The advent of our reliance upon technology requires a certain amount of diligence – for individuals, large businesses, and even small- and medium-sized businesses.
Apart from the typical credit card hustles and phone and email scams, more insidious threats like ransomware and phishing attacks can cause irreparable damage. Boost your knowledge and fortify your preventative measures now by learning about today’s biggest small business security threats and the solid solutions to shut them down.
Weak passwords – or worse, no passwords – spell trouble.
According to Verizon’s 2017 Data Breach Investigations Report, more than 80 percent of breaches are caused by weak, compromised, or re-used passwords. Many individuals and businesses inadvertently leave the default user name and password on their routers, storage devices (attached to the network), and additional hardware. Others simply enter the easiest sequence (including “password” and “123456”) and often share passwords with co-workers or people outside the office.
Solution: Don’t just rely on luck; create strong, lengthy, and unique passwords and use both a password manager and multi-factor authentication. And don’t forget to ensure your printer has the latest security features like those offered by Xerox® ConnectKey® Technology.
Ransomware hits small business the hardest.
According to a March 2019 report, about 70% of ransomware attacks in 2018 targeted small businesses. Attackers access data and literally hold it hostage until a ransom is paid, and they target SMBs primarily because they spend less on IT, lack a security focus and present greater vulnerability.
Solution: Education and prevention are the best tools to combat the tide of ransomware threats. Ransomware travels generally through email (addressed below) but “malvertising,” or malware hidden in online ads, also spreads ransomware.
To minimize potential damage, it’s is essential to backup data, and use cloud storage so data is completely protected at another source. Install antivirus, anti-malware, and anti-ransomware protection, use a traditional firewall to block unauthorised access and always always run frequent, scheduled security scans on all devices.
Something phishy going on.
Ubiquitous to modern communication is phishing, conducted using emails primarily sent through a business’s network. Attackers pose as a trustworthy source such as your bank in an attempt to gain protected information like usernames and passwords, account numbers, and credit cards. Ransomware often gets on your computer from a phishing email with an attachment such as a zip or exe file that is downloaded. Once your files are infected with ransomware, the virus encrypts them and prevents access.
Solution: Train yourself and employees in what to look for with phishing scams: while emails are the prevalent vehicle, websites, URLs, social media and phone/text hooks can all be used to lure in victims. Today’s hackers use very sophisticated methods such as stolen or altered business logos, attempting to use any scrap of information they can find to leverage trust. Refrain from opening zip files from unknown sources and question any email that asks for your personal information.
Employers should instruct workers not to use non-company websites (or to resist hitting ads or downloads) and create an anti-phishing tutorial. And again, remind workers to protect their inbox with strong email spam filters and regularly update and run software scans.
BYOD brings another level of threats.
There’s no question that employees who utilise their own devices add greater value and productivity to their work roles, in addition to enjoying more personal freedom and flexibility. And yet, mobile phones and tablets present the weakest security link when users download mobile apps and connect to external Wi-Fi spots without proper security protocols in place. The mixing of personal and business data also poses enormous risks, especially when devices are lost or stolen.
Solution: Implement a personal device policy that defines boundaries and use a VPN, which grants access by verifying that the data being transferred from the mobile device to your IT network is encrypted and permitted. Enterprise Mobility Management software lets you monitor and detect risks before they have a calamitous effect.
Focus on Document Security.
Today’s printers do more than copy and print; they hold caches of sensitive information and are vulnerable to intrusion just like computers. With their own hard drives, operating systems and network connections, hackers can do a lot of damage to a business via an exposed printer.
Solution: Start by securing your printer in a controlled location, and then set up access restrictions such as passwords or smart cards. Xerox printers feature several secure print features to protect your organisation’s most sensitive data, and software and apps ensure digital data is safeguarded as you share it via the cloud and mobile devices.
Via Xerox, Spot – and stop – today’s biggest security threats. 2019