Is your company vulnerable to a cyber-attack? For many businesses, data is their most precious resource. Don’t wait for a breach to begin thinking about cybersecurity. 415 Group’s Principal of IT, David Besse, MsIT, CISSP, CISA, MCSE, explains how business owners can better protect their data:
Today’s businesses operate in an era of hyper-connectedness and, unfortunately, a burgeoning global cybercrime industry. You can’t afford to hope you’ll luck out and avoid a cyberattack. It’s essential to establish policies and procedures to minimize risk. One specific area on which to focus is your employees.
Know the threats
There are a variety of cybercrimes you need to guard against. For instance, thieves may steal proprietary or sensitive business data with the intention of selling that information to competitors or other hackers. Or they may be more interested in your employees’ or customers’ personal information for the same reason.
Some cybercriminals may not be necessarily looking to steal anything but rather disable or damage your business systems. For example, they may install “ransomware” that locks you out of your own data until you pay their demands. Or they might launch a “denial-of-service attack,” under which hackers overwhelm your site with millions of data requests until it can no longer function.
Be mindful
Naturally, crimes may be committed by shadowy outsiders. But, all too often, it’s a company employee who either leaves the door open for a cybercriminal or perpetrates the crime him- or herself.
For this reason, it’s essential for your hiring managers to be mindful of cybersecurity when reviewing employment applications — particularly those for positions that involve open access to sensitive company data. If an applicant has an unusual or spotty job history, be sure to find out why before hiring. Check references and conduct background checks as well.
For both new and existing employees, make sure your cybersecurity policies are crystal clear. Include a statement in your employment handbook informing employees that their communications are stored in a backup system, and that you reserve the right to monitor and examine company computers and emails (sent and received) on your system. When such monitoring systems are in place, prudence or suspicious activity will dictate when they should be ramped up.
Don’t compromise
These are just a few points to bear in mind in relation to your employees and cybercrime. Although most workers are honest and not looking to do harm, all it takes is one mistake or one bad apple to compromise your company’s cybersecurity. We can provide you with more ideas for protecting your data and your business systems.
© 2017
“When it comes to cybersecurity, business owners need to understand — trust is not a security control. Having secure processes in place is essential to the health of your business.
Employees pose a potential risk to company data, whether it’s intentional or not. Over the years, we’ve seen numerous instances where a company’s data is leaked. Passwords get shared. Laptops get lost. Intellectual property gets stolen. The number one cyber threat right now is ransomware. If an employee accidently installs malicious software, with the click of a button, your company data is gone.
The first step toward increased cybersecurity is awareness. Conduct an assessment to detect your vulnerabilities, and invest in training for your staff.
At 415 Group, we help our clients craft cybersecurity policies and establish technical controls to protect their data. Our goal is to provide peace of mind, so they can focus on growing their business.”