Posts

StrategyDriven Risk Management Article

Why It’s Important To Stay Protected Online

The internet has become an essential part of business management for numerous reasons. Primarily, it is an incredibly useful tool that enables any company to reach out to more people, conduct safe transactions, assess their processes, and source an immense range of tools and resources that can streamline your business management and grow your company. However, with the huge benefits that the digital age offers, there are also some significant risks. It’s vital for any company that is looking to improve and increase its reliance on the internet, to assess the possible risks and limit the chances of them happening. The reasons for this may seem obvious, but some of the issues may not have occurred to you, so here are the three reasons why you should be protecting yourself online.

The growing threat of cybercrime

It would be hard not to have noticed the prevalence of news articles and headlines that report on the latest incidents of cybercrime. Large and small companies are both at risk of costly and damaging cyber attacks, so it’s vital that you as a business owner are not merely aware of the latest threats, but also the reasons why protection is so important. The increasing sophistication of cyber attacks, in whatever form, means that you need to not only prepare yourself for the risks but ensure that your employees are as aware as you are. It is for this reason why staff training sessions on basic internet security are an essential part of your weekly business management.

It’s a business risk

One of the main reasons why you need to make a concerted effort to protect yourself from cybercriminals is down to the damage that they can cause. This is not simply a case of financial risk, although that’s certainly one of the issues that you need to concern yourself with. However, one of the primary targets of cybercriminals is not simply access to your bank details, but access to your data. That data, whether it’s that of you, your employees, your customers, or your suppliers, can be used in a number of nefarious ways, with identity theft and phishing targets the key issues to concern yourself with. The growing sophistication of hackers has led companies to optimize their security methods, with many opting to upgrade rather than update, and transferring to SonicWall firewall technology to create an extra layer of protection between the data that you hold and the criminals that want it.

Staying safe can grow your business in ways that you may not have considered. Having a strong security attitude is not only a good way to stress the importance of strong and secure internet use in your employees, but it can also become an additional selling point when it comes to attracting new customers. As consumers become ever more comfortable browsing and making purchases online, they are also becoming more aware of the risks when it comes to sharing their personal information. Having a robust security system in place is not only vital when it comes to protecting yourself; it could make the difference between a customer trusting you enough to click the transaction button or choosing your competitors.

Think Like A Hacker, Protect Like A Pro

In physical spaces, companies rely on security guards and cameras. They place these measures in areas thieves are likely to target. Cameras point to expensive products. Security guards stand at possible entrance points. Systems like these were built by getting into the minds of thieves.

But, when you take business online, internet security becomes the primary priority. Here, instead of security guards, you’ll have anti-virus software to take care of matters. But, with big companies such as Yahoo still falling foul to breaches, it’s easy to see that anti-virus software isn’t enough. It’s possible, in fact, that the best way to beat breaches online is to get into the headspace of hackers. Just as you would in a physical store, you should think about where such individuals will target you. That way, you can put much more informed protections in place.

Of course, most of us have had years of dealing with thieves. But, hackers are a whole new breed. What’s more, few of us get to watch them in action. While thieves are right there for us to study and understand, hackers operate under a veil of secrecy. But, that doesn’t mean you can’t at least go some way towards getting into the mindset. And, we’re going to look at how.

Work out which information matters most

You don’t need to understand what hackers do to realize that they only target specific information. They’re unlikely to care, for instance, about how many views your page has received that day. Instead, they’re going to target your more vulnerable information. For the most part, that means they’ll go after any credit card details you store. Email listings and customer addresses may also be points of interest. In short; all the information that you want to keep as safe as possible.

When you’ve worked out exactly what hackers are after, it’s time to spread those details thin in your storage files. That way, you’ll make life much harder for potential hackers. And, you can rest easy that a breach in one area won’t compromise everything. Once you’ve spread the information, consider ways to increase security in vulnerable areas. Obviously, you want to protect your site as a whole. Any breach is going to bring a hacker closer to this information than you’d like them to be. But, it’s worth taking extra measures with these files. It’s the only way to be sure they’re as safe as can be.

