGE 7 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 DDoS
A DDoS – or denial of service – attack occurs when the bandwidth or
resources of a targeted system, usually one or more web servers, are
flooded by multiple systems.
DDoS attacks may cause victims to lose access to critical information, preventing normal operations to take place.

There are a number of signs that a firm is the victim of a DDoS attack:

• Slow loading website pages

• Transaction failures
• Total disruption of internet service
• A sudden large volume of spam
• Increased number of customer inquiries from outside of your normal customer area

A DDoS attack in October 2016 – likely the largest ever - caused

major websites including Twitter, Netflix and CNN to go down for
much of the day.

PAGE 8 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 PART IV
How Firms Can Improve Cybersecurity
Steps You Can Take Right Now to Improve Cybersecurity
The threat of cybercrime against firms is very real.

Thankfully, there are steps you can take to significantly reduce your chances of being a victim, or lessen the damage if
you do experience a security breach. These include:

• CREATE STRICT PASSWORD POLICIES

• SETUP EMAIL SECURITY

• IMPROVE WEB SECURITY

• RUN ANTI-VIRUS SOFTWARE

• BACK-UP YOUR DATA

PAGE 9 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Create Strict Password Policies
Complex, frequently-changed passwords create a major challenge for
criminals attempting to break into your network.
Require users on your network to have strong passwords (those that contain a combination of uppercase and
lowercase letters, numbers and symbols).

Example of a weak password Example of a strong password

password123 !voryCorn75

In addition to requiring strong passwords, require users change their passwords after a set period of time, such as
every six months.

TIPS: Use a strong password generator, like www.dinopass.com, to easily create better passwords.
Do not store your passwords in your browsers (ie. IE, Chrome, etc).
Can’t remember 126 different passwords for all your accounts? Consider a secure program like 1Password or
LastPass to keep you safe and organized.

“123456” is the most commonly used password.

Improve Your Email Security

Don’t let your inbox be an easy access point for cybercriminals.
Implement programs that keep malicious emails out of your inbox. This includes software that blocks spam,
viruses, malware and phishing attempts.

Don’t forget that your employees are on the front-line and must be on the lookout for suspicious emails. Educate
them on safe email habits, including not downloading attachments or clicking on links sent from unknown
senders.

TIP: Switchfast offers an email phishing drill to its managed clients that provides instant feedback on who in
your organization needs additional training.

Nearly one third of all phishing emails are opened by their potential
victims.

PAGE 10 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Improve Web Security
Malicious websites – including phishing sites and those with links to
download viruses – can fool unsuspecting visitors.
Web filtering services can prevent your employees from visiting sites that are often sources of malware infections, but
that may show up as a Google search result.

Web filtering can help control your employee’s browsing habits to keep them focused while at work.

In 2016, Google detected as many as 47,921 websites hosting

malware every week.

Run Anti-Virus Software

Discover viruses before they become a problem.
Run an anti-virus program that scans your users’ machines to detect viruses.

Remember: viruses may lay dormant, only being triggered when a specific application is opened. Frequent anti-virus
scanning can help eliminate viruses before they wreak havoc.

TIPS: If you use a free anti-virus program, make sure that you are receiving the regular and vital updates to that
software.
Yes, Macs should have anti-virus as well.

Symptoms of a computer virus include slow computer performance,

erratic computer behavior, unexplained data loss and frequent
computer crashes.

PAGE 11 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Back up Your Data
Storing your data in multiple locations is your safety net if and when
your computer is compromised.
If you lose access to data, you can restore it with backup stored in a separate location.

Backups only work when done frequently; if you only backup once a month, assume you will only be able to restore
data that is a month old. Any documents you’ve created or edited since the last backup will be inaccessible.

TIP: Are you familiar with the restore process? How long does it take to do a full restore? Know these details before
disaster strikes.

FOLLOW THE 3-2-1 RULE OF BACKUPS:

Have at least...
> 3 copies of your data backed up on at least
> 2 different storage formats, with at least
> 1 copy stored offsite

PAGE 12 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 PART V
Protecting Your Firm with Disaster Recovery
What can you do to protect your firm?
Even when you take all of the proper precautions outlined in this book, your data is still at risk thanks to the possibility
of disasters such as fires or floods.

While there is no way to stop natural disasters, there is a way to mitigate the downtime, expenses and damage they
can do to your organization: disaster recovery.

Key Components of Disaster Recovery

What should you consider when building your disaster recovery plan?

ON-SITE BACKUPS
Data backups located on-site, but in a location other than your individual, physical computer.

OFF-SITE BACKUPS
Data backups located across multiple geographically isolated data centers. Off-site backups are crucial for protecting
data in the case that your office is damaged by a disaster.

STRICT RTO AND RPO CAPABILITIES

Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are measures of loss tolerance. How many days
or weeks’ worth of data are you okay losing, and how many minutes, hours or days are you willing to be down? Having
an understanding of your RTO and RPO allows you to determine how frequently your data should be backed up.

BACKUP AND RECOVERY MANAGEMENT

Daily review and maintenance that allows for problems to be caught and addressed before they damage your
organization.

TIP: Check out our downtime calculator at switchfast.com/recovery.

The average cost of downtime per hour can be in the thousands of

dollars.

PAGE 13 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com
 Are You Ready to Secure Your Network?
If you want to protect your firm from cybercrime and other
security breaches, you must take precautionary measures to
ensure a secure network.
By covering the essentials and including secondary measures in
your plan, you’ll be making it much harder for your organization to
be compromised. If you have questions, we’re here to help.
To learn more about how Switchfast protects its managed
clients in each of these areas, call 773-241-3007 or email
TheFutureofIT@switchfast.com.

Switchfast has been a leading IT consulting and managed service provider for
Chicago’s small businesses since 2001. By taking a multi-layered Defense In
Depth cybersecurity strategy with services such as proactive monitoring, managed
VPN and firewall, employee training and comprehensive backup and recovery
solutions, Switchfast helps you to protect your network and defend your organization
against evolving cybersecurity threats.

PAGE 14 4043 N. Ravenswood Ave., Suite 203, Chicago, IL 60613 • 773.241.3007 • www.switchfast.com