There was an interesting article recently where a Madison County company was hacked due to the fact that an employee opened a phishing email asking for money, thus allowing the hackers access to the company computers. This is one of those situations where, even if you have the best, most up to date security systems in place, they can never stand up to employee errors such as this.
This is why we at AMA Networks always preach about creating a culture of responsibility with employees and educate them on best security practices. It’s all too easy to fall victim to these ever improving scams.
Email and phone scams are getting more and more difficult to defend against thanks to the fact that some hackers or scammers might already have a lot of information about you. Hearing someone read out your address over the phone can be rather convincing to some people.
Additionally, if a hacker can gain access to an email account, it can be very easy to pose as another employee in the company and trick others to open emails or respond to requests for information.
Another big issue is making sure that employees are aware of security protocol with files in the cloud. When employees can make sharable folders they sometimes inevitably make these folders public, whether by accident or ignorance. This is something that happened with All American Entertainment, a public speaking management company that inadvertently left an Amazon AWS cloud bucket in the “public” access controls. A security researcher found this vulnerability and outed the company.
However, many companies, despite the fact that they can and do “know better” still manage to make mistakes like this, and leave potentially damaging files out in the open. Many times hackers will snatch these files and hold them for ransom in exchange for not releasing them to the public which could be incredibly damaging to those affected as well as the company.
We always give our clients a list of AWS security best practices to follow, and we advise the companies to instruct their employees on these issues.
The nature of cloud storage makes it so easy to share files and collaborate, however keeping up with how to even use the technology is hard enough, let alone ensuring that you have an adequate grasp of how to properly share files with good security. This is why outsourcing IT security to a quality company is a good idea to ensure that these best practices are being followed and to help educate the company on how to do things differently if there are holes.
The importance of ensuring that systems are up to snuff in terms of security is growing more and more mainstream as big name companies fall victim to major data breaches and expose millions of customers to potential hacking and theft. Don’t let yourself become one of those companies on the shortlist of security fails!
IT security might cost money but it’s cheaper than the consequence of getting breached or hacked.