One of the biggest threats to a business is computer-based vulnerability.
A virus, unscrupulous employee or a cyber attack can damage a company financially, legally and reputation-wise. With nearly all business nowadays connected online in one way or another, data and intellectual property are at risk. A computer security system is essential to protect one of the company’s most valuable asset: its data.
The best way to determine the required security controls for a business is to search for potential threats by looking at all the different ways a business stores data and connects to the internet. Some of the most common problems are:
. Computer viruses
. Cyber espionage
. Crimeware
. Point-of-sale intrusions
. Employees or insider intrusions
. Physical theft
Prevent to Protect
A look at the most common problems above will help determine where security controls should be made. Priority should be placed on prevention and protection as the best way to create an ongoing computer security system to protect a company’s important data.
Here are the six most common business data security problems with ideas on how to best protect and defend against them:
Computer Viruses
A malicious virus can spread like wildfire through various computers and systems, rendering important data and expensive hardware inoperable. The best defense against computer viruses includes a combination of up-to-date virus protection and regular, automated backups of important company data to a cloud-based server for future access.
Cyber Espionage
Companies with databases of valuable and highly sensitive data are often targeted for cyber espionage. To minimize risk, limit access of this information to key employees with password protection. Ensure that sensitive intellectual property of the Company is accessible only to individuals in the organization that require such access. Consider the use of Encryption software which is a strong line of defense to keep sensitive data protected. And a company should also consider whether or not this data should be shared and viewed via a network, which is riskier. It would be safer to make the data available through certain computer terminals that are not connected to a network if possible.
Crimeware
Crimeware involves the installation and use of malware to compromise a business system. One common example is phishing attacks. Once a phisher has control of a system they are able to capture information to use for future criminal activities. Our very own Phishdefy solutions is amongst the strongest protection against this type of attack. Common sense and on-going training is very important. A business owner and staff should never disclose private, company information like passwords and login information to third parties, even if the third-parties present themselves as reputable sources.
Point-of-Sale Vulnerability
Point-of-sale procedure weaknesses can create huge financial and legal losses for a business. Merchant processors have done quite a bit to minimize this type of risk, but a business still faces liability if they accept credit cards for payment. Keeping up-to-date with the latest merchant processing rules and regulations is vital. Microchip credit cards may reduce the risk of fraud and are becoming more common. But until they are more widespread, proper employee training on credit card acceptance, as well as the proper collection and storage of customer data both in paper form and via computer systems is essential.
Employee or Insider Intrusions
The most common problem in this category is a disgruntled employee seeking vengeance or looking for financial gain by stealing company data stored on a computer. The misuse of trust and privileges is at the core of the problem. Regularly changing passwords and logins for all employees is a good start. Limiting access to the most sensitive of data to essential employees protects a company’s intellectual property. A business should create and implement a standard set of procedures for all employees and sound internal controls to minimize security risk.
Theft or Loss of Devices
The theft or loss of devices or hardware holding unencrypted sensitive data can be a disaster. To address this potential risk, all devices should be passcode protected and encrypted. Regular, offsite backups should also be created so that if the hardware is lost or stolen, the data is still available for the business to continue operating.
Addressing these seven business security problems and creating a multi-layered computer security solution will protect a business against these costly incidents. Simple changes like malware and anti-virus programs, encryption, regular data backup to a cloud environment and a review of what employees have access to can be an effective start to protecting a business’ valuable business data and intellectual property.
More About CP Cyber
CP Cyber is a full service cyber security consulting firm helping our clients uncover risks and build top of the line defenses to prevent cyber crimes. To find out more about us visit our homepage here: https://cpcyber.com or follow our Colorado Cyber Security Google Page.