I consider myself pretty knowledgeable when it comes to identifying threats that enter my own computer, but in a recent test on identifying whether a website / email is real or a threat, I scored only 7 out of 10. While my errors were on the side of caution, I think that it is often difficult for computer users to identify threats correctly. I firmly believe that the responsibility of keeping your business secure from cyber criminals should not lie with your computer users. That would be like asking the bank teller to be responsible for keeping out the bank robbers. Besides that, keeping up with cyber security is a fast moving target and businesses would be hard-pressed to keep all employees fully up to date with cyber security threats.
I firmly believe that the responsibility of keeping your business secure from cyber criminals should not lie with your computer users.
That would be like asking the bank teller to be responsible for keeping out bank robbers.
I’m not saying that basic vigilance on the part of the staff is misplaced, but I do believe that the security of a system is primarily the role of the IT department or your IT partner. At the same time all computer staff should be given sufficient training to be able to use IT in a safe and productive way that that includes to decide when caution is required and therefore when to escalate to management or to the IT department before clicking on that link or installing that application.
- In order to mitigate cyber threats businesses should concentrate of 3 areas:
Employ an IT partner who can ensure that all areas of the system are covered from any type of incoming threat so that:
– Each and every node the system is protected, whether it is a part to the system or is brought on site.
– The network perimeters are acting as a first line of defence.
– The website and cloud presence is protected.
– The system is protected from internal threats.
- Working with your IT company to prepare for the worst case scenario to maintain business continuity through solid:
– Internal and External backup and replication.
– Recovery processes of all critical devices.
– Recovery processes from a failure or hacking event.
- Creating and environment of awareness amongst staff on:
– How to treat any form of sensitive information.
– How to recognize a threat and how to take action.
– Social medial and email usage.
– Usage of BYOD devices.
Your IT security is only as good as your weakest link, and the unexpected cost of recovery to a business can be significant if an event occurs. We advise businesses to run their IT as though they expect a security breach to take place at any time.
We are at IDCTek / Base10 we are keen to see your IT system full protected in all areas and are offering a free assessment of your IT security situation. Call us on 09 307 3145.