Know your security weak spots

It’s also essential that you recognize your weak security spots, and strengthen them. Before attempting to breach, any hacker will suss your business and find their in-point. This is no different from thieves who aim for the back door. The only problem is, you can’t just stick up a CCTV camera and have done with it. But, that doesn’t mean you’re helpless. If you know about these vulnerable areas, you can take extra care to keep them protected. Often, knowing what information hackers will be after can help you here. So, consider that first. Then, think about areas where this information will be at weakest. In most cases, this happens when customers are first sending information to you. Here, hackers could gain access to card details and such before it even arrives at your site.

But, there’s plenty you can do to cover weak spots like these. Taking payments from an outside source such as Paypal can go a long way towards security. This can also help keep addresses and email information safe, as Paypal covers all this. You can keep your non-Paypal customers safe by providing secure connections. Urge them to check for the secure padlock before entering anything.

Another weak spot you should be aware of is when you outsource services. When you pass information to another company, you compromise security. What’s more, hackers know it. If your process involves software development outsourcing, or even remote workers, hackers will attempt to gain information during transfer. Even if they fail here, you can’t be sure of the security used by your outsourced options. To get around this, speak about the issue with companies in question. Together, you can develop plans and passwords which work to keep things safe.

Can one breach lead to another?

It’s also important to consider whether one breach can lead to another. Hackers are out to take everything they can, and will attempt to get as far past your security as possible. Adding many layers to your security system will at least ensure they can’t gain access to everything in one easy hit. And, that’s crucial if you want to provide any reassurance for customers. There are different ways to do this. As mentioned in a previous point, keeping information in different areas can go a long way. It’s also worth operating with a few different security systems in place. That way, working out one doesn’t give a hacker instant access to another. If you’re unsure where to start here, you could always turn to an outside company who can take care of this matter for you. Companies like these make their livings premeditating the actions of hackers. As such, they’re sure to be in a better position here than you.

Conclusion

Thinking like a hacker isn’t always easy. As we’ve already mentioned, these individuals will also have anonymity on their side. As a business owner, you just don’t have the choice to watch them as they work. Hence, you’ll always be operating on guesswork here to some extent. But, that doesn’t mean you can’t develop a decent security system. In many ways, hackers aren’t all that different to physical thieves. Only, instead of a shop, they’re breaking into your website. And, instead of expensive stock, they’re out to steal information. With that in mind, you should be able to take any action necessary here. At every turn, think back to the hacker mindset. Remember, too that technology is developing all the time. As such, you should revisit security measures often to keep up.

StrategyDriven Welcomes Ruth Todd, PhD

Ruth Todd, StrategyDriven Senior AdvisorStrategyDriven is proud to welcome Dr. Ruth Todd as a StrategyDriven Advisory Services Senior Advisor. A highly experienced nuclear power consultant, Ruth leads StrategyDriven’s information technology and cyber security services.

“We are thrilled to have Ruth join our StrategyDriven team,” says Nathan Ives, StrategyDriven President and CEO. “Her extensive knowledge and experience in information technology and cyber security adds a critical dimension to our advisory services practice and brings tremendous value to our clients.”

For nearly three decades, Ruth led the Institute of Nuclear Power Operations’ (INPO) Information Technology Division as Director, Computer Systems and Telecommunications and Director, Information Technology and Data Services. She is a world class expert on Information Technology Services; possessing in-depth knowledge of nuclear cyber security regulations, industry guidelines, and leading practices. In addition to cyber security, she is an industry expert in the fields of infrastructure, application development, application platforms, cost reduction, process improvement, computer operations, and software quality assurance.

