Security threats to businesses have evolved. Five years ago, network security was mostly a function to keep hardware assets operating efficiently and free of malware. The most typical causes of concern to businesses were adware and bloatware that would slow down PCs.
Today, we work in an environment where data no longer lives at our desks. With this setup, security threats have become fast, intelligent, and very purposeful. No longer mere nuisances, malicious activities can now cause millions of dollars of damage in just a few hours. Understanding these risks is now a crucial job component for every employee in your company—not just your IT department.
Which security threats should I prepare for?
Security threats are constantly changing, and the threats that you must guard against in the future will extend far beyond what we know today. But at a minimum, you must be prepared to take on three modern security threats:
Security Threat: Ransomware
Ransomware has become one of the most difficult types of malware to combat. It also creates serious moral dilemmas when eradicating it.
Ransomware is a type of virus that encrypts (or locks) a user’s own files, preventing access to critical company data. Once files are encrypted, the only way to unlock them is with an encryption key, a unique code identifier the malicious program creates. Those who spread ransomware profit by selling this encryption key so companies and individuals can regain access to their files and systems.
While most malware hides in the background, ransomware provides messaging that tells you exactly what happened. Often, users receive a full–screen message with a demand for payment via cryptocurrency or PayPal. Most forms of ransomware include a timer that will countdown until the ransom goes up, or worse, the encryption key is destroyed and you lose access to your files forever.
This is where the moral dilemma comes in for business owners. Do you pay the ransom and reward cyber-criminals? Or, do you accept the loss and refuse to give in to those doing harm to your company? Even if you do give in and pay the ransom, there is virtually no guarantee the malware distributor will restore access.
What can I do?
The difficult truth is that once you've been infected by ransomware, you have no way to win. The best lines of defense against ransomware are proactive employee training and a robust backup system.
Plan to develop a training strategy for all end-users in tandem with your IT team. This training should include all of the ways ransomware can enter your network (opening unknown email attachments, clicking website ads, password sharing, etc.). Equally important, it should inform your users on what to do if ransomware infects their systems.
|Do you know what to do when your computer is infected with ransomware? Here's the most important step to take: Shut down the computer completely and disconnect from the internet. Removing your PC from the network could be the difference between it infecting 5% of your files and all of them.|
Ransomware will encrypt any files, server drives, email systems, applications, and other PCs it can find on your network. Cutting power to your PC is crucial to keep your network intact. Your IT department can usually eliminate the acting part of the virus with anti-malware tools. However, this will only stop the encryption process. Files already infected typically will need to be restored from a backup system (such as Acronis or Carbonite). These systems, at minimum, should be taking daily snapshots of your crucial company files.
A widespread ransomware attack can cause lasting damage. Some owners take the risk and pay the bounty to restore their data. However, a proactive approach—with training and a good backup system—is your best defense against these security threats.
Security Threat: Email Intrusion
Similar to ransomware, email hacking has become a very purposeful way for cyber-criminals to make money. In the past, the goal of gaining access to email was to distribute spam messages that spread viruses. Today’s email systems live in the cloud and create opportunities that didn’t exist for hackers of the past.
Cloud email and productivity suites offer some benefits. For instance, they help users stay connected from any location. However, they also create an easier method for bad actors to access company email systems. A simple username and password are all they need to gain access. This simplicity is exactly what today’s hackers are after.
Check this out:
Wondering how they access real usernames and passwords to gain entry? It's often through phishing attacks. Many will send emails that look like they are from legitimate sources. Instead, they're lookalikes that try to capture real passwords. Here's an example. Imagine you receive an email that appears to be from Microsoft. You open it. The email informs you that a file was shared with you. You click the link, and you're taken to a page that looks very much like the Office 365 page. The page prompts you to sign in with your Office 365 credentials. This trap, which looks quite authentic could entice you to enter both your email address and password. By doing so, you provide phishing attackers with full access to log in to your system from anywhere in the world.
When attackers gain access to your system, they might study what your business does, who you communicate with, who else you work with, and any other details that will help them achieve their goal: payment.
Some will send emails on your behalf. These could take any of the following forms:
- Some might send their own invoices to customers, now with new banking information.
- They might ask your coworkers about access to payment methods.
