I recently binge watched the widely talked about Netflix original series “You”, a psychological thriller following a New York bookstore manager called Joe who becomes obsessed with a customer (Guinevere Beck, referred to as Beck) and begins stalking her.
While watching this, I clearly had my work hat on, as the thing that really stood out for me was Beck’s lack of interest in her online security. For example, she had no password protection on her laptop, her social media accounts were all public, she lost her phone and didn’t think to have the device blocked or change her android password, the list goes on! Maybe I’m paranoid, or too private in the age of the internet, but it made me wonder, how much thought do people put into their own security and are these lax behaviours being carried into the work place?
A survey produced and run by LastPass, a password management and security platform, found that 81% of all business breaches are due to weak, shared or re-used passwords. This is not new news; however, it does highlight that even considering all information out there on password strength and security, the message isn’t being heard. LastPass also shared that the average security score across their clients was 53 out of a possible 100. These scores are aggregated by looking at password repetition, strength and date last changed. If businesses who adopt a system like this are still scoring well under the recommended minimum of 70, what would the scores be for those who have no password management in place?
In April 2018 The Independent reported that “Nearly half the businesses in the UK have fallen victim to cyber-attacks or security breaches in the last year, costing them each thousands of pounds”. If we focus on Greater London, according to the Office for National Statistics (UK Business; activity, size and location 2018 report) there were 506,108 active businesses – this means that potentially 253,054 companies could have been breached. This number should be far lower considering there are so many measures that can be put in place to help prevent these attacks!
If you want to ensure your business is secure there are several things you should be asking your IT partner about. But remember, introducing new systems or processes requires training. Repetition is key when it comes to adopting new practices, so keep the training regular.
Things to ask your IT Managed Service Provider about:
Multi-factor authentication is an additional layer of security that requires a randomly generated code to be entered at the same time as the password to verify who you are
Password management systems remove the headache of remembering 100 passwords, allowing you to create stronger logins. It is also great for team password sharing, as logins can be shared without the other users being able to see the password – read about LastPass here
Mobile Device Management such as Intune helps your data protected. Used on laptops, tablets and phones it protects data by controlling the way it is accessed and shared. You can also set company security requirements that must be adhered to e.g. 6-digit passcode on phones
Email security – phishing attacks are on the increase so it’s important that your email is secure as it can be. Products like Mimecast add any additional layer of filtering on your email and help your team spot and block potential threats
Interested in the above? Get in touch with our team to find out more email@example.com