IT Corner: Cybersecurity
John Clark, Advanced Business Solutions
Cybersecurity is a never-ending battle. You may think your company is safe, but the fact of the matter is that no business is truly safe. As methods of cyberattacks evolve, your cybersecurity posture must also evolve in order to combat the bad actors. This has always been true, but it was reinforced during our initial response to the Coronavirus pandemic. As everyone faced shelter at home and quarantine restrictions, the way that companies accessed their systems and data drastically changed. Employees were sent home without a clear plan and we were doing anything and everything to keep our companies operating as best we could.
Pre-pandemic, our network security was designed to protect the data that was stored in a central location where access was limited to the office, remote locations, and secure remote access for a select few employees. Our Business Continuity plans did not account for entire workforces being sent home with the need for flexible mobile computing. This was an issue because security differs whether your remote employees are working on their own computer or a company-issued device.
As we are learning to live with the pandemic and seeing light at the end of the tunnel, more and more companies are embracing remote working environments. Despite the value of these environments, shifting to this new work environment means you must look at your security posture through a new lens.
We know computer talk can be boring and, frankly, often dismissed by business executives. Take a moment and ask yourself the following questions. If you answer “I do not know” to any of them, you might need to take a closer look.
- What recent adjustments has my company made to our cybersecurity?
- Do I still have employees working from their home computers?
- Who else might be using those home computers?
- What kind of network security does their home network have?
- Do I need to issue them a company device?
- Do I need to help them with their home network security?
There are more questions to be answered, but these are the obvious signs that your protection might need to be readdressed. As your business extends into home offices, your vulnerability to attack increases.
It is a common misconception that you are not at risk because “my company is too small to be targeted” or “I don’t have any data worth anything”. At Advanced Business Solutions, we have seen firsthand the level of impact that poor cybersecurity can have on local companies. Just during the months of the pandemic, we saw companies fall victim to Ransomware – costing them more than $5M in ransom payments. This cost did not include the cost to recover their IT systems nor their business loss. The impact on small businesses can be catastrophic. The days of being “too small” or “having worthless data” are in the past. Bad actors are taking control of your livelihood through Ransomware by holding your business systems hostage until you pay them. True hardening of your cybersecurity posture requires a close examination of your business’ IT and processes.
Here is the good news…We have a few simple and cost-effective steps you can take to harden your cybersecurity today!
- Train your employees. Implement routine Cybersecurity training for your employees. Educate them on how to spot email phishing and spoofing. Employees are our “Human Firewalls”.
- Implement Artificial Intelligence (“AI”). Sounds expensive, right? It is not and it is very effective in blocking what is known as “zero-day threats”. Cloud DNS services can quickly and easily be deployed to mobile devices, company-issued computers, and home computers. This AI will prevent accidental clicks to Ransomware sources, stopping human error from leading to costly consequences. This service protects them no matter where they are working or who is using the device. An added feature is that you can block access to websites you prefer employees not going to.
- Upgrade Your SPAM Filter. Email is the top vulnerability and SPAM filters with AI is an excellent way to upgrade your security at little to no additional costs to your business.
- Get Cybersecurity Insurance. Work with an insurance provider to identify your risks and get insurance to protect you. They will help you with Incident Response, ransom negotiations, and will oftentimes cover the expensive costs in recovering your systems and data.
- Update your financial policy. Companies are being conned out of money through email by redirecting financial transactions. Make sure you have a policy that requires verbal confirmation from your customers and vendors for any changes to where your financial transactions are directed.
These tips are recommended for any business in any industry. Every business is unique and there are always more security measures you should consider.
We have one more question for you to ask yourself. When was the last time you got a second opinion on your network security?
To really take a good look at your security vulnerabilities, your company needs to have a 3rd party CyberSecurity Analysis performed. The results of this Analysis will educate you on your weaknesses and provide recommendations to protect your company.