Every day we hear of someone affected by breaches in cyber security. From unknown transactions on your credit card, social media hacking, or data leaks.
Cyber criminals are constantly looking for an opportunity to exploit. This is distressing on a personal level but what happens when they attack your organisation?
According to gov.uk, the BIS 2014 Information Security Breaches Survey reported that “81 per cent of large organisations had experienced a security breach of some sort. This costs each organisation, on average, between £600,000 and £1.5m”. Most recently the NHS became the latest victim of cyber-crime following the largest attack in its history when it was infected by a ransomware attack called “WannaCry”, which demanded payment to regain access to medical records.
Aside from the financial impact, disruption to staff, suppliers, or a loss of faith in you from your customers. A loss of intellectual property due to a security breach could give away your trade secrets and with the implementation of the GDPR on the horizon the financial fines be fatal to your organisation.
While totally eradicating the risks of a data breach is impossible – they can be mitigated.
Moving to a cloud based server like Microsoft Azure, which has more security certification than any other cloud provider will ensure you retain ownership, and control over your data.
Security and privacy are embedded into the development of Azure and the Azure Security Centre makes Azure the only public cloud platform to offer continuous security- health monitoring. Moving your data to Azure will ensure your information is secure in the best possible hands.
There are practical measures you can implement to help safeguard your organisation. In February this year, The UK Domain released ‘Ten steps to keeping your business secure online’ summarised below:
1. Managing Risk: Accept cyber security is ongoing. Create a plan to continually assess and monitor risk in your organisation.
2. Passwords: Keep them safe and secure, remember to change them every six months and use a mixture of numbers, letters, characters, cases and symbols.
3. Preventing Viruses: As well as installing a trusted antivirus software and ensuring a firewall is active, warn employees about suspicious emails or downloading from untrusted sources.
4. Security Settings: Ensure all software is up to date, record serial/asset numbers of equipment and backup data regularly.
5. Browsing and Sharing Safely: Use public WIFI only when absolutely necessary. Encrypt all personal and confidential information and use cloud services to host your files.
6. Securing Your Own Equipment: Apply the same guidance to personal mobiles and tablets if being used for work purposes.
7. Peripherals: If you have to use USB sticks, always encrypt them.
8. Training: Make sure all staff understand the risks and how to help mitigate them.
9. Monitoring: Monitor systems for updates and check logs for detected and recorded suspicious activities. I also highly recommend regularly checking the National Cyber Security Centre website and following their Twitter for live updates.
10. Managing Security Incidents: If a breach occurs, you will need to revert to backup data. Identify failures and put systems in place to address them.
As a Microsoft Dynamics NAV provider we have recently undertaken ISO27001 to ensure we are as safe and cyber secure as possible. If you would like to discuss how we can help your organisation become more secure please do not hesitate to get in touch.