Skip to main content

Insider threats: Not as uncommon as you think

Insider threats: Not as uncommon as you think

When we speak of cybercrime and data theft, we typically think of seasoned cybercriminals. But you’d be surprised to know that the cause of businesses becoming victims of cybercrime is most often their own employees--sometimes on purpose, sometimes inadvertently. Remember Bob from accounting who was let go? Or the new intern who worked for 3 days and never showed up? Yep! They could engage in cybercrime activities to ‘get back at you’. Many businesses have been victims of cyberattacks brought on by disgruntled employees, both current and ex.

No matter who attacks you virtually, whether it is a seasoned cybercriminal or an employee who is simply upset with the kind of coffee your office coffee machine makes, becoming a victim of cybercrime causes you a lot of damage. For starters it erodes the trust your customers have in your brand, it affects your brand negatively. If your data is held ransom, you have no choice, but to pay up the demanded amount of money, there may be legal/regulatory penalties to pay as well and then there are chances of lawsuits that you will have to settle. And, remember, your business won’t be running as usual during this time, resulting in a direct revenue loss as well. So, how do you prevent such internal threats? Here are a few tips.

  1. The first step is to recognize that your own staff can be a threat. Adopt a trust, but verify, approach and take the necessary steps in line with that attitude.
  2. Educate your staff about the dangers lurking online. This will prevent cases where your staff are inadvertently party to the crime. Sharing OTPs, passwords, use of unsecured Wifi networks, leaving devices unsecured, visiting suspicious sites, clicking on phishing links, opening dubious attachments, etc., are all examples of your employees accidentally opening the doors for a cybercriminal.
  3. Conduct sessions on corporate ethics, reinforcing what’s acceptable and what’s not. Also brief your staff on the consequences of unethical virtual behavior such as data theft, hacking or wilful compromise of your network and data security.
  4. Perform surprise audits to check if your IT policies are being adhered to. Take actions against staff found flouting the rules.
  5. Invest in cybersecurity systems such as firewalls, network monitoring tools that identify and alert you on abnormal IT activities, powerful anti-malware programs, role/permission based access management mechanisms.
An MSP specializing in cyber security will be able to help you build a secure IT environment that takes into account all of these and more, so you don’t have to worry about threats to your data.

Comments

Post a Comment

Popular posts from this blog

Leave virus protection to your MSP Doctor

Leave virus protection to your MSP Doctor Cyberattacks on individuals and businesses for nasty purposes is nothing new. Stealing data, disrupting business, national activities, and just causing general mayhem has been going on for as long as there has been a digital world to attack. Ransomware, however, seems to stand out as a particularly unique and especially troublesome form of crime. For one thing, once an attack has happened, there is likely nothing to do to retrieve your data until you have given in to the demands of the criminals. As a small- to medium- sized business owner, you should never just rely on off-the shelf virus protection programs as the sole tool to protect your organization against cyber crime. In all cases you should rely on an IT professional to look at every aspect of your IT infrastructure to ensure that everything possible is being done to protect your data. Beyond that, ransomware attacks are a particularly troublesome form of crime that requires special...
Post a Comment
Read more

Stars of the show: Cloud and VOIP

Stars of the show: Cloud and VOIP Despite annoying challenges presented by the abrupt shift to the WFH model thanks to the pandemic, there were some tech heroes that saved the day. These two made WFH possible. The cloud The cloud is that platform whereby you outsource your data storage as well as many of your applications. With the cloud, your data and software applications are no longer physically located in a specific geographic location. Therefore, access is no longer tethered to a user's physical location. The cloud was the biggest game changer during the pandemic because it allowed businesses to get anytime, anywhere access to their data as well as critical applications. It wouldn’t be wrong to say that if it weren’t for the cloud, a lot of businesses wouldn’t have been able to survive the pandemic at all. VoIP Along with the cloud, VOIP proved to be one of the most critical elements when it came to business continuity during this pandemic. It revolutionized business commu...
Post a Comment
Read more

Two reasons to pay attention to software

Two reasons to pay attention to software Software matters. What your employees use can impact your firm and your customers. Pay attention. Make rules. New software applications In the pre-pandemic phase, even when companies had staff working from home they were fewer in number and a lot of them even came into the office a couple of times a week to ‘just catch up’ on work and with colleagues. So, no one really had paid any attention to collaborative software programs because engagement levels were pretty high with just a handful of staff working remotely and connecting on the phone or in-person anyway. It was only after the pandemic forced organizations in their entirety began to operate –from CEO to intern–that businesses recognized the need for collaborative software programs such as Microsoft Teams, Zoom Meetings, Google Meet, etc. Similarly, from the productivity tracking perspective, software programs such as TimeDoctor, Roadmap, Tick, Timely, etc., became popular. The challenges...
Post a Comment
Read more