23rd October 2017All Staff Can Help Minimise the Risk of a Cyber Attack
When it comes to protecting a business from a cyber-attack there are a whole host of different options available to you minimise the risk should you be unfortunate enough to fall victim to such an attack.
Whilst the clear majority of these are robust and will provide help to protect your business you must also inform and educate your own employees and anyone with access to your network about good practice regarding what they do when online at work.
You would be amazed how many ways there are to get in and onto your network at work. Whilst the majority use authorised means there are plenty of ‘back doors’ that can either be left ajar or not secured by staff members.
Some might appear quite obvious to most but when it comes to safeguarding the integrity of your company’s IT, don’t assume anything!
Do’s and Don’t Online At Work
- Don’t open attachments from people you don’t know or emails you weren’t expecting
- Don’t click on links contained in emails that you don’t recognise (same goes for links in social media posts)
- Stay safe and only visit websites you know are legitimate. Even browsing in a private browser whilst at work can potentially ‘open doors’ for hackers.
Ramsonware, malware and viruses can easily be introduced to a network through any of these means and once in, that’s when your problems can really begin.
Encrypted ransomware poses an even bigger problem as it can remain undetected by some antivirus software and without paying the source of the attack whatever they demand you could lose all your data.
Obviously, the attackers are already operating on the wrong side of the law so even if you do pay up, they are certainly no guarantees this will be the end of your problem and your data will be readily available again. There have been reported cases where businesses who have paid once have been targeted again because the attackers know they will pay!
So, what else can you and your staff do?
- First and foremost, if you have a slightest suspicion regarding anything you have been sent or asked to do online – don’t do it before taking advice.
- Read the URL of the website you are being asked to visit. Does it look genuine? Sometimes the name of the website link alone will be suspicious or contain misspellings, incorrect use of uppercase and lowercase characters and brand names that aren’t relevant to the domain.
- When asked to download anything from the web make sure you are comfortable with the source – only open or run scripts from trusted parties.
- If/when you receive emails that appear to come from your bank or a bank, HMRC, Companies House, Microsoft or even your IT support company asking you to click on a link or download something be extremely suspicious. Very seldom if ever will these organisations ask you to click on such a link unless it is in an email that you are expecting to receive from them. It takes two mins to call the organisation the email has supposedly come from and we strongly recommend you do this.
We are conscious that the above might appear to be a bit ‘doom and gloom’ and we would like to assure you that these incidents are few and far between when you consider how often the internet is used for business these days.
A strong, robust IT security and data protection policy and programme will also minimise the threat to a business and just making your staff aware of their responsibilities will further strengthen this.
If you would like to find out more about protecting your business from the threat of a cyber-attack, data protection and proactive moitioring please get in touch to arrange a free non-obligatory meeting. Email firstname.lastname@example.org or phone 02920090015