Privacy, Security, Hacks and Leaks

HayleyE:Life

As a Chief Information Officer (CIO) or an IT Supervisor, it is your responsibility to protect your company online. Ensuring that the company is safe from any cyber attacks, digital threats, and failing security measures. Keep reading for information that will help you become a better CIO or IT Supervisor in your field.

 

Know your Enemy:

In 2020 there are many different types of potential digital threats. Below are 5 of the most common threats out there:

  • Ransomware – An attacker infects a system with malware that encrypts their data. Then generally the victim then has to decide if they want to pay the “ransom” or lose their data for good.
  • Internal Attacks –  Internal attacks can come in a variety of forms ranging from angsty employees that use their access for personal gain or even just being careless with their accounts making them more susceptible to being compromised by an attacker.
  • Phishing Attacks – An attacker creates a fake email, text, or website in order to get their victim to input sensitive information. Things like work login information, passwords to online accounts, banking info, or other information that can be used to access personal data.
  • DDoS Attacks – Distributed denial of services are designed to overwhelm the resources of a network so they cant process real traffic on the network. It puts a halt to operations of the business. They are often used to cover up the fact that other security breaches are in progress.
  • Security Vulnerability – Also known as a security bug is an unintentional glitch or flaw in the programming of computer software or OS. The bug can be used to access a system to cause harm.

 

Know Your Business:

Some of our top processes, systems, and functions that you can implement in your practice as well.

  • Use web application firewalls (WAF) to protect your website from bots, phishing, and malware attacks. Adding the second layer of protection not only protects your business but your potential customers as well.
  • Secure your network! Use the strongest encryption key settings that you can, as well as turn off the broadcast of your network so it is “invisible”. If a network is not visible it is less likely to be picked up on hacker’s radars. Going unnoticed will decrease the possibility of an attack greatly.
  • Limit the use of personal devices for business-related practices. Using personal devices can greatly increase the risk of a breach. If an employee must work remotely, provide proper equipment and security measures to ensure business data will not be compromised.
  • Properly dispose of data that is no longer needed. Work with your tech disposal partner and ensure they are using proper tools that overwrite data multiple times to bury any old information on your tech that is to be disposed. Simply erasing data, reinstalling your operating system, and reformating the hard drive is not enough to remove all of your business data from the tech.
  • Background checks on all employees. Especially any new incoming staff. If you can prevent internal threats from the get-go you’re one step ahead of the game. Knowing their professional, as well as personal background, can help if any red flags start to arise during their employment. Noting any change in behavior of current employees is also a big internal security plus. Do you have a disgruntled employee that could snap and seek retaliation by using their access to cause harm?

 

Develop a strategy:

There are hundreds, if not thousands, of things you can implement to protect your business from digital attacks, below are just a few:

  • Minimize access for employees to only have access to functions required for their job. Having more privileges than needed can increase the amount of damage that can be done if a single account is compromised.
  • Provide proper training to employees to avoid simple phishing attempts. Show them what to watch out for while accessing email, internal websites, and external links.
  • Implement the use of perimeter security on all computers. Such as firewalls on servers, as well as antivirus programs on individual computers to protect systems from malware uploads.
  • Plan regular patch updates. Keeping up with patches for programing when a system updates can greatly lessen the chance for attackers to access your business via security bugs.
  • If you are unable to keep up with security updates and patches, using cloud storage may be best for your business. Reputable cloud providers maintain patches and ensure proper security measures are taken to protect their customer’s stored data.

 

 

 

1. Eric Dosal, Compuquip Cybersecurity

https://www.compuquip.com/blog/4-cybersecurity-threats-to-watch-out-for-in-2018

2. Segun Onibalusi, Digital Commerce 360

https://www.digitalcommerce360.com/2020/05/01/4-security-threats-retailers-should-watch-out-for-during-the-rest-of-2020/

3. Ben Griffin, Compare the Cloud. Net

https://www.comparethecloud.net/articles/10-practical-tips-for-keeping-your-business-data-secure/

Leave a Reply

Your email address will not be published. Required fields are marked *