Security is an ongoing concern for many organisations. With the environment being more digital, mobile and connected, there are now greater risks exposing businesses in all industries worldwide.
For small to medium businesses (SMBs), with their lesser budgets and fewer resources, they can be prime targets for criminals, hackers and scammers. According to the study by the NSW Small Business Commissioner in May 2017, 50% of SMBs believe that their limited online footprint protects them from cybercrime and do not realise they could be a possible target.
IT professionals are responsible for keeping all systems, networks and data safe and secure. But before you can implement the necessary measures to prevent security attacks, it’s important to understand the risks that your business faces on a daily basis.
Here are the biggest security threats impacting Aussie SMBs right now:
Phishing uses deceptive emails, phone calls, text messages and websites to trick recipients into providing sensitive information, such as personal data, banking details and even passwords. These fraudulent emails can also lure people to click on a link to a fake website or download an attachment with malicious software or malware.
In a 2017 survey report focused on the phishing response strategies of IT security professionals in Australia, 89% acknowledged that they have experienced security incidents from deceptive emails – but almost half feel unprepared to deal with the threats.
Phishing can pose a significant security threat, not only to the individual staff members, but to the organisation itself. It can lead to massive data breaches, compromised systems, and even financial losses.
Ransomware attacks start by infecting a virus into an unprotected computer or network. This virus would encrypt data to make them inaccessible to the user. Then, the hackers will ask for payment in exchange for the data. These attacks costs companies thousands of dollars often in untraceable cryptocurrency. Paying the ransom, however, does not guarantee the return of the data.
According to a recent data report, 48% of Australian businesses have been targeted by ransomware attacks in 2017. Also, each attack had cost businesses an average of AU$822,251.
3. Social media hacking
Nowadays, social media is an integral part of doing business. It provides a way to effectively reach and engage with your customers that goes beyond the traditional website and direct selling. However, social media also opens the door to a massive security threat.
If your social account is hacked, it can lead to a number of problems, from lost followers and customers to significant damage to your reputation and brand.
4. Disgruntled employees
Unhappy and angry employees can do a lot of damage as they have access to the company's data and network - especially an IT employee who has administrative access to extract sensitive information. They may also infect the network with a virus that can damage databases and computer systems.
5. Unsecured printers and multifunction devices (MFDs)
Your connected printers can bring many business benefits, such as streamlined workflows, improved productivity and even reduced costs. But because they handle a lot of important and sometimes confidential information, any unauthorised access can have a significant negative impact on the business.
According to the 2017 Ponemon Cost of Data Breach Study, a data breach can cost a business on average AU$2.64 million.
So, if left unconfigured and unsecured, your printers and MFDs can pose a big security risk – causing financial losses, brand damage, leakage of sensitive data, lawsuits and even compliance issues.
So how can you protect the business?
To properly deal with the threats mentioned above, you would need to regularly review your security measures and procedures, and adjust strategies and policies. Here are some tips on how to protect your business:
1. Conduct an audit
We recommend starting with an audit of all your systems, machines, devices and networks. This will help you identify vulnerabilities in your network and processes, and begin making the necessary improvements.
2. Educate all employees
Create a culture of security within your organisation. Conduct training seminars and workshops to keep your staff informed and educated on the different security threats, the company’s security policies, and how to respond and report on a security incident.
3. Secure your internal and external network
Regularly update your firewall, anti-virus and anti-malware software. Make sure that even the devices and applications connected to the network are updated regularly.
Your field employees using a virtual private network in the cloud should have strong username and password access to the company’s VPN.
4. Monitor access to networks and data
Set up standard prompts on the network infrastructure guarding emails, mobile access, device access and other forms hacking attempts or virus/malware infestation.
Also, terminate the access authority of employees who are no longer connected with the company. And require employees to use strong passwords and to regularly change them.
5. Tighten physical security
The security of the physical assets such as servers and computer systems should be a top priority as physical theft also allows criminals to access sensitive data.
6. Upgrade and update all printers, MFDs and other connected devices
Unsecured and unconfigured printers and MFDs can open the doors to a potential data breach.
Take the time to assess all your machines and devices, servicing them regularly, and updating them with the latest software and technologies.
Also, speak to your MPS provider so you can activate the appropriate security features.
7. Work with a reliable provider
To help manage all your printers and protect your data and networks, consider working with a reliable managed print services (MPS) provider. Choose one with the right experience and expertise, and can implement a customised solution to meet your specific needs.
Now is the time to be aware, to be informed, and to prepared. You need to constantly review your systems and networks, identify vulnerabilities, and implement measures to protect the business from potential security attacks.
Download our security guide and discover how to improve the security of your business data.