Posted on 13 January 2016
One thing many small & medium businesses fail to keep a handle on is their data security and why it is important to keep it safe. Much like recent security breaches with PlayStation and more recently TalkTalk, & VTech having customers details breached could potentially be catastrophic to any business large or small. If you lose the trust of your customers because they feel their personal information is unsafe there is a good chance you could lose your business as well.
Data and how to secure it is an art that is becoming very popular and more necessary as more and more users adopt the cloud solutions that are available. This has opened up a world of technology that was only ever adopted and used by the corporate businesses of this world; this now is a thing of the past where most technology is used by SMB market as well as if they were a corporation. Microsoft are leading the email market with their 365 offering, to personal and business users alike, at a very affordable price for the use of Exchange server (Their flagship email platform) just like a corporate.
You should always start with the basics of user system entry, this is the password and how people think about this, and how they look after those thoughts about a password. A worryingly large number users see it as an inconvenience rather than a protective layer to their (and their employers) data.
The cloud adoption I feel has made users become lazy in their protection of data as they will (well the majority of the population) assume that if the data is in the cloud it is the responsibility of the host of their cloud data to look after it. There should ALWAYS be an onus on the individual or business owner to ensure that their business data is safe and where it is held along with regular checks on security of that data. So should people store their Data locally? Maybe my answer would be yes and no. The internet has opened the world up in terms of being able to access a multitude of data and utilising the faster speeds available making the use of the CLOUD far more appealing to the business sector, reducing their IT costs quite dramatically. It is vitally important that people understand the risks involved as well as the benefits especially if they hold customer information.
There are always going to be cyber criminals on the lookout for the easy target, as well as a target that is a more exciting challenge. This makes your company IT policy an important part to ensure you are forming an extra security layer. Therefore it is vitally important that users are made aware how important security is, I will start with user passwords and keeping them safe. Whilst it is just as important that the IT Manger sets a password policy that ensures complexity to reduce the chance of breach. I was amazed to learn that the password “123456” is now outstripping “password“ as the most commonly used user password for domestic and business users. So if a home user likes to keep things simple for the computers at home then their adoption of a complex password if they already have the mind-set that passwords are an inconvenience to gaining access to their own data at home is going to be a challenge for the IT department on a regular basis. But it is exactly that attitude that will get your business data getting into the wrong hands, or even worse having your system breached and data stolen right from underneath your nose. (Or maybe I should have said keyboard) There are now many password managers available to store all your passwords encrypted in one place, this is down to the owner to have a secure password and the ability to remember it when needed!
Whilst having a stronger password, obviously the longer the better, the recommended which is minimum 8 characters, with at least one capital letter, one lower case letter, Number and one symbol within it is going to be a harder nut to crack. This is to say that it will not be cracked. It is also very good practice to change your password at the very least once a year. You also do have to remind yourself that passwords are “cracked” and systems are “hacked”.
Next time I will discuss further next two-step password protection and other security threats that are prominent in our digital world.
If you would like to discuss data security and best practices please contact us to find out how we can help.
Contact Darrell Peter IO42's security expert or call 01494772227