Prevention is better than cure
Would you leave your house door open whilst you went on holiday?
Would you leave your keys in the car?
I am not a betting man, but I suspect that 99% of you would say so NO to these questions. And yet, perfectly rational and sensible business owners metaphorically, leave the front door to their IT systems wide open.
Now, you may think that I only believe that companies who have invested thousands and thousands of hard earned cash on multi-level, super clever, all singing all dancing digital engineering solutions would be protected; but think again. I am talking here about organisations who do not have, or only have free anti-virus software. They also allow their teams’ remote access to their networks without any security checking or access controls (The password ABC123 is not a password!) or who allow company devices to be connected through public Wi-Fi hotspots without adequate precautions or encryption.
My message here is twofold. Closing the stable door after the horse has bolted is frankly a waste of time, put in place a proactive process of system reviews. Take headings such as:-
- Network Security
- Protection of Personal Information
- Protection of Information Assets (This is anything that is valuable to your organisation, people, IP, copyright, research etc)
- Any other significantly important assets to your organisation
Secondly, train your team why it is important to do things the way you do. For example you could tell someone to clean a table, and they would do so. But explain to them ‘why’ they need to clean the table, and the implications of not doing so; say food poisoning, customer perception etc, and they will not only do a better job, but encourage others to do so.
By providing both the infrastructure to protect your information assets and educating your team in actively monitoring and managing the processes you will substantially reduce the risk of a cyber-attack.