Hardly a day goes by without another report of a major data breach hitting the headlines. For those companies that become victims of such attacks, the damage suffered to their future reputation is often almost as devastating as the financial losses caused by the breach itself.
Upcoming changes in EU law mean it will soon be more important than ever for a company to maintain absolute control over its online data. If you want your enterprise to stay one step ahead of the criminals, here are a few tips to get you started.
- Keep your software up to date
If your company uses bespoke software on top of an existing operating system, having such systems update automatically risks causing issues as a result of conflicts. As a result, many companies turn off automatic updates and end up with a large backlog of patches that may take some time to implement. Ensure your IT department treats such updates as a top priority.
Keeping your software up to date is an essential part of maintaining a good level of online security. The WannaCry ransomware attack in May 2017 was especially devastating on many of the computers used within the NHS because certain trusts had failed to act on warnings provided by the Department of Health to add patches to or migrate away from vulnerable older software.
2. Know your enemy
Hacking attacks can be especially frustrating for those corporate executives who don’t quite understand how cybercrime works. This lack of knowledge can be extremely dangerous as it means the head of the company is not in a position to properly assess the measures that need to be taken to keep things safe. In recent years an increasing number of companies have begun hiring Chief Security Officers who sit on the board and ensure that every decision made by a company incorporates the necessary security measures. If the senior team at your corporation don’t fully understand the threat they are up against, hire someone who does as a matter of urgency.
Maintaining data integrity will become of even greater importance for businesses throughout the EU following the introduction of the General Data Protection Regulation (GDPR) in May 2018, which brings with it significant changes in the way businesses handle both their own data and that of their customers. For many enterprises, the cost of failing to comply could be high enough to put them out of business. Under GDPR, breaches of security can be punished by a fine of 20 million Euros or 4% of a company’s global turnover.
If you’re a business who is unsure on how the GDPR is going to impact your business, Sage has compiled all the useful information into an informative infographic on the GDPR and how your business can prepare itself for the impending changes.
3. Train your staff
No matter how much security you put in place to protect your business, your staff themselves will remain a weak point. Many of the most sophisticated cybercriminals around know they stand a far better chance of getting the information they require through a social engineering attack than a more traditional hack. Unless they are trained to look out for the warnings signs, employees can easily act on emails that purport to come from other members of staff within the same company, leading to breaches of data or damage to systems. To eliminate such weaknesses, you could provide the following:
- Provide training.
- Improve their knowledge through lectures and seminar groups.
- Focus on improving security awareness within your workplace.
- Reward those who have proper security measures in place.
The dangers are even greater today due to the vast amount of information that is constantly being shared through social media. With a few details gleaned from a Facebook account, it becomes relatively easy for a savvy crook to craft an email which appears to come from a genuine friend or a colleague. By subjecting your staff to regular training – some of which may include the sending of fake emails to see whether they are spotted – you will dramatically reduce the chances of your company becoming a victim of cybercrime.