It is not a question of ‘if’ but a question of ‘when.’ the hack will occur. Ignoring warning signs risks disruptions, loss of information and potential liabilities. Cyber criminals look for weaknesses and pounce.
1. Employee turnover–When staff leaves, they sometimes take data with them – normally inadvertently but sometimes on purpose.
2. Remote Staff or Mobile Work—Remote staff makes losing data easier. Remote staff connecting to your database through online services increases data breach chances. Work with an IT person to make sure you have strong data management and connection tools in place for remote staff making sure they’re monitored. Consider a VPN (Virtual Private network) and two-factor authentication.
3. No IT support–Even the smallest firms have data breach exposures. Qualified IT staff can evaluate risks, install software, monitor activity. Keeping hardware and software up to date is an essential business cost.
4. No security software—Having no cyber security is like putting out an invitation sign to get hacked. Make sure to keep security software current. Antivirus network software is an essential part of business.
5. Staff not trained—Security problems often start with employee-related errors – clicking on bad websites and opening infected email files. Continually train staff and keep them apprised of the latest threats.
6. No Data Security Procedures—Firms entrusted with personally identifiable client information (health, financial or other personal information) have a higher standard. Allowing staff to connect thumb drives and/or access non-work related internet sites bases increases data security risks. Keeping personally identifiable client data unprotected leads to violations of state and federal laws.
7 Out of date computers and operating systems–Running out of date versions of Microsoft Windows is asking to get hacked. Cyber-criminals troll the internet looking for out of date systems. One vulnerable computer can open up your entire network. If a desktop or other device is too old for current operating systems, replace it.
8. Employees use their own computers and devices—Allowing employees to use their own equipment is begging for trouble. This creates unmonitored security issues. Allowing ‘little johnnie’ data access leads to your next email from a cyber-criminal demanding Bitcoins to not share client secrets.
9. No Password Security–People are pretty complacent with passwords. Require frequently changed complex passwords.
Lee Norcross, MBA, CPCU
Managing Director, CEO
(616) 940-1101 Ext. 7080