Secure your business with CyberHoot Today!!!

A Checksum is a value used to verify the integrity of a file or a data transfer. In other words, it is a sum that checks the validity of data. Checksums are typically used to compare two sets of data to make sure they are the same. Some common applications include verifying a disk image or checking the integrity of a downloaded file. If the checksums don’t match those of the original files, the data may have been altered or corrupted.

A checksum can be computed in many different ways, using different algorithms. For example, a basic checksum may simply be the number of bytes in a file. However, this type of checksum is not very reliable since two or more bytes could be switched around, causing the data to be different, though the checksum would be the same. Therefore, more advanced checksum algorithms are typically used to verify data. These include cyclic redundancy check (CRC) algorithms and MD5 hash functions.

It is rare that you will need to use a checksum to verify data since many programs perform this type of data verification automatically. However, some file archives or disk images may include a checksum that you can use to check the data’s integrity. While it is not always necessary to verify data, it can be a useful means for checking large amounts of data at once. For example, after burning a disc, it is much easier to verify that the checksums of the original data and the disc match, rather than checking every folder and file on the disc.

Both Mac and Windows include free programs that can be used to generate and verify checksums. Mac users can use the built-in Apple Disk Utility and Windows users can use the File Checksum Integrity Verifier (FCIV).

What does this mean for an SMB or MSP?

MSPs and SMBs should be aware of the MD5 Hash that can verify the integrity of the file to determine if anything malicious has been done to the file. MD5 hashes can be used before executing files to see if the file has been tampered with prior to its execution and installation. This is done by researching a file’s MD5 Hash (tip – research and compare multiple websites reported MD5 Hash) and compare them to the downloaded file. This can validate the new file you downloaded hasn’t been tampered with.

It’s important to always be sure you’re installing safe applications or files on your devices. This can be extended to patches from vendors to validate their file integrity as well.

In addition to the recommendations above you can also check website reviews, the application’s country of origin, or the reputation of the developers. Each of these can provide you incremental improvement in your trust of the downloaded file before installing it on your computer.

Additional Business Cybersecurity Recommendations

The recommendations below will help you and your business stay secure against the various threats you face on a day-to-day basis. All of the following suggestions can be accomplished in your company by hiring CyberHoot’s vCISO services. For a vCISO proposal, please email

  1. Govern employees with policies and procedures. All companies need a password, acceptable use, information handling, and written information security policies (aka: WISP) at a minimum.
  2. Train employees on how to spot and avoid phishing attacks. Adopt a learning management system like CyberHoot’s product to teach employees the skills needed to become more confident, productive, and secure.
  3. Test employees with Phishing attacks to practice. CyberHoot’s Phish testing allows businesses to test employees with believable phishing attacks and put those that fail into remedial phish training.
  4. Deploy critical cybersecurity technology including two-factor authentication on all critical accounts. Enable email SPAM filtering, validate backups, deploy DNS protection, antivirus, and anti-malware on all your endpoints.
  5. In the modern Work-from-Home era, make sure you’re managing personal devices connecting to your network by validating their security (patching, antivirus, DNS protections, etc) or prohibiting their use entirely.
  6. If you haven’t had a risk assessment by a 3rd party in the last 2 years, you should have one now. Establishing a risk management framework in your organization is critical to addressing your most egregious risks with your finite time and money.
  7. Buy Cyber-Insurance to protect you in a catastrophic failure situation. Cyber-Insurance is no different than Car, Fire, Flood, or Life insurance. It’s there when you need it most.

All of these recommendations are built into CyberHoot’s product and/or vCISO services. With CyberHoot you can govern, train, assess, and test your employees. Visit and sign up for our services or email for a free consultation. Do it today as you never know when an attack will occur. At the very least continue learning by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity threats, vulnerabilities, and breaking news.

To learn more about Checksums, watch this short 3-minute video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.