Scams, fraud and cyber attacks are now a part of our every day life. Just look at the Infograph prepared by Digital Guardian. I believe Yahoo still holds the record for data breach with 3 billion users impacted! The Ronin Network lost $615 million in USDC and Ethereum in March 2022. On the “smaller” end of the scams, The latest FTC data book shows that people reported losing $8.8 billion to scams. Australia is not much better. The sad part is that it’s not that hard to protect your business from these threats but most businesses do not do anything about it because they believe that it’s never going to happen to them.
The criminals are getting “better” at their job. Sooner or later, you WILL be a target. It’s probably not cost effective for you to have the same super high security level used by the likes of NASA or the government to fight the scams, frauds and cyber attacks. And that’s why these criminals are targeting the “easy” victims – YOU! However you can still do a lot in your day-to-day to protect your business and to minimise your risk without breaking the bank.
Having online security is critical in managing risk in your business and in building and maintaining customer confidence and trust if are you to ensure that you do not fall victim to any scams, fraud or cyber attacks. Data breach is proving to be a real issue for many organisations. Whilst people are your firm’s greatest asset, they can also be your greatest walking disasters when it comes to computers. Remember the old FBI proverb: ”10% of people are honest all the time, 10% are dishonest all the time, and for 80% of people it depends entirely on the circumstances” – or to put it another way – they really didn’t mean to wipe your system. It was an accident! Therefore, you will need to put security measures in place to protect your business from the criminals as well as the office idiots.
8 STEPS TO PROTECT YOUR BUSINESS
1. YOUR OWN PEOPLE
Most management do not understand the ins and outs of the computer system, let alone understand what it is that the computer whiz kid in the office does whenever there’s a computer problem. Small businesses do not have a whole IT department where you have checks and balances and no one individual has complete control. We know you must trust someone somewhere along the way, but management often do not seem to understand that trusting someone does not have to mean giving individuals unrestricted access to computer systems. This harbors excellent potential for computer disasters and it will definitely not protect your business.
2. LOGICAL ACCESS
Would it surprise you to learn that many businesses with employee remote access to the computers forget to remove their employee’s access profile from the system when that employee leave? After all, a former highly valued trusted employee would never dream of dialing back into your office computer. Or would they? Irreparable damage can be done by a disgruntled employees who believe they have been unfairly dismissed. One of my colleagues once told me a story about how their whole office was locked out of their computers by the departing employee who had the highest level of security clearance. It only took him 30 minutes to do the deed! And it took the company three days to get everyone back on!
3. NETWORK ACCESS
My view is that employees should never be allowed to download free private software e.g. games into your office network for them to use during their lunch breaks? I would go further and say that employees should not have private emails and private work on the office system. It is just too easy for your employees to unintentionally introduce new bugs and viruses into your system. Have you heard the story of the business that was fined for having pirated software on their system? Or about the virus that entered the system via a freebie game? Sometimes the programmer writes a virus into the software – a virus that is activated only when it is copied! Free is not free if your business is not protected!
4. SECURITY SOFTWARE
It is no longer optional. You’ve spent thousands building up your business. It is not logical to refuse to pay for anti-virus software in order to save a few dollars. I am not in favour of “free”. It is well known that if the product is free, then YOU are the product. Think about that! Viruses and malware are nothing new, and installing anti-virus software will help you protect your business. For those who want to take this one step further, install a VPN such as Protonmail which does have a free plan with mail, calender and VPN (for the small user). It can protect your privacy, by encrypting your traffic and routing it through a VPN server, making it harder but not impossible for observers to identify you and track your movements online.
Choose a strong password and change it regularly. And whatever you do, do not use the same password for everything. Whatever you do, do NOT use passwords like “letmein2000”. Every year SplashData complies a list of the millions of stolen passwords made public throughout the last 12 months, then sorts them in order of popularity. They are a lesson in exactly how NOT to choose a password. Just google “most common passwords” or any year you like and you’ll find a list. If you find it totally frustrating to have to remember so many passwords, use a password apps or software. There are many that you can buy. 1Password and Roboform are two of the most popular and the ability to have impossible to remember passwords protect my business! This is one software that’s worth every cent I pay and I would never be without it.
6. TOO SMART TO BE CONNED
Be alert. Some of the emails you get now look amazingly genuine. Do an internet search using the names or exact wording of the email or message to check for any references to a scam. Many countries also have government sites which lists all the known scams. Stop and think before you share any personal or financial information. Hacking occurs when a scammer gains access to your personal information by using technology to break into your computer, mobile device or network. Of course, many people believe they can spot a scam a mile away. Test your smarts with this Consumer Affairs Victoria or this one from Scamwatch. And talking of quizzes, scammers often use fake online quizzes and surveys to obtain personal or banking information. If you want to protect your business, never ever take a free online quiz. Scammers will use your personal information to target your business!
7. AUTOMATIC UPDATES
I know many people who refuse to update their computer. They have a “if it ain’t broke, don’t fix it”. But the updates happen for a reason. Updates are there to fix up the bugs that they’ve found in the software. The software developer is not upgrading their software just to annoy it. They do it before they have to. If you don’t want to do it automatically, at least make sure that you update it manually regularly.
8. BACK UP
Do you have a good backup and off-site storage program? Is your backup in the cloud? (That in itself, brings on another level of security risk). Have you ever wondered what you would do if you walk into your office tomorrow morning and all your computers are gone? Or you find that your computers have just caught the dreaded virus? Or some computer hacker’s been into your system and messed it up. Does your backup actually work? Have you heard the story of the company that religiously backed up all their data, only to find that their computer whiz kid had written their backup program to backup programs only and not a single piece of the data had been backed up. Or the story about the company that had a restricted access so secure that even the backup program was refused permission to read and backup! There’s nothing quite like a bad experience to teach you a lesson! If you believe that it’s never going to happen to you, then you’re burying your head in the sand. Be prepared. Protect your business. Backups are a must for any business.
WHY DO SCAMS SUCCEED
So, at the end of the day, remember that scams target people of all backgrounds, ages and income levels and all sizes of businesses and in every country. There is no single group of people or business who are more likely to become a victim of a scam. It’s not only the naïve and gullible who fall victim; all of us may be vulnerable to a scam at some time. I’ve had clients who have been scammed – and some of them have an IQ that’s out of this world. Scams succeed because they look like the real thing and catch you off guard when you’re not expecting it. They also exploit your desire to be polite and respectful, as well as your generosity, compassion and good nature.
As Michael Matthew said, ”To err is human, but to really foul things up requires a computer.” And for many businesses, if you destroy the computer (with all of it’s information), you will effectively destroy the business. That’s why so many businesses pay up when they are hit by a ransomware attack. The cost of reinstating all the information from scratch will bankrupt most businesses.
BUT let me end on a positive note. Don’t let this fear of scams, fraud and cyber attacks stop you going online. The opportunities are there – especially for businesses. You now have a global reach that was not possible years ago. So, unless you want to go and live on a deserted island with no communication, then it’s really more a case of putting in the steps to protect your business.