With so many employees having the freedom to work from wherever they want, every company is also now at risk for security breaches. Whether it’s weak passwords, lack of solid procedures for storing and accessing sensitive information, or employees logging into networks remotely, companies of all sizes must be proactive in eliminating such risks.
A few high-profile data breaches have put data security on everyone’s minds. Traditionally, the issue has been a problem for larger corporations, but small and medium-sized businesses are increasingly becoming targets.
Cybercrime costs the global economy an estimated $445 billion a year in direct and indirect losses, according to Computer Weekly. While most information security professionals are aware of the severity of the issue, many senior executives are not, believing instead that their organizations’ data isn’t valuable or that it will not be targeted.
Anyone Can Fall Victim to a Security Breach
Companies at the greatest risk are those dealing with consumer information or data and business-to-business companies with financial transactions. However, even B2B companies without sensitive data or financial information can be at risk.
Recently, an online advertising company’s system was hacked, and the hackers spread viruses to consumers through ads, affecting visitors to big-name sites such as The New York Times and the BBC. According to TrendLabs’ Security Intelligence Blog, the tainted ads exposed tens of thousands of people within 24 hours.
Trustwave’s SpiderLabs Blog reported that when researchers deciphered the more than 12,000 lines of code in the tainted ads, they found long lists of the security products and tools it avoided, highlighting why such products and tools are necessary.
Many similar companies believe they are safe from this type of attack because their systems do not contain credit card numbers or other valuable information. But no one can afford to ignore the issue of security.
Engage Your Security Team
There is no such thing as full protection, so strive to be as protected as possible. Think about ways you could compromise your own systems and take precautions to prevent them. Regular security audits are a must. Some firms even hire hackers to break into their own systems.
Consider what data needs protection and how to protect it. Meet with your security team regularly to assess your organization’s processes and what can be done better. Here are four questions business leaders should ask their technology teams to ensure their networks and systems are safe:
1. Should we enable two-factor authentication for our logins? For example, use a text message to confirm the employee’s credentials — especially when he or she logs in from an unfamiliar device.
2. Are our nonpublic services behind a virtual private network or firewall? Discuss using a virtual private network or firewall to restrict system access, and test its strength.
3. Do we enforce password strength with employees and customers? This sounds simple, but it can be a big issue. This can be a headache for employees, but longer passwords that require both capital and lowercase letters, numbers, and special characters can be key to security.
4. What procedures exist for active employee verification and dismissal? Pay close attention to physical access, including access to offices, networks, or Wi-Fi.
Conversations about security should be ongoing, especially as employees work remotely more and more. And while a company can have the best CIO, CTO, and CEO, any weak link in the chain puts the whole organization at risk and can be costly — both financially and in lost productivity.
July 20, 2016 at 6:53 am
Nice article. I have learn many point from you.Cyber security is most important issue of every organization. Thanks a lot
August 12, 2016 at 9:44 pm
YES. I totally agree with you! It’s so important these days that your wifi is secured and protected from outside forces and potential threats. Great points you make here! Thanks so much for the pointers!