Can your IT hack it?
WITH widespread ransomware attacks this week, we should revisit keeping our business IT, customer data and staff devices secure.
Taking our business online and leveraging the “cloud”, we expose our data to our staff, but also to greater risk of security breaches.
There are three main areas to stay on top of to maximise your protection and minimise the impact of a breach.
First, you need to police and monitor access points to your network.
With the advent of BYOD ( bring your own device) IT infrastructure now has innumerable devices we can’t quite control accessing our networks.
These devices need to be limited carefully to restrict what they can access inside your business when remote.
Whitelisting where you only allow known devices access to your net- work for your own staff devices is also an excellent way to keep out any unwelcome users from accessing your network without your permission.
You also need to enforce policy to secure devices and the data on them should they be lost and fall into the wrong hands.
Enforcing long passwords and even biosecurity measures such as fingerprint or facial recognition go a long way to keeping the wrong people off your devices.
Secondly, you should look to encrypt data securely whenever in transit or when stored.
Middle- man attacks are where data transmitted is intercepted on WiFi connections and can be read by the interceptor.
Encrypt all communications from your team back to the office and this intercepted data will more likely be kept secured.
With online payments growing rapidly, we also see the loss of customer data as embarrassing but also directors can be held liable if that data is not being securely maintained.
Finally, if you do get breached and have your systems locked down by a crypto- lock extortion attack, you need to have redundancy built in to allow business operations to continue.
Having copies of your website, customer records, inventory records and financial records backed up daily ( live if a small business) to an off site data facility means you can replace any files or data that becomes corrupted.
It may still take a little time to get back up to full speed, but at least you will have records to work off.
Be sure to get professional help to secure your business and your data as you look to open your business up to leveraging the benefits of going mobile for your team. Get a security professional to audit your access points, data security and back ups.