The Dangers Lurking In SMB Networks
The most significant risks to SMB’s don’t always come from threats with catchy names like Wanna Cry. Instead, the biggest threats can come from sources with names that are often more mundane like “Paula in Accounting” or “Dave in Purchasing.” That’s because the most acute cybersecurity risk in any organization comes from within. Yes, hackers can do their thing and need to be monitored, but Paula in accounting can be even more menacing.
Paula or Dave don’t need to be bad people. Chances are they’re just opening that video of cute puppies riding on a unicycle that their friend sent them. Or carelessly setting their password as ‘12345.’
The human element of cyber risk is the major cause of 90 to 95 percent of security incidents.
How to mitigate internal risks on SMB Networks
There are a number of technical steps your IT department or service provider can and should take. One major, but often ignored is identifying the risky user. Once the risky user has been identified; then the key is to try to preempt poor practices that can be stopped, while not impact business productivity. This includes education and warnings on key poor behaviours.
The core issue is very often people who make mistakes, get tricked, or don’t know any better. Things like people choosing guessable (or crack-able) passwords, failing to apply updates, clicking their way into trouble on the web, and getting duped by phishing scams. These, in turn, provide the opportunity for attackers and malware to take a foothold.
Your IT department or service provider should be helping here — such as enforcing good password practices, maintaining appropriate updates and patch statuses, preventing access to blacklisted sites, and domains etc. Indeed, taking care of some of these baseline technical aspects can provide the safety net against many employee errors. Having said this, what we have found even more effective is education of employee awareness and training, to ensure that they appreciate the reason for some of the user-facing security controls and understand how to use them.
Ransomware and malware attacks are continually on the rise, so it’s important for every organization to implement security policies and procedures to keep your network and data safe. Businesses of all sizes need to take the time to develop formal, documented IT security policies and revisit these policies and procedures on a regular basis to keep them in line with your business environment.
Security is a Process not a Product
Contact Tech Precision to see how we can help you implement the processes you need to keep your business safe.
<< BACK TO CASE STUDIES CLIENT PROFILE Company Plan B Services Industry Land Development Country Australia Employees 80 Website planbgroup.com.au Plan B Services turn to Tech Precision to support the Group Business Manager with the IT function for relocation...
<< BACK TO CASE STUDIESCLIENT PROFILE Company Blaze Staffing Solutions Industry Multi Specialist Recruitment Country Australia Employees 10+ Website blazestaffing.com.au Blaze Staffing Solutions turn to Tech Precision to replace incumbent IT service...
Talk to an IT Solutions Expert
Need to talk to an IT Expert? Fill the the enquiry form and one of our experts will get in touch with you shortly. If you prefer to give us a call, we are ready to talk on:
1300 788 738