Guest post by Ludovic Rembert.
If you run a small business, you probably feel that you’ve got plenty to worry about. Your daily to-do list likely includes an array of tasks, from producing video marketing to working out ways to drive more traffic to your website.
Consequently, protecting your network from cyberthreats isn’t always top of mind. Even if you were careful during your initial network setup to put in place some basic security tools and processes, this is unfortunately not the end of the story.
Cybersecurity is a bit like a game. As hackers get more creative and start to use more exotic and advanced techniques, you also need to up your level of knowledge and protection. Here’s a look at some of the more unusual—or easily overlooked—aspects of cybersecurity, and how you can limit your vulnerability to them.
Advanced Phishing Techniques
You may think you know what a phishing email looks like, and it’s true that some are easy to spot. If someone offers to send you money and says they need your bank details to do that, you’re going to recognize the sender as a scammer.
Unfortunately, phishing techniques have gotten much more complex, and a lot more creative, over the past few years. Scammers now regularly make use of advanced social engineering techniques to gain your trust before stealing your data. These have included long-term approaches in which hackers pose as genuine customers or suppliers.
This type of advanced attack is frequently directed toward one group: the marketing team. This approach might sound strange, given that your IT staff has higher levels of access to sensitive data. But phishers love marketing teams for two reasons: they tend to trust the people they meet, and they often aren’t sophisticated about cybersecurity.
Think about it: a typical social media marketing plan involves the marketing team reaching out to potential customers and building trusting relationships. That is exactly the model that phishers use as well.
In some cases, phishing attacks are getting so polished that it’s almost impossible to spot them. The best response to the rise in this form of attack is to improve your technical defenses. Implementing the principles of both responsible data acquisition and responsible data retention is key.
That means, primarily, making sure that you grant access to data only to those staff who need it to do their job—no one else.
Another major concern for cybersecurity professionals today is the huge number of threats that originate from within organizations—so-called “insider threats.”
One reason for the explosive growth in this kind of threat is, ironically, the increased consciousness of cybersecurity. As staff becomes aware of how common hacking is, some less-than-ethical think they can make a quick buck by abusing their access.
The numbers bear this out. An astounding 34% of data breaches in the 2019 Verizon Data Breach Investigations Report involve internal actors, and according to the 2019 Varonis Data Risk Report, 17% of all sensitive files were accessible to every employee.
Insider threats are particularly common when an employee has just left the job. If an employee leaves your company on bad terms, be aware that the access you’ve given them to your systems can be used to attack you. You should have in place managerial systems that automatically restrict or terminate access when an employee leaves.
Don’t stop there, though. You should also regularly review the access you have granted to all your employees, and make sure it is appropriate. The best way to protect the data in your systems is to limit access to it as tightly as feasible. People can’t steal what they can’t get to.
Many small businesses now make extensive use of remote working technologies, including remote desktops and cloud storage. These technologies can unquestionably benefit small businesses, providing a greater level of agility.
Less publicized are the dangers of remote working. By definition, if your staff is working off-site, they are more exposed to attacks than they are when sitting in your office, behind a firewall.
There are several methods for making remote working more secure. The most obvious is to limit access to your business network for those connecting from outside. This might mean that your employees have to think ahead and download the documents they need before they go to their meeting. That’s inconvenient, but it keeps your core systems safe.
If you want all of your systems to be accessible to employees working remotely, you can do that. Just be careful. You should secure your internal communications by using secure, encrypted messaging systems and secure email.
Additionally, make sure all of your employees use the best encrypted VPN services when working outside the office. This ensures that all of the information they exchange from their home or remote office is encrypted and can’t be stolen by hackers.
Stay Sharp, Stay Secure
One noteworthy feature of emerging cybersecurity threats is that they often don’t involve technology at all. Instead of trying to get around advanced security defenses like biometrics and multi-factor authentication, hackers are now taking a more direct approach. Why spend the time cracking a network when they can convince an employee to just give them access?
As threats continue to evolve, protecting your network will require constant vigilance, creativity, and agility. Above all, it means staying on top of threats as they emerge, and shutting down security vulnerabilities before they become dangerous. Reading this article is an important first step.
Ludovic Rembert is a security analyst, researcher, and founder of PrivacyCanada.net. He spent his career (before semi-retirement) as a network security engineer working in both industry and academia, and more recently has begun freelance writing on a variety of technical topics.