There is no doubt that you have read countless news stories about the universal change in business since the onset of the COVID-19 crisis. Now, we need to go beyond the discussion of transitioning to a remote workforce.
It is time to go behind the scenes and discuss a "Security First" issue. Protect your company data as we all face new challenges.
Change in the business landscape
As business leaders, sometimes we are standing in the middle of a forest of trees, and we may not fully notice a new trend. Often, it is statistics that open our eyes to the magnitude of change.
How much has the business landscape changed since March 1, 2020?
Here are some stats from a recent eCommerce review, prepared by Forbes.com. There was a lot of great information in this study, but these stats from Q2, 2020, grabbed my attention.
- E-commerce: jumped $52 billion.
- Memorial Day sales: jumped 75% from $2 billion last year to $3.5 billion this year.
- BOPIS: buy online, pick up in-store grew 195% in May
To economists and business owners, the statistics represent a hopeful feeling on the recovery of the economy. To the MainSpring team, the stats represent a massive wave of business and customer data that must be protected.
Could I face a business data breach?
Again, let statistics answer this common IT question. How vulnerable are you to a breach? Here is an excerpt from a Bussiness.com story that will grab any business manager’s attention:
Data breaches and fraud are problems for businesses of every size, affecting over 25% of businesses with an average fraud loss of $38,000. That's enough to push many small businesses into bankruptcy. - Business.com.
With the stat that 25% of businesses are affected by a data breach, you may now want a substantial "Security First" plan to implement in your organization. The MainSpring team knows that the first step to protecting your company data is to create a human firewall.
Create a human firewall
Your employees can provide a line of defense against cyber-attacks, but how strong are both your employees and your current security plan? Jeremy Kaikko, vCIO at MainSpring, recently wrote a blog about Tackling Cybercrime with Computer Based Training.
In the blog, Jeremy writes:
It’s no secret that cybercrime is a lucrative business; Cybersecurity Ventures reports that it’s estimated to cost the world $6 trillion in damages by 2021. What’s more, ransomware alone is a multi-billion-dollar business. According to Verizon’s 2019 Data Breach Investigation Report, phishing is the number one threat used in successful breaches.
Are your employees a robust human firewall against phishing? On average, we have found that employee training is the cornerstone of creating a human firewall to protect your company data.
If you would like to see how your company stacks up against others in your industry, read about the MainSpring Automated Security Awareness Program or ASAP.
While you are on our website, take the ASAP test and see how you rank.
A new remote business world
As I write this blog, many businesses across the nation are still in the “remote workforce” mode of dealing with the COVID-19 crisis. MainSpring is an IT managed service provider in Loudoun County, Virginia, and Frederick, MD.
Our client footprint includes the Northern Virginia, DC, and the central Maryland region. At the onset of the crisis, many businesses, government agencies, and even schools rushed to implement a new remote plan.
Now is the time to review the plan and implement policy updates. Ensure that crucial security elements are in your Remote Workforce Plan.
Some aspects to include the following:
- Robust password policy.
- Create a policy around the use of both business and personal mobile devices, including laptops.
- Maintain a secure WiFi or VPN policy.
- Firm corporate social media policy (Don’t give away corporate information through either photo or text content posts.)
Update company software
Often, investigating a company data breach shows outdated software. A breach that will cost your company tens of thousands of dollars and may tarnish your brand could stem from obsolete software.
The negative impact in dollars and reputation far outweigh the cost of software updates and maintenance. Here are three protocols to implement immediately:
- Install anti-malware.
- Update software and automate future software updates.
- Implement operating system updates.
Do not let a lapse in software maintenance lead to a data breach. Review both your software license and versions and take action today.
Securely store company data.
How secure is your stored company data?
- Identify where data is stored and have a specific place to store all sensitive or confidential data.
- Ensure that all sensitive information is encrypted.
You may have already implemented a location and plan for storing sensitive corporate data, but that is only the first step.
Are you backing up your stored data? The second step to securing company data is to implement a storage backup plan.
You may have created a healthy company initiative to secure, store, and back up company data before the COVID crisis. Schedule a review of that effort.
During the rush to move your employees to remote teams, protocols may have slipped. Plans and training may now need to be updated.
Security first
MainSpring is a team of managed service providers working to provide a "security-first" platform for our clients. You will find a library of blogs and technology tips on our website, gomainsping.com.
About the Author
Ray Steen is the Chief Financial Officer & Chief Strategy Officer for MainSpring and has been with the firm since 2014. With over 25 years of experience in strategy, consulting and communications, his expertise arms clients with the strategies, tools and resources to meet their mission. Ray is a proud dad and coach of 5 kids, a fantasy sports nut and bleeds for the Chicago Bears and Boston Celtics.