Huge security breaches like Colonial Pipeline get the big headlines, but many small to medium size businesses also get hacked.
One big reason: A company’s own employees unwittingly open the door to hackers.
Human errors and accidental losses lead to many data breaches, which can be especially fatal to small and medium-sized businesses.
They click items without thinking first, they release dangerous things that have rightly been sent into the spam folder, and they are lured by “phishing” attacks.
So it’s vital that businesses provide training and emphasize the importance of comprehensive security to employees. These steps will help avoid breaches, which are often due to thoughtless or uninformed workers.
5 common mistakes
An article in the Business Journals listed five too-common mistakes:
- Inexperienced or unsophisticated employees open links or files that can be downloading malicious software known as “ransomware.”
This hack can shut down a computer until the user pays a fee – ransom – to allow the system to resume operations. This is an expensive and time-consuming process.
- Employees are hooked by phishing scams – bogus yet realistic-looking emails that can convince users to click on malware like ransomware.
- Cybercriminals feast on simple passwords which let them access business data and a company’s computers.
Employees should be required to frequently change passwords. These passwords need a combination of numbers, letters and symbols to be effective.
- Social media can provide information that criminals need to hack into a company’s computers.
For example, many firms require new employees to draw up a series of security questions – high school, pet names — if they need to recover their account or password. But determined criminals can search Facebook and other social media to find these answers, too.
Lax security kill business
Loose computer security also leads to malware, software designed to damage or disable computers and computer systems.