Before one tiny leak that could easily be prevented take down your entire business; let’s take a look at four fatal errors you MUST avoid, to make sure it never does:
Have you developed a false sense of security?
Please, please, please do NOT think you are immune to a cyber-attack simply because you are not a big company. The fact is, whether you have 12 clients, or 12,000 clients, your data has value to hackers. A simple client profile with name, address and phone number sells for as little as $1 on the black market. Yet add a few details, like credit card and Social Security numbers, and the price can skyrocket – $300 per record is not uncommon. Being small doesn’t mean you are immune.
Are you skimping on security to save money?
Sure, of course you have a tight budget… So you cut a deal with your marketing manager, who wants to work from home at times. He links into the company network with a VPN. If configured properly, your VPN creates a secure and encrypted tunnel into your network. So his device now links his home network into the company network. The problem is, his home cable modem may be vulnerable to attack, an all-too-common issue with consumer devices. Now you have an open tunnel for malware and viruses to attack your network.
Could lack of an off-boarding process put your company at risk?
It’s crucial to keep a record of user accounts for each employee with security privileges. When an employee leaves, you MUST remove those accounts without delay. An internal attack by a disgruntled worker could do serious harm to your business. Be sure to close this loop.
Have you been lax about implementing security policies for desktop computers, mobile devices and the Internet?
The greatest threat to your company’s data originates not in technology, but in human behavior. It starts before you boot up a single device. In an era of BYOD (bring your own device), for instance, lax behavior by anyone connecting to your network weakens its security. Your team love their smartphones, and with good reason. So it’s tough sticking with strict rules about BYOD. But without absolute adherence to a clear policy, you might as well sell your company’s secrets on eBay.
Don’t let a tiny leak sink your ship!