The global damage of cybercrime has risen to an average of $11 million USD per minute, which is a cost of $190,000 each second.

60% of small and mid-sized companies that have a data breach end up closing their doors within six months because they can’t afford the costs. The costs of falling victim to a cyberattack can include loss of business, downtime/productivity losses, reparation costs for customers that have had data stolen, and more.

You may think that this means investing more in cybersecurity, and it is true that you need to have appropriate IT security safeguards in place (anti-malware, firewall, etc.). However, many of the most damaging breaches are due to common cybersecurity mistakes that companies and their employees make.

The 2021 Sophos Threat Report, which looked at thousands of global data breaches, found that what it termed “everyday threats” were some of the most dangerous. The report stated, “A lack of attention to one or more aspects of basic security hygiene has been found to be at the root cause of many of the most damaging attacks we’ve investigated.”

Is your company making a dangerous cybersecurity mistake that is leaving you at high risk for a data breach, cloud account takeover, or ransomware infection?

Here are several of the most common missteps when it comes to basic IT security best practices.

Not Implementing Muti-Factor Authentication (MFA)

Credential theft has become the top cause of data breaches around the world, according to IBM Security. With most company processes and data now being cloud-based, login credentials hold the key to multiple types of attacks on company networks.

Not protecting your user logins with multi-factor authentication is a common mistake and one that leaves companies at a much higher risk of falling victim to a breach.

MFA reduces fraudulent sign-in attempts by a staggering 99.9%.

Ignoring the Use of Shadow IT

Shadow IT is the use of cloud applications by employees for business data that haven’t been approved and may not even be known about by a company.

Shadow IT use leaves companies at risk for several reasons:

  • Data may be used in a non-secure application
  • Data isn’t included in company backup strategies
  • If the employee leaves, the data could be lost
  • The app being used might not meet company compliance requirements

Employees often begin using apps on their own because they’re trying to fill a gap in their workflow and are unaware of the risks involved with using an app that hasn’t been vetted by their company’s IT team.

It’s important to have cloud use policies in place that spell out for employees the applications that can and cannot be used for work.

Thinking You’re Fine With Only an Antivirus Application

No matter how small your business is, a simple antivirus application is not enough to keep you protected. In fact, many of today’s threats don’t use a malicious file at all.

Phishing emails will contain commands sent to legitimate PC systems that aren’t flagged as a virus or malware. Phishing also overwhelmingly uses links these days rather than file attachments to send users to malicious sites. Those links won’t get caught by simple antivirus solutions.

You need to have a multi-layered strategy in place that includes things like:

  • Next-gen anti-malware (uses AI and machine learning)
  • Next-gen firewall
  • Email filtering
  • DNS filtering
  • Automated application and cloud security policies
  • Cloud access monitoring

Not Having Device Management In Place

A majority of companies around the world have had employees working remotely from home since the pandemic, and they’re planning to keep it that way. However, device management for those remote employee devices as well as smartphones used for business hasn’t always been put in place.

If you’re not managing security or data access for all the endpoints (company and employee-owned) in your business, you’re at a higher risk of a data breach.

If you don’t have one already, it’s time to put a device management application in place, like Intune in Microsoft 365.

Not Providing Adequate Training to Employees

An astonishing 95% of cybersecurity breaches are caused by human error. Too many companies don’t take the time to continually train their employees, and thus users haven’t developed the skills needed for a culture of good cybersecurity.

Employee IT security awareness training should be done throughout the year, not just annually or during an onboarding process. The more you keep IT security front and centre, the better equipped your team will be to identify phishing attacks and follow proper data handling procedures.

Some ways to infuse cybersecurity training into your company culture include:

  • Short training videos
  • IT security posters
  • Webinars
  • Team training sessions
  • Cybersecurity tips in company newsletters

When Did You Last Have a Cybersecurity Checkup?

Don’t stay in the dark about your IT security vulnerabilities. Schedule a cybersecurity audit to uncover vulnerabilities so they can be fortified to reduce your risk.

Simply fill out our form or call us on 01423 423068 / 03330 509625

This Article has been Republished with Permission from The Technology Press.

 

 

IT Support in Harrogate

Carl Matthew Hamilton

Carl has the experience required to solve any IT queries & manage your IT infrastructure.

With over 20 years in the IT industry and a vast amount of experience and author of 303 posts and many more waiting to be published.

Subscribe To Receive The Latest News

Subscribe to find out first about new content.

See our Privacy Policy.

Need help or want to know more?

If you would like to learn more or are in need of support. Or would like to discuss working together, book an appointment or call 01423 423068

Interested and want to help smooth the process? Install our Onboarding toolYou can also try to reach us via our HubSpot Live Chat.

Schedule An Appointment

We would love to hear from you regarding any Outlook or Microsoft 365 Support, IT Support, Cyber Security, WordPress Website Design, or any Computer Support request you may have. Get the best out of Harrogate & Yorkshire IT Support.

Please note if you are a client and need to request IT Technical Support,  please use our Client Portal

Contact Us

Tel: 01423 423068

E-mail: hello@hamiltonsystems.co.uk

Online Support Portal: Client Portal

Need a quick chat or request? Try our HubSpot Chat from this page. Alternatively, use our WhatsApp Chat

Book with us

Loading...
Hamilton Systems

Looking For Better IT Support?

Unhappy with your IT Support or getting slow response times? Let us help provide a solution to suit you. Complete the form to arrange your callback & get your FREE IT audit.

Our email wasn’t performing very well so we asked Hamilton Systems to take a look & Carl proposed to migrate us to MS Exchange.

Carl was very helpful throughout & the migration went very well.

He was on hand to sort out any teething issues, taking calls early morning & into the night, to ensure we were up & running smoothly.

Would recommend for knowledge, attention to detail & great customer service.”

Ian Porter

Fotofabric Limited

Hamilton Systems

Book A 15 Minute Video Call

IT Support in Harrogate

Carl Hamilton

Managing Director
  • 22+ Years IT Experience

  • Business Phone Systems (VOIP)

  • Cyber Security Specialist

  • Experts in Outlook Support &  Migrations

  • IT Support in Harrogate

  • Outsourced IT

  • Social Media Management

  • Website Hosting & SEO Management

“Extremely helpful and proficient technical support. Provided one-off troubleshooting when I required support to recover Outlook. Carl was knowledgeable, polite, and patient in resolving my issue Highly recommended.” – Pras Legal Corp.

Book Your 15 Minute Video Discovery Call

Unhappy with your existing

IT Support?

Talk To Us

Call us 03330 509625

Published On: May 10th, 2022 / Categories: Cybersecurity /