FOUR COMMON SECURITY THREATS FACING SMALL BUSINESSES
Your business no longer needs to be a large corporation to attract the unwanted attention of hackers and cybercriminals.
It’s your responsibility to learn as much as you can so you are able to protect your organization/business against cyberattacks.
Even the most loyal employees can put your business at risk.
From choosing simple passwords to using their personal smartphones on company premises, employees may be unaware and innocent of the activities they perform that expose your business to cyber vulnerability. You can get them up to speed by structuring your corporate policy to help make them more aware.
How strong are your employees’ individual passwords? According to the Keeper Security findings, many people choose incredibly simple passwords such as “password” and “123456.” If your employees are permitted to use these types of passwords, they expose your business to high-risk security breaches.
An employee who knowingly or unknowingly clicks on a link, opens a document, or downloads a file from an unknown source, can be inadvertently responsible for introducing malware into your computer system. Make sure that your employees understand the process for dealing with these types of external malicious acts of cybercrime.
Mobile devices make it easy for all of us to connect remotely and be updated on important information. These days, many employees are unable to do their jobs effectively without having access to a mobile device. This is why it’s crucial to implement a security program and policy, to avoid exposure risks.
Employees who leave devices unattended or who record passwords and leave their notes in accessible places can increase the risk to your company’s data security.
OTHER SCAMS TO BE AWARE OF
Who Really Sent This Email?
Many unwitting older people have been tricked and victimized by this e-mail scam: A criminal pretends to be a friend or a relative (usually a grandchild) in trouble. The victim is instructed to provide a credit card or other form of funding to help resolve the emergency.
Business Email Compromise (BEC)
In this business e-mail scam, the criminal tries to outwit careless employees by posing as the company’s regular vendor. The victim is asked to make a bank transfer for payment requirements that seem completely legitimate. A recent security alert by the FBI reveals that these same criminals use a variety of methods while impersonating a manager or director of an organization that requests a bank transfer.
Any urgent email that the supposed CEO or other authorized people in your organization requests for funds transfer requires follow-up. In most cases, a simple phone verification can help you determine if the application is legitimate or not.
The rise of infidel attacks
Malicious software that encrypts data and holds it for ransom can cause your business to lose valuable assets while experiencing significant downtime.
The infidel attacks are targeted at individuals and organizations alike and operate through the same methods; the only difference is the amount of money required to release the data. A school being attacked was required to pay more than $10,000 in ransom money to release records of classes and students. Other businesses, such as hospital clinics and research institutes, have been asked to pay higher amounts.
These infidel crimes are on the rise; in 2016 and 2017 there was an astonishing growth in infidel attacks and it is expected this trend will continue in 2018 and beyond. Educating employees is the best way to protect your business from ransom attacks; the malware is usually delivered through an attachment or download.
Microsoft Office Document Scams
Word, PowerPoint, and Excel files are regularly shared among employees in an organization, and code designed to exploit vulnerabilities in these programs can be used to help insert malware into the system.
It is important to make sure that the MS Office package is updated with all the latest patches and fixes, and that good anti-virus software is installed on the business computers.
Internet criminals use a variety of methods to hack into the computer system. It is important to be aware of the threats, to take steps to ensure your computer system is protected. Educating employees, defining the complexity of passwords, and creating clear policies on using computers and mobile devices will reduce the risk of business information being harmed from hostile sources.