on Jun 6
Cybercrime is now the new reality. It seems like every week you read a headline about another data breach that affects millions of consumers and national companies such as Equifax, Target, Marriott, or Home Depot. These large corporations seem to be prime targets for cyber crimes but all businesses, regardless of size, are affected even here in Hawaii.
Unfortunately, more local businesses are targeted by cybercrime every day, but business owners can take some practical steps to protect their data and customers against growing these growing threats. Let's look at the most common cyber threats businesses encounter these days.
Malware
Known as malicious software, malware is designed to gain backdoor access into a computer without the owners ever knowing. Some malware can run on computers mostly undetected and provide hackers access to personal data or damage the software. The most common types of malware include viruses, worms, trojans, spyware, and adware. According to the Anti-Phishing Working Group, over ⅓ of computers worldwide are affected by malware.
Phishing
Phishing is the practice where someone is contacted by email, phone or text message by someone posing as a real institution to persuade people to provide their credit card info, passwords or other personal information. Once the info is obtained, then important accounts can be accessed which results in identity theft and loss of finances. Most people are unable to identify phishing messages, but they usually contain one or more of the following elements:
-
A Sense of Urgency
-
Hyperlinks
-
Unexpected Attachments
-
Unidentified Sender
-
Lucrative Offers
With over 1.5 million new messages created monthly, phishing is the fastest growing threat to cyber security because it’s extremely profitable.
DoS (Denial of Service)
DoS is the process where attackers overwhelm a website with too many messages and packets, causing it to crash and restrict access for real users. This attack can be done by multiple computers at once from anywhere in the world. Since every computer is attacking from a different IP address, it can be much harder to defend against and find the actual perpetuator.
Ransomware
A subset of malware, ransomware creates one of the highest cyber security risks for businesses. Once a computer is infected, the software locks and encrypts valuable data until a demanded ransom is paid. The targeted person has to pay the ransom within a certain time period, but that doesn’t guarantee restored access to everything. The ransom can range from hundreds to thousands of dollars - a high price to pay for businesses to get their files back. Ransomware is now a popular means of cyber attacks and new types are targeting computers every year.
Insiders
Businesses usually worry about cyber threats from the outside, but users in their own network can create an even larger security risk. Any careless employee could make the mistake of accessing a website or message infected with malware, download software, or checking the network for weaknesses. Disgruntled employees could even cause harm or major disruptions to the network because they know how to bypass security measures and look for important business info.
Unfortunately, this is a small portion of cyber security threats that plague businesses every year. Cyber crime will continue to grow for the foreseeable future, so here are some ways businesses can protect their data as soon as possible:
1. Move to the Cloud
Cyber defense is a costly affair for businesses. Smaller ones don't have the manpower and resources to upgrade their security software and constantly protect their critical data. An easy solution for businesses is to move their data to a cloud-based server. All the money and time spent for facilities, hardware, security and other costs for traditional data storage are saved by finding a reputable cloud provider that does all of this maintenance and monitoring for you. Security is the first priority for cloud providers and they know any data breach is their fault, so every cloud server includes multiple protection barriers including firewalls, encryptions, and personalized security settings for users. Some cloud providers, like Servpac, even offer direct fiber connection to their servers that meet compliances such as HIPAA, SSAE 18, and SOC 2.
2. Update Hardware and Software
You’ve probably clicked the cancel button whenever your computer or software asks for updates, but don’t ignore them. Usually, the previous versions are the ones that hackers practice on and target users. Reduce the risk of attacks by making sure your computer, software, and antivirus programs are up-to-date. Think about it like this - any new security patch or update adds an additional wall to your system that makes it harder for cyber criminal to get through. If you’re too busy during the day to complete these updates, schedule a time during the week (such as the evening) when you’re free from your computer and can update all your software and systems when the newest version is available.
3. Back Up Important Data
Now is the best time to backup all of your important data for your business. When a cyber attack occurs, it’s very likely all the important data on your computer or network will be compromised, and you might have to reinstall your systems and devices. If none of the data is backed up, you might not recover it after a data breach and create devastating operational and financial losses for your company.
While most businesses backup their data to one source, take it one step further and backup to cloud and physical servers. Cloud providers, like Servpac, offer data backups in multiple cloud sites that are hosted on secure, private networks. You’ll never have to worry about data loss or meeting the demands the cyber attackers on ransomware.
4. Use Email Encryption Software
Business data is a goldmine for cyber criminals, and they’re now tailoring their methods to steal this information more than ever. Businesses need to recognize this growing threat and evaluate the security of their data, especially when it comes to sharing company information in emails. This info can be easily accessed by hackers and used to access important business accounts and databases.
One simple solution for businesses is email encryption software. It’s easy to integrate seamlessly into common email platforms such as Gmail and Microsoft Outlook, and helps ensure your emails and attachments are protected whenever they’re sent over untrusted networks. No one except your intended recipients can read or tamper messages, and all confidential information is kept private. Email encryption software can also scan for suspicious messages and keeps them from being delivered to your inbox. This prevents employees from opening phishing messages that install harmful malware on computers.
5. Establish Security Policies and Processes
Regardless what security software is used, businesses need to take the time establishing a policy that accounts for all the security required on their system. This involves setting up strong passwords that are changed frequently and making sure they differ between computers and accounts for better security. Establish who has access to every system and confidential info, and make sure confidential info is hidden from external visitors. Even if businesses create a security policy that protects all areas of their businesses from attacks, there’s always the chance the worst could still happen. That’s why every company needs to create an emergency response plan that guides employees on how to detect and react to potential cyber attacks quickly to minimize the potential damage.
6. Train Your Team
When the headlines mention businesses falling victim to massive data breaches, realize most didn’t train their employees properly on cyber security. Education and training is just as important as any security software implemented for your business, so update your employees on the latest cyber security threats. Cyber criminals use software and messages that look legitimate to most users, so explain to your team what to look for in suspicious activity. Make sure to create a security policy for employees that explains how to use strong passwords, checking network security, and handling valuable company information. Don’t make this a one time session. Hold frequent learning sessions with your employees about the newest risks and tell them about the newest security software your business implements.
Don't Be the Next Headline
As cyber criminals evolve and attack more businesses, don't let yours become the next headline. Any loss of data poses a threat to your business, customers, and brand credibility, so take your data security seriously with a comprehensive strategy that tackles your weaknesses and trains your employees for any type of security situation. Taking these security measures might seem like a lot of work, but it's better to be safe than sorry for everyone involved. Plus, no one wants to apologize to customers and employees for a massive data breach or business shut down.
If you need some help with your data security, Servpac's cloud service can backup all your critical data with a dedicated and secure fiber connection that meets HIPAA, SSAE 18, and SOC 2 compliances. All cloud data is backed up on-site and off-site with 24/7 monitoring from local engineers. There's no hardware to manage and we take care of all of the maintenance and updates. Give us a call or request a consultation from one of our experts today for more info.
---
Servpac, headquartered in Honolulu, is Hawaii’s largest local telecommunications company providing innovative and integrated phone, internet, cloud, and data center colocation solutions for Hawaii businesses to help them stay connected and competitive in the local and global marketplace. Established in 2004, Servpac is a CLEC (competitive local exchange carrier) that offers a wide range of services including VoIP phone systems, high-speed internet, network management, and secure cloud hosting - all supported by a dedicated fiber network and 24/7 locally-based customer support at its state-of-the-art operations center.