We live in an era of constant digital advancement. Technologies pile one on top of the other, each trying to outdo the last. In many ways, the competition and focus on development is a good thing. It drives progress, brings down prices and allows small businesses access to opportunities once only available to their larger counterparts.
However, with increased availability comes increased risk. Small businesses face exposure to hackers who would steal valuable information and post it online or use it to their own ends. The best way to stop this from occurring is to invest in online security programs, spyware and malware detection programs, and by educating your employees on safe Internet practices.
But even with these measures in place, leaks can still happen. That's why it is also essential to detect, report and neutralize any virus or hacking attempt as soon as possible. Companies must be vigilant and persistent in their efforts to preserve their network's integrity.
Know there is a problem
According to the North American Security Administrators Association, a survey of small and mid-sized state-registered investment firms revealed that 76.8 percent have cyber-security policies and procedures in place, but only 4.1 percent were aware a breach had occurred, according to Think Advisor. Raj Bakhru, CFA and CEO of Aponix Financial Technologists, told Think Advisor that the data collected in the survey is troubling.
"These firms are conducting either basic network testing or self-assessment. While both actions are encouraged, firms ought to be conducting independent cybersecurity risk assessments, and the vast majority is not." He continued, "A risk assessment covers deficiencies in documentation, processes and procedures, workflow flaws and vulnerabilities, vendor diligence, and beyond, in addition to internal and external network testing."
The survey also showed only 44 percent of the respondents had a policy for training staff on security maintenance, while 85 percent do not use mobile device management to track data on smart phones or tablets.
Use anti-hacker tools
Fortunately, not every coder or software developer is a hacker. Plenty of experts use their knowledge to find ways for those without the technical savvy to uncover leaks.
Websites like Pastebin and Slexy often serve as a database for hackers to anonymously post email addresses and passwords for any and all to see, reported PC World. Because thousand of emails are posted there each day, it is unfeasible to sift through the hordes to determine if one of yours has been compromised.
However, developers are building websites to do that for you. Troy Hunt started "Have I Been Pwned," a database through which users can enter their email address and see if it has landed in an undesirable and highly visible place. The website does not store the found addresses, it merely lists them on its feed.
Because the email addresses are not stored, it is more difficult to scour the Internet underworld for stolen data. But that is possible through other services. Last week, 5 million Gmail email addresses and passwords were leaked, prompting the creation of several websites that allow users to determine if theirs was among the revealed accounts.
According to CSO Online, the United States leads the world in malicious websites, accounting for 38 percent of worldwide penetration. As such, small businesses should be on the lookout and spare no expense to ensure their cybersecurity.
IT and tech industry piece brought to you by Marlin Equipment Finance, leaders in information technology equipment financing. Marlin is a nationwide provider of equipment financing solutions supporting equipment suppliers and manufacturers in the security, food services, healthcare, information technology, office technology and telecommunications sectors.