Businesses of all shapes and sizes are have become heavily reliant on tech. There are very few, indeed, who don’t use a network of computers to create a more efficient team and nowadays. The online market is making it more lucrative than ever to both market and provide services directly over the internet. But the more you rely on something, the greater vulnerability it can be if it’s at risk. As a business expands and shifts more and more focus to the tech side of things, business owners need to be aware of the dangers that come with it.
Security comes first
Number one priority is making sure that any and all data in the business should be protected from the very real risk of cybercrime. The best protections start with securing your network, first and foremost. Business anti-malware software is something every growing enterprise should invest in and, as the business grows, IT services can help tighten up any vulnerabilities in your system.
But even a secure system is prone the vulnerability of human error. Strong emphasis needs to be put on responsible computer use in the office. Enforcement of strong passwords, logging out of computers not in use, and ongoing education about threats need to be part of any business relying on tech.
Get the law on your side
When it comes to taking the business online, there’s not only security to worry about, but whether your online practices are entirely legal. As of late, online sales and marketing have been subject to a lot of regulations dictating what businesses can and cannot do. Privacy is a big part.
If your business collects data in any way from customers, you must have disclosure telling them exactly what you’re collecting, how it’s being used, and if you intend to share it. The other big concern is with online sales law. You need firm terms and conditions, simple transactions, and a cooling-off period depending on where you sell.
Don’t break down
Then there comes the very real risk to productivity that relying on computers can also bring with it. The software we use to work, to measure performance and the digital methods of exchanging information and documents can all make an office greatly more efficient and effective.
But reliance on those same tools can mean huge holdups when they’re suddenly unavailable. Beyond assisting with the security issues mentioned above, IT support teams are worth considering for the cloud hosting assistance they can offer to make sure that your important data is accessible to you even when your computer isn’t.
You need to put together a business continuity plan, getting back up on your feet and recovering as much data as possible after a digital disaster.
The points above, while well worth being aware of, shouldn’t scare any business from relying more on digital storage or taking the business online when they have a chance to scale. But if you do it without any knowledge of those risks, it could end up costing you more than it gains you.
For those who do have one, like the 50+% of U.S. small businesses, they have opened themselves up to a myriad of new threats from hackers and malware.
Hackers do not discriminate between big and small business, they just look for holes in your security and chinks in your armour which they can exploit. Not only is hacking terrible for your company, and potentially costly, but it also puts the security of your customers’ information at risk.
1. Are you and your employees aware of cybercrime?
When the British National Health Service (NHS) systems were hacked recently, causing thousands of dollars worth of damage and compromising the care of many of their patients. Experts suspect it was caused by something that seemed completely innocuous.
It appears as though all it took was one email containing a seemingly harmless link, opened by an unsuspecting employee onto a system which was insufficiently supported, to bring down almost the entire NHS computer system. The moral of this story? Make sure you and your staff know exactly what to keep your eye out for, and keep your systems updated.
If your company keeps a manual of operations, ensure to include a section on cyber security, and encourage every member of staff to read and digest this information. And if you don’t feel comfortable or qualified in offering this advice, find someone who does. It could make all the difference.
2. Can you maintain your security systems in-house?
Does your company have anyone on its payroll who can maintain internet security systems as part of their expertise? When you don’t have to outsource your security systems, you can react with immediacy to any concerns, without having to wait to call in an expert.
This person can also take responsibility for running regular scans and maintaining security packages. If you don’t have this person in-house at the moment, consider making it a requirement when you next hire, if it is relevant to the vacancy, otherwise, a training course in cyber-security for yourself and a few colleagues could be in order.
3. Do you have all the necessary protection?
In this day and age, a firewall and an antivirus package just don’t cut it. Hackers are getting smarter, and online security is constantly battling to keep up.
One way which hackers discover chinks in company’s armour is by sending a simple ping request, which your network will automatically respond to, leading the hacker to believe it is worth exploring further. Simply setting up your router or firewall to block ping requests can have a big impact.
Similarly, is there a cyber threat support group or sharing platform within your industry? This type of support group allows other companies to share experiences of potential attacks, making it far easier to spot threats and keep them out of your system.
4. Do you have a back-up plan?
Sometimes, you can do everything in your power to keep the cyber-criminals out, but they’ll still find a way in. They’re organised, highly strategic, and generally run by a criminal ring, not just a bored teenager in their bedroom.
That’s why, on top of all of your preventative methods, it’s essential to have a fully-formed backup plan, just in case.
