Lessons companies can learn from Ashley Madison data hack
IN the wake of the highly publicised Ashley Madison data hack, where more than 33 million people's personal details were leaked, it's worth companies taking time to review the safety of online data and identify what steps, if any, businesses can take to protect data from being hacked and details being breached.
Online thieves are constantly on the lookout for data to steal. This includes personal information, financial records, intellectual property and other valuable data. This information can be used as a means of stealing money from bank accounts, credit cards, or simply selling personal information to a third party.
So, amidst the fears of hacks akin to that of Ashley Madison, how can Northern Ireland businesses protect their precious business data from online thieves?
Firstly, let's identify the channels which contain and encompass potential data breaches. These include; your network, computers and mobile devices, all of which are readily used in modern business.
Remember that security is only one half of complete protection. It's vital that businesses implement a proper backup strategy, and whilst security is essential in preventing hackers from accessing data, if your data is corrupted or lost, it can be impossible to recover. Therefore, in order to proactively protect your data, it is essential to back up information effectively.
Here are five simple things businesses can do to protect sensitive data:
CONDUCT A SECURITY AUDIT - In a fast paced and ever-changing IT sector, many Northern Irish companies may not know what parts of their business are vulnerable or what aspects of data need to be projected. Thus it is critical that businesses audit their entire IT infrastructure, servers, computers and network to determine what they may need to prevent hackers from accessing their network.
USE STRONG AND MULTIPLE PASSWORDS - Too many of us use simple passwords and perhaps the same password for our computer, email or even online banking which makes it easy for hackers to guess or crack. When you have complicated passwords, a simple “dictionary attack”, which is an automated tool that a hacker will use to form dictionary words and numbers to crack passwords, is less likely to happen.
IMPLEMENT A SECURITY SOLUTION - We have all heard of the word firewall and how it protects business networks. However, a lot of companies do not utilise this tool and in many cases it is configured incorrectly or not managed at all. A firewall is software or hardware that checks information coming from the internet or a network, and then either blocks it or allows it to pass through to your network. A firewall can help prevent hackers or malicious software from gaining access to your data through a network or the internet. To help protect your network I recommend integrating both a firewall and an antivirus solution.
UP-TO-DATE ANTIVIRUS SOFTWARE - Hackers will try any method of intrusion to gain access to critical business data so it is crucially important that Antivirus software is kept up to date and monitored to ensure all threats are dealt with before the problem escalates.
WINDOWS SECURITY - Microsoft provided support for Windows XP until April 2014 and since then no new updates have been released. Therefore businesses will become more vulnerable to security risks such as hackers or viruses. Anyone using Windows XP or below should consider upgrading immediately to at least Windows 7 which has support until January 2020.
Securing your business's data is not easy, and it takes expertise. However, you can implement very practical and simple solutions (such as these tips) to ensure that when a hacker sniffs around your network or computers, they will move on to another system - because your infrastructure is not worth the trouble of hacking into it.
Think about your average street mugger. They want to steal a purse or wallet from the victim whom they believe is vulnerable, so they can get away with their crime as easily as possible.
One of the most important things for local businesses is to educate its employees in security best practices and ensure that they know how important their role is in securing business data.
:: Gareth McAlister is managing director of Nimbus Computer Solutions in Belfast (firstname.lastname@example.org)