(844) 627-8267
(844) 627-8267

Protect your small business from cybercrime | #cybercrime | #infosec

Why prevention is key

Jarom Roney, CEO of Onward Technology in Draper, says prevention is the most important thing for his small business clients. But as most small businesses don’t have the resources to staff an entire department dedicated to cyber security, third-party vendors like Onward Technology are the first line of defense.

“For most, we are their IT departments. So we’re going in there, we’re setting up their networks, their computers, we’re doing help desk and troubleshooting when they have issues,” Roney says, pointing out an increase in phishing emails, emails that try to get employees to click on a link scam link, as a particular problem.

“That’s often one of the most common ways [cybercriminals] get into a business: social engineering,” he says. “You contact an employee, you’re impersonating someone else, you get some information from them. It doesn’t really matter at that point what security’s in place. Oftentimes, you can knowingly let them in. We hear about that a lot.”

Ransomware has been less of an issue for Roney’s clients because Onward Technology has strict backup policies where they store digital information so it can be accessed safely in the event of an attack. He also ensures that every client has “enterprise-grade antimalware” on devices. 

However, in the event of a ransomware attack, Roney says he would urge businesses not to pay the ransom to regain stolen or blocked data as attackers cannot easily be found.

From an IT perspective, he says, resolving an attack after it has happened is far more complicated than just changing a password, as there may be lingering code and malware that can continue to impact a network. Especially with more sensitive data, like in medical or legal fields, the impact of exposed data can vary widely, so it really depends on the business’s focus and needs.

“Every business is going to see it and you have to be prepared for it,” Roney says. “Even us as an IT company, where all of our employees are in the field and are prepared for it, when we do our tests, we’ll always get a few clicks on [scam emails].”

Roney’s tips for avoiding cyberattacks as a small business:

  • Create filters that will reduce spam.
  • Train employees to recognize unusual requests and scam emails.
  • Implement security exercises such as sending out phishing emails to employees to check if they can recognize a scam and helping employees improve their ability to differentiate between real and fake contacts.
  • Have a firewall against subscriptions.
  • Create backups of data with three copies of all data at any given time: two backups with one offsite.

Source link


Click Here For The Original Source.


National Cyber Security