Protecting a Business against Ransomware and Scams
Every day, every month there is a new threat to being able to conduct business effectively and efficiently. How do you protect a business from the threat of disruption whether it is a scam, virus, ransomware or simple network or internet failure?
Dr Hossein Sarrafzadeh, director of the Centre of Computational Intelligence for Cyber Security at Unitec Auckland said ransomware affected tens of thousands of people and is estimated to have profited the criminals to the tune of US$1 billion in 2016.
The majority of cyber-attacks in New Zealand still go unreported, though figures released by New Zealand’s National Cyber Security Centre (NCSC) this year showed that attacks have more than doubled since 2011.
Scams continue to become more sophisticated using modern technology to make fake emails, invoices, and websites appearing legitimate to even the most astute business person. These scams have devastating effects on businesses by eroding the investment they have made in their reputation, increasing operational costs and in certain cases crippling the business from operating.
This article looks at how a business can avoid becoming a victim of a scam by ensuring they have the right support and systems in place to minimise the risk of disruption.
Why does size matter?
Larger organisations have the resources, time and budgets to invest in ensuring they are not subject to an attack. As the headlines indicate even with this effort they are not always successful in defending themselves. The reality is that as smaller organisations are hampered by the amount of money and resources they can spend on IT, means that these organisations are an easier target for the cyber criminals. The cyber-criminal finds it easier to get in and often it takes longer to detect meaning more havoc created.
Smaller organisations are often a means to access and breach larger organisations. Why? Because the smaller organisation is often the weakest link (security wise) in a supply chain relationship thereby providing an entry point to the larger business partner.
What are the key elements to protect Business Continuity?
One must ask if the IT environment something that can just be left alone or does it need to be looked after? The answer is obvious it needs to be managed and looked after, it needs somebody who is accountable and responsible for ensuring that the risk is minimised.
For smaller organisations this leads to either employing a resource or developing a relationship with an IT Service provider who is accountable. It makes sense to develop a relationship where the provider is on the front foot and is monitoring all key elements and maintaining an organisations systems in advance of something going wrong. This is commonsense as it is about protecting against a major disruption to a business.
The key components that need to be looked at are:
- Data back-up/ Business continuity
- Security of endpoints
- Network configurations, performance and access
- Email access and security
- Software up to date
- Patch management (ensuring your users are up to date on all updates to the operating system or the Anti-Virus software is the latest.)
- Website performance and content filtering
- Password management
The key element for a business owner is to understand how this approach shifts the nature of the relationship with your IT provider from being reactive to proactive. It means the IT provider is preventing breakdowns instead of reacting to a break down. This means a monthly fee for the maintenance rather than a call out figure. It means the provider is monitoring and using tools to remotely manage and perform maintenance activities.
What does this cost?
The key thing to remember this is an investment in ensuring a business is not disrupted. Some providers will charge per device; others will charge a monthly figure based on complexity of what they are managing; others will charge based on per user.
As a business owner understand what is included and what is not and what service agreement does the provider use. For instance, at Computer Troubleshooters we provide a 100% guarantee. Contact us now for more information.
Change is hard to accept for anybody and in the case of IT management it is hard for people to see the monthly outlay as an investment in their future. But this is exactly what it is. It is a strategic investment that allows a business to minimize the risk of disruption and ensure it can continue to grow and develop.
Sources of information for this article: