Business owners might be slowly getting to grips with the cyber security risks to their companies, but there are still plenty of grey areas, misconceptions and technical hurdles for most to overcome. That’s when it comes to both understanding and dealing with computer security and relevant IT issues. These key points need to be understood to better protect the business against the growing range of threats that face all companies.
Cyber security is not just a technology problem
Companies can, and often do, have all the technology in the world to protect their business data. However, that is not enough. While technology provides the protection and solutions for when a threat rears its head, the business as a whole needs to understand what the risks are, and the human factors that can trigger them. This information changes over time, so everyone needs to be kept up to date. Also, hacking and security are nothing personal, it doesn’t matter about the individual or the company, it is purely an automated game for criminals trying to hack millions of companies, or con just a few among the billions of workers into triggering a virus or malware.
Security is more than just a checklist
Getting your IT team to build up a security system and monitoring process is all well and good. But once it is in place, even with automatic updates from big name vendors, automated hacking tools will be trying to figure out weaknesses or ways around any business security infrastructures. Security IT and those in charge of it need to be kept informed about changes in the threat landscape, and stay on top of changes with new zero-day threats emerging on a regular basis.
Training in cyber security is key for everyone
Workers, contractors and even visitors need to be aware of the risks to the business through scam emails, malware and other threats. Mobile devices, cloud services and hacked websites create more vectors for the attackers to play with, and everybody needs to be regularly updated on the risks. From the company receptionist who might open an infected spreadsheet to those in the marketing department who like to visit edgy sites, everyone is responsible for cyber security.
For more information chat with us at Nimbus CS, call Kim on 028 900 800 30
A well set up network and advice from professional IT support can be a good step towards protecting your business from malicious attacks. They can make sure the worst malware doesn’t get through, and save you a lot of hassle and expense in the long run. But there are steps you can take yourself to help reduce your risk, and it starts with basic training for all staff.
For example, stress the importance of password security. It’s a bad idea for staff to use the same password they use for everyday emails and social media if they’re accessing sensitive information – however secure you are around the office, there’s no guarantee what could happen out of hours. Randomly generated passwords may be best, though they can be difficult to remember. It’s length, rather than complexity, that generally makes a password trickier to crack, so strings of random words may work well.
If your office is pretty up to date with technology, you may want to consider two-stage authentication using smartphones. This provides a one-time, limited duration code sent directly to the user in addition to their regular password. This reduces risk significantly by making attacks from afar much more difficult – they need to be in possession of the employee’s phone, as well as their password, to do any harm.
While in the creative industries it might be highly useful for employees to be able to install software and other items (e.g. fonts) on to their work machine, you should take care about how much freedom they’re given. In general, it’s best not to allow them to install software until your IT support has taken a look and given it the all clear. It’s much better to be safe than sorry – that new font can always wait a couple of hours.
It’s likely there still might be people out there who mean you or your business servers harm. But they’re much easier to deal with if the IT support managing your computer networks can focus their efforts on major attacks, thanks to employees taking care of the small stuff themselves.
Cyber Security – Tablet by perspec_photo88 licensed under Creative commons 5
Businesses of any size need to keep copies of their company data, for operational, legal and protective reasons. All it takes is one crash, one wrong command, a failed hard drive or power failure, and some vital files could be wiped out. That’s before we get to malicious activities like an angry employee or outside factors like hackers and data theft.
The costs of recovery vary from a few hundred pounds for a specialist hard drive recovery job to many thousands for a forensic recovery team. Then there’s the potential for a sizeable ransom if a hacker kidnaps your data, or a fine if
you are found to be failing to back up legally mandated information or failing to follow data protection directives.
All of which can be avoided by learning the proper procedures and ensuring your company has multiple backups so that your business can recover from any of these problems that occur on a daily basis around the world, across all industries and types of organisation.
The key to a successful backup is to have multiple layers of safety. That can involve a cloud backup of all business data and daily backups of regularly updated files to physical media that business or IT bosses keep with them in a safe location. Working files, such as Office documents, designs and in-progress graphics, that are stored on individual PCs should be automatically copied to cloud storage at regular intervals. Being registered with the Data Protection Registrar (https://ico.org.uk/for-organisations/register/
) is a must for any size of company that manages certain types of data (such as customer information or credit card details), and they provide best practice advice on what to store, and where to store it.
Whatever your size of business, we can provide an appropriate backup solution for your data, along with IT support, improved networking and security, and other low-cost solutions to ensure your workers and teams remain operational when issues arise or things simply go wrong. Having a simple backup solution can save your company when disaster strikes, and a good backup recovery plan can save your teams hours or days of downtime.
Image by Sebastian Sikora licensed under Creative commons 4