1. Unexpected e-mails
Many e-mail systems today now do a relatively good job of automatically filtering any suspicious e-mails to junk folders, although they are not always effective.
All it takes is a little naivety or a lack of understanding of phishing techniques to expose your entire network to critical malware. One way to reduce this risk is to keep your team well informed of the latest phishing e-mails so that they can familiarise themselves with fraudulent e-mails.
Common examples of phishing e-mails that you are probably already familiar with include requests to send money to strangers overseas, fake job advertisements and fraudulent tax demands claiming to be from HMRC.
2. Browsing websites that have not been predetermined as safe to use
On a search engine, many anti-virus packages will instantly include a small symbol next to a web link, which will inform the user whether or not the link in particular is safe to click on.
Anti-virus software can help you ‘pick and choose’ which links to click on
While not 100 percent effective, this can significantly reduce the risk of accidentally clicking on any dangerous links, as your virus software should normally be able to identify any ‘suspicious’ websites before you have even clicked on them.
3. Employees uploading documents and photos from their own PCs
For years, businesses from all industries have sought to protect their IT systems by banning employees from uploading data via their own personal memory sticks, as this opens up the risk of home viruses spreading to the business’s computers. However, this method has not been entirely successful, since it is much more difficult for employers to prevent employees from downloading attachments from their e-mail accounts that may have originated from their home PCs.
It is a natural flaw of the human mind to accidentally forget something, occasionally fail to give 100 percent attention, or simply become distracted by people or external factors out of our control. Unfortunately, with regards to the law, ‘forgetting’, ‘being distracted’ or just ‘being human’ does not mean you are innocent, nor does it mean you are ineligible for being responsible for negligence.
Date breaches affect most businesses
According to a study by the Trend-Micro sponsored Ponemon Institute, just under 80 percent of businesses questioned had experience one or more data breaches over a two-year period. With regards to defining ‘data breaches’, this includes any loss of data containing confidential company information not intended to be accessed by anyone other than authorised individuals in an organisation.
5. Exposing client data
There is only one thing that’s considered more serious than exposing your own confidential data: exposing your clients’ information. Such acts of negligence can cost companies thousands, if not millions, much of which may be spent on expensive legal cases from clients whose data breaches may have even cost them their own clients.
Trend-Micro also revealed that approximately two thirds of small and medium sized businesses were not able to do enough to protect their confidential data with the technology and training available to them.
The lesson to learn – ensure everyone on your team understands these threats
The key to safeguarding your business and protecting your company and your client’s interests is to ensure that all members of your team are completely aware of these threats and follow the correct procedures. A simple ‘slip of the tongue’ or misplacing a device containing confidential data is all it takes to put your business in jeopardy.
Damian Coates is the Commercial Accounts Manager for Utilize IT Support which has been delivering ethical and transparent IT support service and solutions to companies in London, Essex, Kent and the Home Counties since 1997