The last two years have been rife with cybersecurity incidents. In 2016, the average cost of a data breach to a UK organization was £2.53 million, and (as of July 2017) £2.48 million as of July 2017. There has never been a more apt time to review your security procedures and systems security.
When IBM surveyed 40 UK companies, they found that in 2017, the average data breach compromised 21,633 records. When a company falls victim to a cyberattack, their revenue and reputation is put at stake. We spoke to GML Technology’s Senior IT Consultant, John. He gave us 5 factors businesses should look into when reviewing their cybersecurity procedures.
In spite of raised awareness about phishing, the standard tactics continue to work. Targets aren’t as diligent as they should be when criminals pose as individuals or companies they trust. John mentioned how businesses fall victim to the ‘double edged sword of communication.’ Businesses that pride themselves on accessibility often display staff details online. These could be job titles, contact details, or photos. This can put senior staff members such as CEOs at risk, as cyber criminals will often pose as people who can authorise large transfers. John emphasised the need to be proactive in identifying phishing trends. Websites such as SecureList often list current phishing and malware scams.
Firewalls are very common in regulating access to computer networks. They act as barriers to determine authorised and unauthorised online traffic. There are many options for businesses to choose from, but there are quite a few factors to consider. Firewall solutions come as either hardware or software. Hardware-based firewalls are installed to protect an entire network. This is easier to maintain than software, which needs to be installed on each individual PC. That makes hardware-based firewalls more suited to large companies with hundreds of computers. With firewall software, your employees may have to take on the personal responsibility to allow or refuse access. Training employees to use firewall software is often more costly and time consuming. That is, unless it’s a small business with only a handful of computers.
- USB Drives
There’s always a risk when storing data on an object that can fall into someone else’s hands. The best prevention steps are physical, like password protection on laptop ports. However, there are issues doing this on PCs. This kind of lockdown may hinder use of a keyboard or mouse. Just as employees should exercise caution with their own USB drives, they should never plug an untrusted USB into a company computer. In 2011, the U.S. Department of Homeland Security visited a credit union and dropped USB drives in the car park of the building. 20% of employees who picked one up plugged it into their company computer. Human error often lies at the heart of a data breach. If you wish to avoid USB-related risks altogether, GML Technology can advise on alternatives such as secure cloud storage.
- Offsite Data Storage
Offsite data storage facilities have dedicated servers to protect data from ransomware. Storing data in this way is common in a business’s disaster recovery plan. It means that in the event of a cyberattack, servers can be reset without losing valuable data. The benefits of dedicated off-site servers include tougher security. Secure Data Management, a company that houses data for some the UK’s most well-known brands, insist that “most secure offsite storage facilities have 24 hour manned security at their disposal and CCTV cameras in operation.” Companies may also find it easier to monitor their data, or destroy it for security purposes, if it is stored in a centralised hub.
- Password Management
Passwords are the first line of defence in cybersecurity. Businesses need an official password policy. This regulates how often passwords are changed, and ensures a mandatory level of complexity for company passwords. Many companies are not firm enough in ensuring their employees use strong passwords. Security firm Preempt found that 19% of business professionals use passwords that are weak, or shared across multiple accounts. 7% use passwords that are ‘extremely weak’. At the least, sharing passwords doubles the impact of a compromised password. John recommends password generators. They make sure your passwords can’t be guessed with your personal information. TechRadar has compiled a list of the best free password generators.
The harsh reality of cybercrime is that criminals are often one step ahead. They’re just as tech savvy as those who work to stop them. GML Technology specialises in disaster recovery, cost analysis, hardware provision, and both remote and onsite support. This makes us ideal for providing advice on cybersecurity. Click here to find out more.