What is cyber security? How can it affect me? Should I spend time worrying about it when I have a busy life or am running a business? Put simply, cyber security is something every person should think about and every business owner should invest time understanding. The more educated your are, the better protected both you and your private information will be.
This is Part I of this topic which explains what cyber security is and covers some myths about data security. Part II tackles some business myths and tips to help reduce risk. Our advanced post discusses Cyber Security: How to Implement IT Policies of Protection.
What is Cyber Security & How Does it Affect Me?
Cyber security uses a set of processes that focus on protecting the most important aspects of your business: your customer information and business data. It is the method of protecting information from being stolen, compromised or attacked. Processes include securing and protecting network and computer equipment as well as preventing unauthorized access, damage and attack to equipment and data.
Cyber security should be important to nearly everyone for this reason: customer information is valuable. You are a customer everywhere you shop and most likely that company stores some of your personal information. Online ordering almost always requires user id's and passwords, often saves credit cards, has mailing addresses, contact information and more. If you are a business owner it is your responsibility to protect your customers' information.
According to a recent article, “70% of business executives paid up when their companies were victims of Ransomware, and over half paid more than $10,000.” Our private data is valuable in many ways. Here’s how stealing your data can be turned into profit:
- Using the personal information gathered to apply for new credit cards, loans and more
- Selling the personal information to a third party, usually garnering a flat rate per identity
- Selling the personal information back to the business owner. Business owners often pay up:
- Because they do not have copies of their data to regain business operations.
- Because the backup copies of their data are not up-to-date enough to maintain business operations.
- To keep the information from getting into the news and costing them a loss of reputation, additional monies, and possible investigations into data protection practices.
Data Protection Myths - Consumers
A single copy of your data can mean you have a backup, however, there are some important things to consider. How often is that data copy updated? If something catastrophic happens, will you lose a day’s worth of work? A week? A month? Having the most recent copy be from 6 months ago will work for some people, but not for most businesses or hobbyists (photographers, designers, etc.).
Second and equally as important, be sure that any copies of the data on USB or external drives do not remain attached to the network. Ransomware will encrypt the infected device as well as all locally attached and network drives! This is just one factor of what makes Ransomware so dangerous. For the best chance of being protected against attacks like Ransomware, theft, disasters and more, utilize an offsite solution in your backup policy. Cloud backups are a perfect offsite solution because they run automatically, are in different physical locations and can run from any location where Internet is available.
Lastly, be sure to check your backups. Verify files can be restored when needed and that their integrity remains intact. While having a backup is great, you may be surprised if you never check those files. Checks can be quick, simply open a few random files regularly which also ensures the recovery process is known and tested.
Having copies of files is good, having multiple copies is better, and storing at least one copy in an offsite location is best. Also, check the integrity of these files occasionally.
It is important to note the following limitations:
- Anti-malware software is constantly being updated to allow for newly found problematic software. However, until software is found to be malicious, it can infect unsuspecting users.
- While the software can be used to check for malicious files, including USB drives, it cannot stop you from proceeding if you choose to ignore the warnings. In other words, the software is only as effective as the user allows it to be.
Cyber security is an important aspect for anyone regularly using computers. Unfortunately, consumer information has value, not only to those whom you directly do business with, but also for those who would choose to maliciously use that data. Having a plan in place to protect customer information and business data is necessary to reduce risk and exposure.
As always, taking the time to understand the latest threats and learning how to protect your devices can be the key to protecting the integrity of your files.