The pain of all corporates and business units.
What is cyber security: Cyber security is the process of securing your companies data against malicious hackers. Cyber security should be a high priority for any organisation, especially in this digital age, where everything is stored on servers, when companies encourage staff to work from home, where they either bring a work laptop home, or use their home laptop for work. Cyber security should be at the forefront of an organisations worries.
Hackers are able and willing to find a way into your network and steal your data, your customers data, financial information or trade secrets from your protected network. Hackers are able to do this because most networks are not secured, and there is always a possibility for them to hack into your network.
Typically this hacking could be from external sources or from a group of hackers who have been tasked to break into your companies network. All computers on your network are on the internet. That is their gateway to your computers, and your database. The hacker will know of a weakness on your computer or computer systems. They will try to exploit that weakness. Once they exploit the weakness, they will typically carry out some reconnasaince on the PC’s or server in question. They will also look to see what connections the networked computers are connected too. Typically to another company and may use the initial breach to access data from a supplier or a partner, for larger impact.
For example, a Refrigeration company, Fazio Mechanical, was breached and the hackers used this breach to access the data of American chainstore Target. 40 Million credit cards were stolen on that fateful day in December 2013. This information was sold on and other orgaisations attempted to use the stolen credit card information to fraudulently purchase good and services. It is estimated it took 2 months for the hackers to exploit Target. The results was mainly finanacial as well as a huge reputational loss.
Similarly this can happen on your personal computer. They can access your PC and are able record and obtain all the codes for your banking online. Social media, ancestry sites are awash with your mothers maiden name and family details. It is not difficult to obtain this sort of private information. And many sites attempt to save your card details after a purchase. All it takes is one attack, and everything is vulnerable.
We can all take simple steps to make our systems more secure. Here are some very simple changes you can make to encrease your personal cyber security.
- Change your passwords regularly – one in 3 months atleast. It is better to have a password as a phrase than a word and number.Typically any phrase will do eg. “Chris is handsome” “The car drives well”. Etc. Etc. Do not divulge your password to anyone especially on the phone.
- Microsoft release a monthly software update. This update secures weakness on your computer system. Always ensure the updates are run and installed as a matter of priority.
- Do not open mail in your inbox from an unknown sender. Delete the mail. If you do open the mail be sure you do not click on any links or attachments. If anyone you don’t know needs to get in touch with you they will call or go through other channels.
- When working from home, ensure all staff have a VPN (a virtually private network). Using a VPN makes your data more difficult to breach as it can move your IP address, and add extra security measures. There many good VPNs on the market now and when staff are connecting to the network remotely, it is a necessary additional piece of security.
- For banking security, get in touch with your bank and ask them to change the security question from your mothers maiden name, as we can all find it out if we have to. An option would be to put grandmothers maiden name or your mothers middle name.
The above are just a few good practices to better security. A whole industry has developed around cyber security. Do your best to keep secure. Your IT department will be your best asset in keeping your data secure.
For further assistance, reach out to our Cyber Security Analyst, Padraic, at firstname.lastname@example.org