Perhaps a hundred years ago, you’d not expect running water or think electricity as a complete luxury. But nowadays could you imagine having to pump a well, then heating your bath water (probably no quick shower!) daily to get ready for work instead of having running water at the turn of a faucet? And could you live by candle light without lights, toasters, microwaves? Likely anyone reading this blog (on a computer or smart phone) couldn’t imagine life without either electricity or water.
My next question: could you choose between protecting your business, its data, staff and future? Could your business live without technology (and much needed support that comes with ever changing technology)?
The nuts and bolts of your business in our modern economy is completely different from what was the norm even 20 years ago. Today, if your business lacks IT infrastructure, you’re likely not going to even keep your current loyal customers. Without email, good website design and functionality, client management systems, credit card handling, wifi access points, your business likely won’t have the level of technical sophistication your clients expect. Even if you’d prefer to convert everything to paper—avoiding the latest cyber scam—you’re making process less efficient and eventually will frustrate customers and vendors alike.
The bottom line: your business needs technology to compete in the modern workplace. Without it and without keeping up with updated systems leads makes you even more likely to become irrelevant and, eventually, extinct.
Now, could you choose between having your data secure (and your business compliant to PCI, HIPAA or NCUA standards) or saving a few bucks and letting the door open to cyber criminals?
20 years ago, if I asked you whether a bank should have a security guard protecting its money, or whether you would keep your most precious valuables locked up in immobile safes, I’m sure the majority of you would have unquestionably said ‘of course’. So, why is keeping your data (client, staff and business data) secure from criminals not a big worry or concern?
A recent report on cyber security trends shows that aspiring criminals are entering the ransomware racket with little training and at no cost whatsoever. Growing cyber criminal communities are partnering with budding criminals. For a 50/50 split from sales of your hacked data (two common data are protected health or credit card data), these novice criminals are becoming successful modern pick pockets. But instead of stealing rings or wallets, they’re stealing information that could cost your business tens to hundreds of thousands of dollars. And the consequences aren’t simply getting new credit cards—many recent attacks on small to medium sized business with little to no protection (preventative maintenance and smart firewalls) have led to bankruptcies, slowed growth and even closings! In fact, nearly 60% of small to medium businesses close within 6 months after a cyber attack!
Think about all the ways cyber criminals can easily get into your network (these are just a few of the common ploys!):
Spear Phishing— a sophisticated phishing attack—one that appears to be from your secretary or accountant—personalized to your business written in fluent English—makes email an easy door into your systems. You need IT that (1) monitors traffic and isolates suspicious email from entering your mailbox, (2) detects suspicious activity on your network and isolates problems before they spread and (3) educates your team to recognize to question clicking on links and opening attachments that may be carrying a virus that will compromise your entire network if not caught.
Overflow Buffering— some of the more sophisticated hackers actually get into your customer data from online submission forms. The hacker goes to your form and then submits a lot of data into each of the form fields. The hacker actually submits code in your form that is designed to steal data from your database. You need IT that monitors your network and website and prevents traffic from getting into your databases—using unified threat management technology—that identifies and stops attacks before they can even attempt to get in.
Password Hacking— because many businesses fail to change passwords (especially default passwords on routers) or keep simple or shared passwords to admin access to your network, hackers often will not have to try very hard to break through your systems. For a review on creating passwords, see a recent post. Businesses need IT that identifies password vulnerabilities, lock down admin credentials and institutes a strict password policy to ensure your (and your client) data is constantly secure.
Downloading Free Software—more often than not, team members download software riddled with viruses that may shut down your entire network. Whether looking for freeware or a plugin for Excel, the free download route leave room for malware, viruses or “buggy software” to plague your system—leading to ransomed data or stolen data. When it comes to your business, there’s no free lunch. Period. If you expect to run your operations on free software, realize that there may be hidden costs. When it comes to free downloadable software, that risk is likely malicious and more costly than you’d ever imagine. Remember: software comes at a cost for a reason—you have guaranteed supported software after tens to hundreds of hours of testing from computer programming teams. Anything free will come with no guarantee. Good IT Support will limit or prevent users from freely downloading anything from the web, especially if a website is not trusted (i.e., unsecure sites, websites hosted in locations notorious for cyberattacks).
Fault Injections— one of the most complicated hacks, a fault injection requires the criminal to research ways into your source code. They essentially inject code into your website or database to see if they can crash your system. Website code injections are quite common—the code injection often does little to effect the actual site, but delivers a worm or vector to users when they visit your site. Many web hosting companies will actually remove your website when this happens (and often with little or no warning!). Good IT Support will test your site for code injections before they become major problems.
Note: each of these tactics is currently being used on American businesses—large and small! No matter your vertical, you can’t simply keep thinking that nothing will ever happen to you. Very least, letting hackers have the opportunity to get into your network (or into your poorly maintained website) will lead to clients’ data by your negligence. The average attack costs businesses $300,000!
Is your business secure from cyber-criminals—their growing community and more sophisticated methods of attack? If a criminal crashed your system, is your data at least backed up? If you’re concerned about not having adequate IT support that protects your data, contact us TODAY for a free network assessment!