We don’t trust the people that work for you.
A shocking admission, isn’t it?
But in our experience, the biggest threat to your IT security is not the army of anonymous hackers across the globe. It is the people sitting at your PCs every day.
Not because they are bad people. Sometimes they just forget about basic internet security.
Virus and malware events are still some of the biggest IT support headaches faced by our clients.
In 2016 awareness of viruses and their dangers should be high, shouldn’t they? But worldwide the numbers of virus incidents are increasing.
Taking trust for granted
Take a look around you. Are you thinking that actually you don’t know for sure what everyone is doing online? Are they accessing safe files? Opening genuine emails only?
One simple error can be enough to undo all your IT security.
Two recent client incidents demonstrated how people leave the front door open to intruders.
In one case, a nasty and pervasive virus of a type called ransomware made its way onto the customer’s server. As the name implies, this type of malware seeks to extort money from the infected business. In the case of our client, this left over 20,000 files corrupted. The dreaded ransomware page appeared asking for 500 euros to get the data back.
This was years’ of work, destroyed in an afternoon. Ouch.
The other was a far simpler virus in fake email attachment. Luckily for them it didn’t lead to an infection. But they didn’t know then when double-clicking.
One did lots of damage, the other none. But the point is, neither should have reached the clients’ systems.
In the first case, we found evidence of files downloaded from a peer-to-peer network, a notorious source of malware. The second raised questions with the user, who decided they would ‘just’ open the attachment to find out if it was a fake.
Both cases were easy to prevent. And in turn, they show where the weakness in any system lies – the human element.
Both cases had a happy ending, by the way, but more of that later.
There’s no such thing as ‘too secure’
It is vital as a business to keep stressing to your people their role in IT security. Every email they open, every internet link they follow is a potential gateway for the bad stuff to get into your systems. Caution should precede every action, and ‘do I trust this?’ should be a mantra.
Likewise, ask the same question of any devices that are going to connect to your systems . That includes direct connections like USB sticks, or networked machines such as users’ laptops or tablets. Are you 100% sure that they are clean and safe before connecting?
And so how did the two events above come out OK?
The value of safety nets
The answer goes back to not trusting your people. We made sure there were some sturdy safety nets in place to catch things just like that.
The clients had up to date antivirus software in place, on machines that had up to date security patches. That was enough to catch one virus.
The nasty one managed to evade that net. But the client had a comprehensive, automatic incremental backup system in place. They could afford to learn about ransomware because they had many copies of the affected files backed up.
Build in safety
How many layers of protection does your business have against the threats that can come through the front door?
Ensure your people are aware of the risks. That is priority number one. Put in place the proper safety nets and you are protected if they slip at any time.
If you would like to know how to have first-rate protection, then we would like to talk to you. Please contact us today.
It could save your business.
Image by Nick Carter @ Subcircle