Do you need an IT soul mate?
If you don't have an IT best friend -- not necessarily the in-house specialist whose company job is to keep your business safe from cyber attack (and know how to respond if an attack happens) -- think about finding one: Business cyber attacks are more frequent, and more costly, than ever.
A knowledgeable friend to talk with about cyber issues can help.
"Attacks are wide-ranging and complicated," says Dave Davenport, CEO at Itasca-based MotherG, an IT managed services provider. "The risk depends on the type of business you run," Davenport continues, but, he adds, "be aware that the cyber attackers are becoming more sophisticated."
More sophisticated? Consider a MotherG webinar report that ransomware perpetrators have "enhanced their tactics." (A ransomware attack occurs when access to the data in your system is frozen and, the threat is, will be destroyed unless you pay a cash ransom.)
For example, Davenport said in an interview, some ransomware perpetrators seek to lure your payment with a "Try Before You Buy" solution to the ransom demanded -- offering victims "an opportunity to decipher one file free of charge." Another option intended to push your payment is a "Time Limited Offer" featuring a countdown clock that shows the time you have left to pay the ransom and free your data.
Ransomware has become distressingly common. According to the 2018 Data Breach Investigations Report published by Verizon, "Cyber criminals don't have to steal data to make money -- they can just stop you from using it." Ransomware, the report says, "is easy to deploy and can be very effective ... off-the-shelf tool kits allow any amateur to create and deploy ransomware in a matter of minutes."
MotherG's list of common cyber threats includes 11 examples, ranging, naturally, from ransomware to drive-by downloads (the term for what happens when you, or an employee, click a link on an infected website); denial of service (when the bad guys flood your system with worthless data), and password attacks.
There are steps you can take to provide at least some protection for your business. Among Davenport's suggestions:
• Tighten up passwords. A list from SplashData Inc. of 2017's most common, and therefore weakest, passwords includes: 123456; password; passw0rd; trustno1; 12345678; qwerty and 12345. SplashData is a Los Gatos, CA, security firm.
• Staff training. Among the topics should be phishing attacks and how to avoid them, and ways to strengthen passwords.
• Protect your intellectual property, which ultimately could be more valuable to your business than much of the data on your system.
• Periodically review who has -- and who needs -- remote access to your system.
• Restrict user installation of applications.
• Know who is opening, saving and moving files.
If you'd like but don't have an IT professional to occasionally chat with over lunch, ask your peers who they talk with -- and are willing to recommend. From new software to the growing use of two-step authentication, there are plenty of topics to discuss.
• © 2018 Kendall Communications Inc. Follow Jim Kendall on LinkedIn and Twitter. Write him at Jim@kendallcom.com. Read Jim's Business Owners' Blog at www.kendallcom.com.