Prior to becoming a management consultant, Ruth held several influential positions at the Institute of Nuclear Power Operations; leading several nuclear industry critical technology infrastructure projects including:

  • U.S. Nuclear Industry Consolidated Data Entry Project Sponsor – served as the executive sponsor for the nuclear industry’s development of the Consolidated Data Entry (CDE) system through which all U.S. nuclear power plants report operational performance and event related information that is then securely transmitted to the appropriate regulatory and industry oversight organizations.
  • National Academy of Nuclear Training elearning (NANTel) Lead – led the National Academy of Nuclear Training elearning (NANTel) and Future of Learning infrastructure project; providing a distance learning system for the U.S. nuclear power industry which reduced costs with economies of scale, shared content, and secure student data.

Ruth further shaped the nuclear industry’s direction through her leadership of influential forums including:

  • Nuclear Information Technology Strategic Leadership (NITSL) Lead – served as NITSL’s Topical Area Lead working with the Nuclear Energy Institute (NEI) and nuclear industry utilities on cyber security related issues
  • Women in Nuclear (WIN) Chairperson – former Chairperson for the Atlanta Chapter of Women in Nuclear; active member leading the group for four years with the Nuclear Energy Institute (NEI) as the sponsoring organization

Ruth served as the Data Center/Telecommunications Acting Director for the Georgia Lottery Corporation, responsible for the setup of all voice and data communications for the state-wide, state-of-the art lottery network. She is also a senior university faculty and committee member:

  • University of Phoenix Area Campus Chair, Humanities and Information Technology – serves as the Humanities and Information Technology Chair and Lead Faculty Member; teaching courses in strategic planning and implementation, global management, critical thinking, project management, organizational behavior and leadership, operations management, history and political science, statistics for criminal justice majors, research, and philosophy
  • University of Maryland Cyber Security Certificate Program – serves as a steering committee member for the University of Maryland’s cyber security certificate program

Ruth earned a Doctorate in the History of Ideas from Warnborough University, a Master of Business Administration degree from the University of Phoenix, a Master of Arts in European History from Georgia State University, and a Bachelor of Arts degree in History and Economics from Oglethorpe University.

Ruth can be contacted at [email protected].

Three Strategies to Synchronize, Backup and Protect Your Business Data

Virtually every type of company generates valuable data that must be updated, retained and safeguarded, including ‘secret sauce’ information on company products, employee data and sensitive customer information. As a company leader, it’s your responsibility to create and implement a strategy to make sure your information is synced to enable collaboration, backed up to ensure retention and secured to make sure data doesn’t fall into the wrong hands.

If your company started out small, it may have seemed easy at first to manage your data. Maybe you saved it all on a server, and only a few employees had access to it, so you felt you could keep an eye on it easily. But as companies grow, they get more complex. And these days, more and more businesses store information on the cloud so they can scale their infrastructure as they expand and enable employees to access data on the road or from multiple locations.

Syncing data is critical if you want to make sure everyone has access to up-to-date information, which is especially important for companies that manage mobile workforces. Otherwise, you’ll end up with different versions of the sales data or data silos will develop on separate hard drives that result in only certain employees having access to information that everyone needs.

Synchronization needs to encompass all types of devices, including tablets and mobile phones, laptops, desktops, servers and external drives. The type of data sync approach your company should pursue depends on your unique business needs, your workforce and your technology assets. Broadly speaking, there are three different categories of data solutions to choose from; here’s a brief overview of each:


Hi there! This article is available for free. Login or register as a StrategyDriven Personal Business Advisor Self-Guided Client by:

Subscribing to the Self Guided Program - It's Free!


 


About the Author

Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager software.

Top 10 Cyber Security Tips

These days, more people than ever use technology, including mobile devices, to conduct their professional and personal business. Companies of all sizes place incredibly valuable data in cloud-based repositories, and hackers are constantly testing new ways to gain access.

For these reasons, it’s more important than ever to safeguard vital assets with sound cyber security practices – and to remain vigilant to prevent breaches. Here are 10 cyber security tips that can help you reduce vulnerability:


Hi there! This article is available for free. Login or register as a StrategyDriven Personal Business Advisor Self-Guided Client by:

Subscribing to the Self Guided Program - It's Free!


 


About the Author

Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager software.