Cyber Security Basics for Business
September 23 2016, 9:38 am
by Wes Sovis
Security Breaches a Growing Trend
Perhaps no event marked the collapse of tech giant Yahoo! as fully complete as the massive security breach announced this past summer. The company admitted that 500 million user accounts had important information stolen after a sophisticated data breach by a hacker. Yahoo was purchased by Verizon in July, and it seems somewhat suspect that they only now announced the largest data breach in history, which took place in 2014, well after the sale of the company had been completed.
At any rate, the Yahoo! story is a very important lesson for businesses of all sizes about the risks of cyber attacks. Many business leaders think that just because they have a small or medium sized business, no hacker would waste their time trying to access and steal their information. In reality, this couldn't be further from the truth. Hackers routinely target businesses and organizations with exploitable security measures regardless of business industry or size. In fact, small businesses are prime targets for hackers because they're far more likely to have less robust security measures in place when compared to large corporations.
Indeed, as malicious software becomes more prevalent and accessible, the number and costs associated with cyber security have grown exponentially over the last twenty years. In 2016, security breaches are expected to cost businesses around the world a staggering $600 billion.
Malware and Ransomware
Malware is the term used for any software designed for malicious intent, including the encryption or theft of user/s data; remotely monitoring or accessing a computer or server; or the destruction of a digital hardware asset. The types and purposes of malware are almost innumerable, but the effect of these programs can be devastating to businesses and users. The loss, encryption or theft of sensitive data can be financially ruinous to companies and put them out of business. Furthermore, the most harmful effect these security attacks have is the loss of trust between the businesses and the clients who trust that business to protect their sensitive information.
One of the more common forms of malware businesses have faced in the past is ransomware. Ransomware has grown in popularity among hackers over the last few years and has caused headaches for businesses and individuals alike. Ransomware is simply malicious software that, after infecting a computer or server, encrypts all of the data on the hardware and demands a payment from the owner to decrypt the data. Ransomware attacks are usually executed by using a Trojan program, which is usually delivered in the form of an attachment in an email. Users click the attachment, and the program executes encryption and demands the payment.
Your Biggest Security Threat? Your Own Company
Experts across the industry agree that the biggest threat businesses face when it comes to data security is one that comes from within. An honest, yet unprepared employee clicking on an attachment from an unknown source while connected to the company's network is one of the most common reasons for security breaches. As painful as these events are, it's even more painful because it's so avoidable.
Even small businesses should have clear IT security protocols in place to educate and inform their employees on the best practices in keeping company assets protected from attacks. Employees need to be educated, at the very least, on the basics, like not forwarding email chains to coworkers, not sending passwords via unencrypted email servers, and not visiting sites when web browsers inform users of malicious software being present. Simply educating employees on an annual basis can be an effective and inexpensive way to reduce exposure to malware.
No matter the industry, your company likely stores sensitive information. From names, contact information, addresses to even social security numbers and financial information, so much depends on your company's ability to protect data. Sensitive information like this should always be encrypted to protect your clients' information, and you from costly litigation should such data be stolen.
If you need advice on basic cyber security measures for your company, we're happy to help formulate a plan for your organization. Any experienced web development company should be able to help you assess your network and come up with solutions to your current network weaknesses. Even the most simple of cyber security procedures could save your company the detrimental experience of a data leak like the one Yahoo is dealing with now.
Swell Development is a web development firm based in Grand Rapids, MI. Swell has a combined 50 years of experience creating web applications, hosting websites and applications, and consulting businesses on server management and security measures. You can find out more about them, as well as frequent updates on the web development industry, by following them on Facebook, Twitter, LinkedIn or Google+.