Page 42 - index
P. 42
Protecting Businesses from the Top Cybersecurity Concerns
Times have changed. Today, information is a currency unto itself. And using stolen access to
small office networks can often be just as valuable as the data that might be stored there.
Unlike larger corporate networks, many small businesses don’t have the budget to afford full-
time IT person to keep a network secure. Many cybersecurity concerns get overlooked. Mix all
the above and it becomes easy to see why small offices with 20 employees or less are among
the top soft targets that are ripe for hackers and cybercriminals.
Max Nomad, IT computer consultant and author of the book Surviving The Zombie
Apocalypse: Safer Computing Tips for Small Business Managers and Everyday People
offers up some basic advice any small businesses can use to strengthen their cyber defenses:
Beware of Insider Threats. Anywhere from 50% to 80% of all corporate cybercrimes are
facilitated by insiders. The following precautions will reduce the opportunities that often lead to
data breaches:
• Teach employees to click cautiously when opening unfamiliar emails. Small
businesses are a huge target for email phishing scams. Fake emails from Amazon,
photocopiers, fax machines and Administrators bombard office networks all the time. One
click can unleash a beast that bypasses security and causes all kinds of damage. In early
2015, Russian hackers used this tactic to compromise the official Whitehouse email servers
– proof that anyone can fall for this trick.
• Keep an eye on employees who seem bitter or dissatisfied. When people feel
underpaid, slighted out of a raise, or otherwise desperate for money their loyalties can
change. They may be prone to do something detrimental to the company or assist an
outside adversary. Revenge comes in many forms -- and most insider-driven cybercrimes
start this way.
• All non-business online activities should go through the guest network. This applies to
visitors and staff.
• Ban the use of unauthorized USB devices on the network. This is often easier said than
done. Typically this requires an IT person to set up controls to manage (or block) their
usage. USB storage devices (flash drives, external drives, SD cards) can easily get infected
on outside computers and then introduce viruses onto your network, allowing hackers to
bypass many security safeguards.
• If you can’t stop ‘em, use ’em. Without a firewall that blocks content, keeping employees
from sneaking onto Social Media websites during office hours is like trying to prevent hay
fever in spring. Find ways to reward them for using that Facebook and Twitter time to help
promote your business. Be sure the staff knows what should and shouldn't be discussed on
social media websites.
• Make employees aware of social engineering techniques. Hackers know that the right
phone call to an unsuspecting employee can bypass more security than months of skillful
42 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