Firstly, it’s essential to ensure all of your data and files are backed up on systems which are not accessible in the case of a hacking, such as external hard-drives which have no connection to the system. Then you need a means by which problems can be detected, located, and prevented before they can infiltrate your system.
Having this back-up plan ensures that malware or spyware cannot move throughout the system, compromising your company or your customer’s data.
5. Are employees and visitors expected to carry ID?
It isn’t just the threat of online hackers which should concern you about the security of your company. If you have an office, even with only a few members of staff, which invites clients and suppliers to visit in-house, you could be compromising your security there too.
Do you expect all staff to carry ID and all visitors to sign in when they enter your office? This could help to significantly improve your office’s security, but also help to push an image of trustworthiness to any visitors to your office. All it takes it a few lanyards with company ID cards attached, and a few spares in which visitors can have a name and potentially a photograph — it even helps with the awkwardness of introductions.
Lanyards are inexpensive, and there are even overnight options available for delivery, so it’s a straightforward system to implement. This way, there are never any strangers just wandering around the office, looking important and failing to be questioned on their intentions.
It also means that you always have a record of which visitors are on site at any time, which is just good practice for fire safety and the like.
When this user then starts to deal with their work emails or download apps relevant to their employment, hackers have access to all their information.
A mobile device policy allows you to ensure staff and clients are not compromising the security of your company unwittingly, and is crucial for protecting you and your company.
7. Do you think like an attacker?
Finally, do you ever approach your company like a cyber-attacker? Just like you would look at your home through the eyes of a home invader for opportunities to break through windows or stake out the house from the yard, you should look at your company’s network security in the same way.
Using an open source nmap tool allows you to scan your network for ports that are open and shouldn’t be, allowing you to see vulnerabilities, which you otherwise would be unaware of.
You can then go on to plug those holes, making your network more secure than ever.
TORONTO, CANADA & LONDON, UK- FEBRUARY 3, 2015– Robert Herjavec, Founder and CEO of Herjavec Group and star of ABC’s Emmy Award-winning hit show Shark Tank, announces the acquisition of Sysec™, a leading IT security solutions provider headquartered in the United Kingdom and the 2014 McAfee EMEA Accredited Certified Engineer (ACE) Partner of the Year. Sysec specializes in information, identity and infrastructure security, offering managed, consulting and professional services to over 200 enterprise clients across the United Kingdom and Europe. Sysec is forecasted to achieve over $20 million in sales revenue for 2015 and has developed a reputation for outstanding technical engineering talent. By acquiring Sysec, Herjavec Group expands its presence in the European IT security market and is well positioned to service its growing multinational customer base.
The Sysec transaction accelerates Herjavec Group’s 3-year, $250 million expansion plan. “We started as a small Canadian firm and have grown exponentially over the past twelve years to 250 team members and $140 million in annual sales revenue,” says Herjavec. “We recognize that the threat of cybercrime is a global challenge and this acquisition provides the platform for Herjavec Group to support our clients overseas with exceptional, localized, managed services 24/7/365”
Sysec’s office in Reading, UK will now serve as Herjavec Group’s European headquarters. The firm will be rebranded as Herjavec Group and continue to expand its product and service offerings throughout the United Kingdom and Europe. Cris Pikes, Sysec’s Managing Director, who will lead Herjavec Group’s European expansion remarks, “Herjavec Group is a world-class information security organization that shares Sysec’s high-touch, customer-first approach. I am confident Herjavec Group will take our managed services practice to the next level.”
The acquisition facilitates Herjavec Group’s plans to complete its “follow-the-sun” technical support structure by developing a London-based Security Operations Centre (SOC) to complement the comprehensive support offered from its world-class, Payment Card Industry (PCI) compliant, Toronto-based SOC and its technical security centre in Las Vegas, Nevada. In addition, Herjavec Group expects to finalize construction of its Los Angeles, California SOC by close of Q1 2015.
“The work we do in enabling enterprises to be more secure has never had a greater focus on a global scale,” says Herjavec. “I am so pleased to embark on our expansion into Europe and welcome the Sysec team to Herjavec Group.”
About Herjavec Group Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003, and it quickly became one of North America’s fastest-growing technology companies, accelerating from $400K to $140 million in sales annually over 12 years. Herjavec Group delivers managed security services globally supported by a state-of-the-art, PCI compliant Security Operations Centre (SOC), operated 24/7/365 by certified security professionals. This expertise is coupled with a leadership position across a wide range of functions including compliance, risk management & incident response. Herjavec Group has offices globally including three headquarters in Toronto (Canada), New York City (USA) and Reading (United Kingdom).