Working from home during the lockdown?
Check out our FAQ's on secure home working.
faqs
contact
Problems with your business IT? Contact us now for a consultation
Already a client of ours? If so we can help you right now
help
We are Illuminate and we shed light on IT solutions|
17 September 2020
Holding Data To Ransom – Surely That Only Happens to Big Businesses

Holding Data To Ransom – Surely That Only Happens to Big Businesses

Cyber criminals and how to protect against them

Man over computer in hood

Nope, don’t be fooled by the headlines.  Headlines are intended to be attention grabbing, the media don‘t  report on SME’s because they don’t grab attention as much as Google, BA or other big public organisations.

Cisco estimates that 54% of SME’s suffered a security breach globally in 2018

One small business in the UK is successfully hacked every 19 seconds, according to Hiscox.

Why would my business be targeted?

Cyber criminals don’t ‘target’ you as such, unless you hold juicy information that they could make money out of by selling to the press.  The criminals aren’t interested in the information held on your systems about your clients. They are interested in the value your data has for you. They understand your data is precious to you and that you will pay good money to get it back.

The worst thing you can do is to pay the ransom and here’s why:

  • You are funding further crime, ransoms are used to fund other types of criminal behaviour
  • The cyber criminals will know you are an easy touch and will come back for more
  • You may still not get an unencrypt key. Even if you do get one, it may not work
  • Your data might be corrupted or have bits missing
  • They may have further copies held elsewhere and publish these for sale on websites or threaten to publish the details publicly.

It can make or break your business.

How can I protect my business?

Create a security culture, that starts from the top of the organisation

All of us should have security of data at the forefront of our minds in everything we do, every single day.

Consider these easy measures:

  • Think about what can be seen on a laptop on a train to a screen through a window
  • Be careful with social media. What you, your staff and your family post on social media could expose you to risk. Lots of hackers will get to a CEO by watching what their families post on social media and then contact them pretending to be their son/daughter or another relative
  • Be wary of information given out on a telephone call (vishing)
  • Act responsibly with passwords; don’t leave passwords on post-its, don’t use the same password for every employee, the same password for every site/account.

Implement some quick wins that will help to protect your data and business:

  • Staff are the gatekeepers to your data, make sure staff education consists of regular short courses that are interactive. Incentivise your staff to take part.
  • Hold several backups of your data. Make sure they are in separate places (cloud too). And regularly test your backups.
  • Encrypt as much as you can. Avoid using USB drives, they’re not necessary now we have cloud storage
  • Use good strong passwords, you don’t need to change them often if they are secure enough, only change if they are compromised. Use a password manager rather than using the same password for every site.
  • Run software updates, windows updates, firmware updates where they are available, these are vital to keep software and hardware safe from vulnerabilities. Yes they are boring and take time but they will often speed up a slow computer.
  • Make sure you implement multi-factor authentication – something you know and something you have (password and a second method) avoid text to phone, use mobile authenticators applications where possible as text messages can be infiltrated by hackers too
  • Use biometrics (face, retinal or fingerprint scanner) or at the very lease a pin code to your phone and other devices.

A full security audit and gap analysis is the most robust solution for SME’s who take their security concerns seriously.

Take a look at Cyber Essentials as a first step to Cyber Security within your organisation.

Phone on a lock screen, security

Categories: CyberEssentials

Call us on 0131 603 5500

Have you got a question? We'll have the answer. Get in touch and we'll get your problem solved. Call us or pop in for a cuppa, our kettle is always on. You can also find us on Facebook, YouTube, and LinkedIn.

If you would like to find out more about how we keep your information safe please refer to our privacy policy.

    To comply with data protection regulations (2018), we are unable to store and use your information unless you give us your permission. Please select Yes to allow this. View our data protection policy for details.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Find out about the giving impact Illuminate have made through B1G1

    B1G1 SDG

    B1G1 SDG

    B1G1 SDG

    B1G1 SDG

    B1G1 SDG

    B1G1 SDG Sustainable
    LEARN MORE
    © Illuminate Technology Ltd 2022. All Rights Reserved. Registered in Scotland No. SC33493.
    Midlothian Innovation Centre, Pentlandfield Business Park, Roslin, EH25 9RE

    design by rocketshed
    © Illuminate Technology Ltd 2022. All Rights Reserved.
    Registered in Scotland No. SC33493.
    Midlothian Innovation Centre, Pentlandfield
    Business Park, Roslin, EH25 9RE

    design by rocketshed