Security on your office network is a given. Your IT department protects you from the latest threats – but what about ransomware? It’s a story that doesn’t go away and keeps popping up in the news. However, those stories are all about big organisations that have been caught out, it doesn’t affect you right? Wrong! Like many small businesses, in fact a staggering 43% of you, think you are safe. The truth is very different. Small businesses are more likely to be a target. Most small businesses don’t have the resources to dedicate solely to this risk. What’s more, you and your colleagues are the biggest security risk to your organisation. How can that be?
Simply put cybercriminals have found ways to exploit the fundamentals of our human nature – to help one another. The social engineering of your employees to leak information that seems innocent, but arms the cybercriminal with a perfect way-in. Remember that phone call you took where you let slip the name of a director and that he was out of the office in another country? Maybe you didn’t even notice that you let it slip as the person you were speaking to seemed to know the individual. On the other hand, could it be that cold-call where you discussed the competitor solution your company uses and that you are not looking to change supplier? Then there are those people – you know the ones – who click on every attachment and link in an email – who cannot spot something that doesn’t look genuine. However, that person could easily be you – the office sceptic and ‘expert’ on suspicious looking emails. Social engineering is designed to extract just enough information, or pray on people’s fears, to entice them to click on a link in a phishing email. What about those website and social media links and even the humble blog like this one. Are you still sure that your IT department has the bases covered?
Right now they have more pressing things to consider will be their response. They are focusing on GDPR compliance. That’s right GDPR isn’t solely the domain of Marketing and HR. Your IT department need to ensure the data you hold is safe – they have a looming deadline. If the reputation damage from a data breach doesn’t shut you down the fines, up to an eye watering €20M, would be enough to cause even a large enterprise some serious financial discomfort.
The answer to this conundrum is simple and you don’t need to pick a winner in the priority race. Both of these high priority issues can be solved with one solution. Deployment of a unified security gateway (USG) would secure your business perimeter from ransomware and ensure your data is protected AND you meet GDPR security compliance.
Anti-spam features block those phishing emails and if they did managed to get through to your inbox, and you clicked on the link, content-filtering would prevent you accessing any suspicious links. Files infected with malware would be blocked from entering your network and you and your employees would be prevented from visiting unsafe websites and cloud applications. Intrusion protection and detection capabilities will give you back control and alert you to potential problems in real time.
Even if you think your IT team have this all covered can you afford to take the risk?