I have worked in the IT support industry; specifically, IT managed services, for nearly ten years now. During that time there have been some high profile ransomware attacks.
Cryptolocker and WannaCry, in particular, stand out and the impact on businesses and corporations, both large and small was widely reported. Ultimately our businesses rely on the data we hold to carry on trading and without it, or the systems on which we store it on, our businesses can grind to a halt.
There are many ways in which a company can protect itself or mitigate the risk, such as Antivirus software, backup and disaster recovery solutions or cloud security. However, the most significant cause of data loss, theft or major fraud using IT in business is human error which could be avoided with the right training from a qualified IT consultant in the IT support industry.
I often hear of businesses who have the newest kit, the most fabulous software and the highest availability but give no thought to the underlying principles of IT support such as basic IT security training for their employees (particularly in your accounts department) or password protocols.
To be fair, one of the primary principles of IT security that helps with being able to identify a fake email is often about common sense, and it could be argued that this cannot be taught, but basic awareness can. Usually, it is as simple as “if it does not seem right, the chances are it is not”. Some different scams regularly do the rounds around the office environment. Some of you may ask why the fraudsters continue to use similar tactics.
Well, it is because they continue to get results. However if you were to keep your employees up to date with new (or refresh on old) scams, ensure that any new employees are educated and instigate small changes to your supplier payment processes, you could reduce the odds of your business being on the receiving end of cyber crime.
To a small business, losing money to fraudsters can often lead to company closure. It sounds extreme, but it happens and more often than you might think. Even when a business can avoid this, it can still impact day to day trading both in the immediate and long-term. It can take months of work to get the business back on track and now that GDPR is on the horizon could increase the chance of financial loss. Moreover, of course, the reputational damage can be significant.
The criminals tend to be one step ahead of us and come up with increasingly clever ways to get us to part with our money. However, we can reduce the chances of this happening by being aware of basic IT security and making sure all our employees are too.
Here are a few tips:
● Do not open any attachments you are not expecting to receive (especially filenames ending in ‘.exe’)
● Do not download anything suspicious without checking with your IT Department
● Call your managers to confirm receipts. Emails that appear to be from a manager requesting urgent payments may not be genuine
● Hover over links in emails to reveal the website URL it will take you into. If it does not look genuine, don’t click on it
● If a supplier advises you of bank account changes, double check with your supplier using the contact details you have used in the past, not the contact details printed on the letter or email
● Update your Antivirus which will help identify and stop emails containing viruses
● Trust your gut instincts and don’t be afraid to ask for help if you are not sure
Ultimately, working with IT consultants to provide training or outsourcing your IT department to an IT support company such as AAG IT services is often the safest and most secure way to keep your business IT running smoothly.
For help on IT Solutions, back up and disaster recovery, vulnerability assessments or managed IT support contact AAG IT Services on 0114 3520688