I was recently chatting with our IT Support Firm and they told me of another client of theirs that was recently hacked into and blackmailed. The blackmailers said that if they didn’t pay the €50,000, their system would be wiped.
Unfortunately they had no choice but to pay the ransom. By the time they had put the money together, the hackers had destroyed their systems!
With technology continuing to move faster than ever, businesses are becoming increasingly reliant on their computer systems and networks. In many modern organizations, their day to day operational activities, websites and CRM systems are
completely dependent on a good technological infrastructure. This creates a significant risk to an organization if the technology were to fail for any reason.
However, despite this apparent risk, in many organizations there exists a disparity between reliance on technology and controls in place to prevent cyber threats. These threats can cause data loss, an inability to continue working, or even worse, the theft of customer information.
You may have previously thought that hackers would have only attacked larger companies, however empirical evidence would suggest that the SME’s are currently an easier target as unfortunately they don’t have the necessary security systems in place to protect their organizations.
To help improve awareness within small businesses, ICAEW offers six recommendations on how to avoid a security breach. They are as follows:
1. Allocate responsibilities
If individual managers are given ultimate responsibility for ensuring controls are in place and operating effectively, the procedures involved to increase security should become commonplace as opposed to an after-thought, which should improve an organization’s defense’s against an attack.
2. Protect your computers and network
This often involves things as simple as installing anti-virus software on to all company machines. The firewall which is contained within this software should provide a reasonably strong (and simple) level of protection against external threats and the anti-virus can be set to run regular scans of your system to ensure no viruses exist.
3. Keep your computers up to date
Something which demonstrates the speed at which threats can come into existence is the regularity of Windows updates. These updates can be set to download and install automatically which will boost an organization’s defenses against a cyber-threat by closing loopholes which hackers are known to try to exploit.
4. Control employee access to computers and documents
Although we would like to think this is a very rare occurrence, leaks of confidential information can happen caused by an employee. To avoid it, it is possible to restrict the information which different employees can access. You can easily set up different access rights for the different levels of staff.
This coupled with password access and log review, should the unfortunate event occur, would make it easier to track any unauthorized access.
5. Extend security beyond the office
With many staff now possessing the ability to work from home, this represents one of the biggest threats to an organization’s cyber security. It is now possible to use storage devices which can be wiped remotely if lost, which reduces the risk of confidential information being stolen. If this is combined with company policy which requires all company information to be stored on the company network, or on a secure storage device, the threat of information falling into the wrong hands can be significantly reduced.
Also, all laptops that are removed from the office should be encrypted. That way if they do fall into the wrong hands they are very little use to anyone.
6. Educate your team
This is perhaps the most salient point of this article. Security threats can come in such a wide range of forms that it is impossible to fully safeguard against everything. Instead, a healthy dose of basic education to ensure staff don’t click on rogue email links, don’t visit infected websites and recognise the importance of keeping their computers and anti-virus up to date will go a long way against protecting yourself and your organisation against a large percentage of the threats out there.
What Questions Do You Have?
We are happy to help. Please post your comment below or call Des McCann
, Partner at Cooney Carey, on 01 677 9000. Alternatively, send him an email: email@example.com
To keep in touch, connect with us on LinkedIn.
If this article helped you, please share it with other businesses.
Photo credit: perspec_photo88
/ CC BY-SA