In today’s article we have directed our attention to hackers and the potential for electronic break-ins and corporate espionage. We now live in a corporate environment “where we cannot survive without access to computer networks and we’re totally enslaved to the technological innovations and breakthroughs of today.”
In zimbio.com one blog suggested that the incidence of cyber crime had risen by more than 400% in the last few years, as security violations now plague the business world. Businesses are always processing confidential, proprietary and/or financial information on behalf of their clients and customers, and with this they are relying upon their staff and clients to support this through the use of different technologies both internal and external to the organization.
However, before dealing with the issues surrounding hacking it is important to take a step back first and consider the issue of security as a whole. In an article titled “Tips for Preventing Business Espionage” research has found that 75% of business espionage occurs from obtaining physical documents or electronic files, rather than just hacking. Businesses need to introduce some initial security safeguards to protect their assets, intellectual property and clients. Some recommendations include:
- Shred all company documents before they are discarded.
- Do not print sensitive company or client information that can be easily copied or stolen.
- Secure all physical client and company files in locked filing cabinets.
- Use copy proof technologies like Adobe Acrobat or Pagemaker, allowing you to protect your documents from duplication.
- Set access controls for your business applications to limit the documents that can be viewed and/or printed.
- Use print encryption to protect sensitive company and client information, so only those that have authority can view necessary information.
Beyond this we are dealing with computer espionage where faceless criminals want to hack into your network. These faceless criminals or “hackers” will have different agendas:
- Sourcing information from corporate individuals to either provide information directly to a competitor or requiring the company to purchase software to prevent future attacks.
- Disgruntled employees may be candidates trying to source copyrights, trademarks, patents and other intellectual property to support their future endeavours.
- Accessing client information such as identification and banking details as a means to support other forms of espionage aimed at individual and personal gains.
As technology advances it provides opportunities for hackers to find new ways to attack your businesses technological infrastructure. As large and multi-national companies are investing more and more in security, hackers are turning their attention to individuals and small to medium enterprise businesses for their personal and selfish gains.
What do we recommend?
There are a number of ways to tackle this problem and to protect your business, clients and staff:
- A strong firewall is important to prevent hackers and viruses from entering your network and your businesses other technologies;
- Ensure that you have the latest and best antivirus solution where the subscription is active and it is continually updated;
- Set internal company policies regarding on-line activities that are acceptable, such as appropriate websites. In larger organizations, intranets are used to support staff. With SME’s attention needs to be given to the type of websites accessed, rather than providing “unlimited” access to all websites;
- Policies need to be developed for passwords, where they are changed every 60 to 90 days, and the convention used such as alphanumeric and other type of characters and formats that are acceptable. For instance, best practice suggests that passwords need to be at least 14 characters long;
- If you are using an IT Service Provider to support your business you need to understand their role in supporting your company’s security needs here; and
- Be prepared to change your business policies and processes to accommodate changes in regulatory, technological, and competitive environments, in order to minimize business risks.
These are important considerations to ensure that your business is more secure and business productivity is maintained and overall risks are minimized. We encourage that you have these discussions with your employees and with your IT Services Provider to ensure that your policies in this area are relevant and are supporting the evolution of the environments in your industry and your business community overall.