While many of us have forgotten how we managed before online banking, when research required a trip to the library and yet-to-be-invented sites for social interaction didn’t exist to remind us about a sister’s birthday, the convenience of the information age brings with it some unwelcome consequences.
It seems that internet security issues are constantly in the news, whether it be the hacking of celebrities’ personal information, the stealing of sensitive government emails or multi-national companies’ customer lists and information being compromised. Despite this, we often take internet security in businesses for granted.
Cyber-attacks can take a wide variety of forms. Viruses that were once thought to attack a single machine have been adapted by cyber-criminals and have the potential to take down your entire network.
Small to medium sized business are being targeted more frequently than the big players according to Symantec’s 2014 Internet Security Threat Report.
For a business owner it is therefore important to educate your team to ensure they are not opening suspicious looking emails or visiting websites that may compromise your IT infrastructure.
Unfortunately, emails that may contain a virus are looking more and more legitimate. If in doubt these should not be opened. A recent example of a particularly nasty virus affecting businesses is the cryptolocker virus that encrypts your hard drive and passwords your computer so that you are unable to access it again. These types of viruses are therefore extremely costly and damaging for any business.
There is often not enough thought given to what is saved on shared networks, the sensitivity of the information being shared and who has access to that information. The result of carelessness on this front could result in scenarios ranging from accidental deletion to malicious intent such as the transferring of valuable information to another party. In addition, thought needs to be given to how the use of a team member’s own devices for work purposes may potentially compromise your internal IT.
If you are worried about the security of your information systems, we recommend engaging with a consultant on your IT security. You could however also start by communicating the following points to your team members:
- Ensure passwords are strong. Most experts suggest if you can remember it, it’s not strong enough.
- Trust your instincts – if you receive a suspicious email, do not open it or any attachments, even if it comes from someone you know. If you need to open it, do so from a stand-alone computer that has been disconnected from the rest of the network,
- When downloading files from the internet, make sure that the website is legitimate and your anti-virus program has checked the file first.
- Whether you are a sophisticated operation with off-site server back-ups occurring on a daily basis or a sole trader who backs up important files to CDs or USB sticks, ensure you are backing up regularly and preferably storing the files away from your main computer.