AZCOMP Technologies IT March 2019

855-556-4677 www.azcompit.com

MARCH 2019

Empowering Small Practices to Deliver the Best Care

IT

World famous cryptographer Bruce Schneier once said, “Only amateurs attack machines; professionals target people.” The reason is simple. While technology improves all the time, humans are prone to making mistakes. A hacker has no idea how sophisticated a defense system will be until they make an effort to penetrate it. However, they know exactly how to prey on unsuspecting employees to bring a computer network to its knees. People make mistakes. It’s one of the basic facts of life and certainly something you’ve experienced as a business owner. No matter how many failsafes you put in place, your employees will eventually leave the building without arming the alarm system. No matter how many times you make it a company-wide mandate to clean your dishes, somebody will still leave a crusty plate in the sink. However, when it comes to mistakes that compromise your cybersecurity, you don’t always have a chance to fix them. When small businesses get hacked, they have over a 50 percent chance of closing within six months. It makes absolutely no sense that employers don’t spend time training their teams on how to behave safely online. In an effort to help you understand why training is so essential, I want to detail three ways hackers use human vulnerability to penetrate networks and access private information. When you see things from a hacker’s perspective, it’s easy to see why humans are the easiest targets. SOCIAL ENGINEERING In the world of computer science, social engineering refers to the process by which a hacker exploits a person into giving up confidential information, most commonly through phishing emails. Using cues that a user finds comfortable and familiar, a cybercriminal places a nefarious link within an innocent-looking email. At their worst, phishing emails look like an elementary school attempt to mimic an official message. At their best, however, they can be extremely convincing. JUST MACHINES And Some of Those Humans Are Your Employees HACKERS ATTACK HUMANS, NOT

The best way to defend against social engineering is training. If an employee doesn’t understand the threat of phishing, there’s no reason for them to be skeptical of emails they receive. You can even set up pseudo-phishing tests to let you know which team members are most susceptible to clicking on something they shouldn’t. FAILURE TO UPDATE AND COMPLY Like it or not, some of your employees are going to try to bypass any safe internet measures you implement. According to cybersecurity firm Dtex Systems, 95 percent of businesses have one such employee on staff. It’s important to make sure all employees follow whatever security rules you establish. There’s no worse fate than suffering a preventable attack because one person thought it was no big deal to install Facebook Messenger on a company laptop. The biggest compliance issue is updating apps and software. Many people regard updating as a nuisance, even though it rarely take longer than a few minutes. These updates contain the latest security fixes, which are a crucial line of defense. Without them, you make your system a target for hackers. THE PROVERBIAL INSIDE MAN Even worse than employees who don’t regard the rules as important are those who act intentionally against the interests of your company. In the vast majority of cases, people who sell confidential login credentials or other private information are disgruntled employees who are angry about being fired. To keep this from happening, deactivate accounts the second somebody is no longer an employee. These favored methods for hackers prove just how essential employee training is for proper cybersecurity. We can help your team learn the tools and gain the awareness required to deter criminals. It’s part of our job. –Byron Adams

855-556-4677 AZCOMP Technologies www.azcompit.com • 1

Published by The Newsletter Pro • www.TheNewsletterPro.com

www.azcomp.com

Made with FlippingBook - Online catalogs