19 Jan 2020Many New Zealand small businesses have a false sense of security about their business not being hacked. Despite this confidence, the statistics don’t lie and New Zealand small to medium businesses need to be prepared and able to defend themselves effectively against a hack.
Often, small companies simply assume that they’ll never be targeted by hackers. However, hacking is on the rise in just about every industry.
Data from the Government agency CERTNZ latest report(Quarter 3 2019) highlights the following.
- 1,354 incident reports in quarter three. The highest number of reports received to date.
- Direct financial loss was $3.8 Million.
- 27% increase in phishing and credential harvesting from quarter two.
- 107% increase in vulnerability reports from quarter two.
Unfortunately, IT security is often seen as a fix rather than an ongoing process, and the cyber security environment is ever changing. This means IT Security needs to be a constant discussion point for the owners of small to medium businesses.
With resources being a challenge for any business, it is recommendation that a business should look to use an IT expert for advice, direction and execution of their security defence plan. The statistics tell you that cybercrime is on the rise, and there’s never been a more crucial time than now to protect your IT infrastructure.
As the world becomes more and more dependent on complex IT solutions and infrastructure, the threat of cybercrime will continue to rise. No matter how advanced the latest IT solutions are, hackers will develop new and sophisticated ways to penetrate them.
So, what can you do to avoid being hacked? And what can you do if your business or organisation is hacked?
How to Bolster your Cyber Security
Here are some of the most effective ways to prevent your company from being hacked.
• Backup your data
Plenty of hackers would love to gain access to your business data, such as customer contact details, purchase order histories, forecasts and other sensitive information. You need to back up your data so that if it is lost or stolen, you can quickly recover it in its entirety.
• Password Management
Ensure that your staff are required to change passwords regularly and enforce this by managing the process. Don’t store your passwords but use a password manager application. Ensure that all passwords are strong by using uppercase, lowercase numbers, special characters and numbers.
• Two Factor Authentication
Two factor authentication (also referred to as multi-factor authentication) requires users to not only enter a password but also confirm the password through another item like a code that is either delivered to a phone or to a nominated email address. All major applications are now enforcing two factor authentication and so you should too.
• Create a Cybersecurity Culture
It is a fact that most security breaches occur via email by staff either opening an attachment or clicking on a link that contains a piece of malicious malware. Staff often use social media and accidently post information that allows cyber criminals to activate or launch an attack on your business. The only way to avoid this internal threat (by you or your staff), is to ensure they are educated correctly on what to look for and what to do. This is about education and developing a cyber security culture within your business.
• Utilise remote servers
Why risk keeping all your IT systems and data in one place when you can store everything on secure, remote servers (otherwise known as cloud computing)? Most IT service providers utilise a network of remote servers so that if one fails, another can simply take over.
• Mobile Staff using public Wi-Fi
No matter where you or your staff are, they will be using their various devices to continue working. This means they are accessing valuable information via a public network that is vulnerable. People can see the data and access it in transit. Think about the coffee shop, airports, or a hotels free Wi-Fi service. Such public networks are very vulnerable, and you cannot be sure about how secure the connection is. Ensure your staff are using a Virtual Private Network (VPN) when accessing or working on company related information. A VPN will encrypt traffic so the WI-FI network cannot see what is being transmitted over the network. As an alternative your staff can also setup a hotspot for their mobile data.
• Develop a business continuity and disaster recovery plan
It’s essential to create a strategy to deal with disasters, both before and after they occur. You should take as many preventative measures as possible to avoid a cyber-attack, but you also need to be prepared for any situation.
• Outsource your IT security
The most straightforward way to guarantee the safety of your IT systems is to outsource maintenance and security to a dedicated and highly experienced service provider. That way, you’ll know who to call when you have been hacked.
What to do if your business gets hacked?
If you’re unlucky enough to fall victim to cybercrime, you’ll need to report the breach and contact your insurance provider. However, you also need the contact details for an IT service provider who can quickly get your business back up and running to minimise your losses.
At Technology-Solved, we specialise in all matters related to IT, whether you want to install an internet-based phone network, a cloud-based computing system or a sophisticated security solution.
We can prevent hackers from being able to access your infrastructure, give you access to the latest equipment so that you can compete with industry giants, and help you get back up and running in the event that anybody tries to steal your data.
Call us today, and we’ll gladly explain how we can fortify your IT infrastructure. Visit our locations page and contact your nearest Computer Troubleshooter for expert assistance and support.
Article Reference Links:
CERT NZ
CERT NZ Quarter Three Report 2019
Ministry of Business Innovation and Employment