- They could create and send purchase orders to your customers on behalf of your business.
Attackers may do all of this without your knowledge. Some even create rules in your inbox that hide replies from people they interact with. This allows them to respond to anyone who asks if these inquiries are legitimate with an assurance.
The damage is beyond just being monetary. Customers' and partners' confidence can easily be diminished if their payments are lost or they aren’t certain of who they're communicating with. Plus, your email service providers—and those of any attackers communicate with—could blacklist your entire email domain for sending unsafe messages. This move would cut off critical business communication and be very difficult to restore.
What can I do?
Fortunately, there are strategies to safeguard your systems. One is to enable Two-Factor Authentication (2FA) on all your email accounts. This requires users to enter a numerical code sent via text message after entering their email password. This setup makes it much more difficult for a malicious to access your employees' accounts.
Another strategy is to set up geofencing, a security method that restricts login permissions to the locations you choose. For instance, if you only do business in North America, you might block all logins from Europe and Asia. Blocks can be set on an individual basis, too, right from the admin area of your email system. Unique security settings are a great way to grant your sales employees regionwide access and onsite employees access from the city where your business operates. This option, which you can set up to be as granular as you choose, is a great second line of defense beyond 2FA.
Finally, you could use phishing simulation programs to find weaknesses in your security. Solutions such as Sophos PhishThreat and Cofense PhishMe will safely send phishing tests to your employees. Through these tests, your IT department can track how susceptible each person is to clicking a link, opening an attachment, or sharing credentials with a fraudulent audience. These simulated attacks can help you identify who to train and how to be better prepared for legitimate phishing attacks.
Make two-factor authentication, geofencing, and phishing simulation software standard parts of how you guard against security threats.
Security Threat: Lack of IT Policy and Documentation
It's tough to think of your own IT department as a threat to your security, but weak team protocols can be a big problem. A successful IT department is one that sets clear expectations for all company users.
What can I do?
Whether in a small business or a large corporation, policies should drive technology decision-making, planning, and disaster recovery. Teams should strictly audit and enforce file access by department and user to protect key information. Further, these access rules should be adjusted every time an employee changes roles or leaves the company. It's essential to enforce these policies vigilantly, no matter the character of the employee involved.
Policies aren't only for safeguarding intellectual property. Preventing harm to your network through malware and intrusion is also a product of setting clear expectations for your users. A common strategy is to establish an acceptable usage agreement that's signed upon employment. This agreement should outline how your company approves and disapproves the use of technology. For instance, your agreement might prohibit sharing passwords, circumventing security, and visiting dangerous websites. It should also explain what happens when that agreement is broken (termination, legal action, etc.).
Finally, documentation should also exist in the form of a business continuity plan. Establish disaster recovery protocols for every possible system in your company. These should include details of how to use backup functions, who to contact for each system, and the target timeline for each scenario. These documents are a key piece of your business's data security. Make sure they're clear and easy to understand.
What if I don’t have an IT team in place?
If your business doesn't have an IT manager in-house, think about using an outsourced IT group that can lend hours each week or month to implement protocols, update systems, audit activities, and perform other key tasks. Doing this is often much more affordable than hiring a full-time manager or tech team. Plus, it can give you access to experts precisely when and how you need them.
Would you like to connect with an outsourced IT pro? Take a look at these popular options:
The takeaway: The technology industry is expanding and creating easier–to–use solutions. But with these perks, the potential misuse of your company data grows. Be proactive with your technology and keep a mindset of preparedness. Both will pay dividends when (not if) your business faces network security threats.
Are there other steps I can take?
Insurance can also help you reduce your risk exposure. Many owners buy cyber liability insurance and other policies to protect their employees and businesses from cyber security threats. Here's what you need to know:
- The policies can protect businesses during claims of inadequate protection of sensitive, personal, or private data
- They can help businesses recover costs from computer-related attacks, which may include phishing, malware, ransomware
- They can also help owners recover costs they'll incur from the theft of physical pieces of technology that provide access to confidential information
Speak with a commercial insurance agent to learn about coverage and select a policy that suits your business. You can learn more about insurance options for your business in this article:
Log into your owner’s portal for more articles and advice that can help you safeguard your business against legal, financial, and technology risks.