Last month we discussed some initial ideas on cyber hacking/cyber terrorism. This month we will go into more detail on this big threat to business and suggest steps on how you can preclude damage to your system.
Employee education and training are key essential elements to precluding problems in your business. During a recent cyber terrorism breakfast in Texas, a panel of computer and telecommunications experts addressed the challenges that many small business owners face with cyber terrorism.
Interestingly, the experts said that sometimes innocent usage of your computer network by your employees can cause problems never before thought possible. Here is an example: An employee uses your network and business computer to connect to a personal social media website. While the employee is reviewing the website, a hacker obtains access to your corporate network.
How? Well, your business computer is connected to a social media website, allowing the hacker to get to your network and then start to explore and see what files and accounts can be exploited.
If this happens at your company, positive, not negative, punitive motivation solves many of these challenges, the experts said. If this were to happen at your company, educating the employees on what has happened, how it happened and why they should not be using company equipment to check personal accounts goes a lot further than initiating immediate disciplinary action on the employee for failing to follow the rules.
Law offices are another highly vulnerable target for computer hackers. Law offices have files regarding trial matters, bank accounts and other highly confidential material that can be exploited for significant monetary value. This is one area where law firms should use professional service providers to install and continually check their systems to ensure that those systems are safe from hackers and outside cyber penetration.
With the increased use of computers, tablets and smart phones, the demand for telecommunications bandwidth is rising by 40 percent every year. More bandwidth equals more business growth. However, this also means that you, the business owner, need to more carefully manage your computer system.
Frequent and periodic data backup is another area that will help if your business experiences a cyber-terrorism attack. We recommend that all data be backed up daily, if not weekly, if not monthly. This is an area where “more is better.”
We worked with an entity that failed to back up their accounting data and lost about $45,000 in eight months. Although the answer given by the bookkeeper was the “computer got fried,” our consultants suspected that the entity was the victim of embezzlement by the bookkeeper. Sadly, the time to reconstruct the records was significantly more expensive than the $45,000 which was lost. Data backup is another form of good internal financial controls.
If you decide to use a cloud computing service, perform substantial due diligence before you engage their services. The experts at the cyber terrorism breakfast told a story that will curl your hair. A company elected to use an outsourced cloud computing service to process their data. All was fine until the system crashed one day about 4 months into the engagement. The cloud computing company never performed any backup, so all of the firm’s data was lost and destroyed.
The computer security area is one area where you need to spend money. Saving money and not paying attention to the outside environment in the cyber arena will ensure that you will lose money when your system is hacked.