Is your Business making these cyber security mistakes?

Is your Business making these cyber security mistakes?

Is your business making these cyber security mistakes?

It feels like every day we’re being warned about a new threat to our cyber security, doesn’t it? That’s for good reason. Last year, ransomware attacks alone affected 81% of US businesses.

And the cost of cyber-crime is estimated to hit $10.5 trillion by 2025, according to the ‘2022 Cybersecurity Almanac’. But we’re still seeing far too many businesses that aren’t taking this threat seriously. It’s not only your data that you could lose if your company falls victim to a cyber-attack. The cost of remediation or mitigation can run into tens of thousands of $$$.

And at the same time, you’ll suffer an average of 21 days downtime after a cyber-attack. Imagine… 21 days without being able to use all your business technology as normal. It doesn’t bear thinking about.

That’s not to mention the loss of trust your clients have in you, which could lead to you losing their business.

It’s really important that your business is taking appropriate steps to keep your data safe and secure. That most likely means a layered approach to your security. This is where several solutions are used, which work together to give you a level of protection appropriate to your business. This reduces your risk of being attacked. And makes recovery easier should you fall victim.

It’s worth pointing out that you will never be able to keep your business 100% protected from cyber-attacks. Not without totally locking down every system, to the point where it would be very difficult to do business (and your staff would constantly be looking for ways around the enhanced security).

No, the key to excellent cyber security is striking the right balance between protection and usability.

There are three mistakes that are most commonly made by businesses – and they’re also some of the most dangerous mistakes to make.

Is your business making any of these?

Mistake 1) Not restricting access

Different employees will have different needs when accessing company files and applications. If you allow everyone access to everything it opens up your entire network to criminals.

You should also make sure to change access rights when someone changes roles, and revoke them when they leave.

Mistake 2) Allowing lateral movement

If cyber criminals gain access to a computer used by a member of your admin team, that in itself might not be a disaster.

But what if they could move from your admin system to your invoicing system… and from there to your CRM… and then into someone’s email account?

This is known as lateral movement. The criminals gain access to one system and work their way into more sensitive systems.

If they can get into the email of someone who has admin rights to other systems or even the company bank account, they can start resetting passwords and locking out other people.

Scary stuff.

One strategy against this is called air gapping. It means that there’s no direct access from one part of your network to another.

Mistake 3) Not planning and protecting your assets

Businesses that work closely with their IT partner to prepare and protect are less likely to be attacked in the first place.

cyber security mistakes

And will be back on their feet faster if the worst does happen.

You should also have an up-to-date plan in place that details what to do, should an attack happen.

This will significantly shorten the amount of time it takes to respond to an attack. That means you’ll limit your data loss and the cost of putting things right again.

If you know you’re making one (two, or even three) of these mistakes in your business, you need to act quickly. We can help.

IT Haven is the best Managed Service Provider in the Tri-Cities.

If you can call us, we’ll review your current security arrangements and offer insight on how you could make it more secure for your business.

Top 3 Worst Password Mistakes Business Owners Should Check For

Top 3 Worst Password Mistakes Business Owners Should Check For

Top 3 Worst Password Mistakes Small Businesses Make

Three huge but common password disasters are being committed every day by staff all over the world, even in Tri-Cities, WA.

And now, IT experts are warning small businesses owners to check for them… then take urgent action to protect their businesses data… and their employee’s. We see these disasters happening all the time because people don’t realize how dangerous they are. Recently, a major credit bureau was hacked in South Africa because its server’s password was the word ‘password’. And data was also stolen from graphics card maker NVIDIA, as one of most common passwords used by its employees was… ‘nvidia’. These big business disasters are easy to laugh at. But we see disasters like these being made by staff working for small businesses in Tri-Cities every day.

password mistakes and issues IT Haven’s Top Three Password Disasters are:

Here are the top three mistakes people make when choosing a password:

  1. Using easy to guess passwords such as ‘password’, ‘qwerty’ or ‘123456’. These can be cracked in seconds by automated cyber-crime software;
  2. Using the same password across multiple applications;
  3. Writing down passwords, or sharing them with others.

Cyber criminals are targeting all Tri-Cities businesses all the time, using automated software to find weaknesses and exploit them, so having a complicated password can save your business massive headaches down the line. Making any these password disasters is the data security equivalent of leaving the key in your house’s front door, next to a giant sign saying, ‘come in, valuables upstairs’.

Best Tools for Managing Passwords

At IT Haven, we recommend that all local businesses use a password manager. This is software that generates long random unique passwords – and then remembers them, so humans don’t have to.

Making the password random and long reduces the likelihood of a successful brute force attack, which is when the password is guessed by software by trying lots of common combinations of keys and phrases.

Replacing a six character password with a 12 character one makes it 62 trillion times longer to crack.

IT Outsourcing and Cyber Security You Can Trust – IT Haven

IT Haven specializes in outsourcing IT services to support local businesses in the Tri-Cities and help manage their cyber security. We engage in relationships with our clients and aim to provide the best customer relationship we can to ensure your business is growing while the technology around you grows. Give us a call today at 509-972-6375 or fill out our online contact form.