Greater consideration needs to be given to the increasing threat that faces us all when protecting our business. We find that the Data files held by a company, which are vital to its success, are not adequately protected as the risk is largely intangible and the vulnerability is not understood.
How can access be gained?
Access to computers by non-authorised person:
• How is your equipment physically protected?
• Who has access to the equipment?
• What equipment is taken offsite?
• Are there any rules?
• Use of equipment?
USB pen containing viruses:
• Instances of pen being left on the floor or desk. An authorised person then uses the pen to a) find out who owns it b) use it.
• Emails purporting to be credible however contains either a virus / malware
• Targeting email asking for money to be transferred
Denial of Service:
• Virus which prevents access / slows everything down
• Either steals files or blocks access
• Demands money to release
• Device which can remotely see all key strokes
What can you do?
There is a little known Government initiative underway called Cyber Essentials. Its intention is to get Companies to protect themselves against Cyber Risk.
Here are some basic security questions that you should ask yourself:
• Have you activated your firewalls on all computers and routers?
• Have you changed the default settings and passwords on these?
• Have you removed any software applications that you do not use on your PC’s?
• Do you delete user accounts from PC’s and mobile devices that are no longer needed?
• Are Users encouraged to change their passwords frequently?
• Do you run anti-malware on all your mobile devices that could connect to your system (including own and employee devices)?