IT security is a topic that has grown in importance in recent years. This is a trend that is set to continue, and it is something that all business owners and directors will have to become familiar with. Why? You should take an interest in the IT security of your business because it can be costly if you don’t.
A common mistake is to think that IT security breaches only happen to large organisations. After all, why would hackers be interested in your small business in Sligo, or anywhere else in Ireland?
The impact of online security is much wider than the stories that we hear in the news of international companies getting hacked, or news organisations getting hijacked, or credit card details in their millions being stolen. Online security breaches can affect you too. Here are some common examples:
- Your website could get hacked
- Disgruntled ex-employees with access to internal systems, social media accounts, or websites can cause huge amounts of reputational damage – and worse
- Poor access controls can result in employees having access to information, systems or data that they shouldn’t
- And many more
Your business faces a number of risks from IT security:
- Direct theft of goods or cash
- Lost time when systems go down
- Costs associated with rectifying security breaches (repairing websites etc)
- Lost revenue if customers cannot access your services – for example, if your website is down
- Fines from regulators – for example, if the private data of your customers is compromised
- Reputational damage
The Importance Of Passwords
Central to the protection of your business from the various IT security threats that exist are passwords – the passwords that you use, and the passwords that your employees use.
This is not an easy subject though. Just think of how many usernames and passwords that you have – to get into your internal systems, your accounting software, your email, your Amazon account, your phone, etc, etc. The list for most people is huge, and it grows all the time, and remembering all these passwords is a challenge.
It is not surprising, therefore, that most passwords that are used in businesses, or by your employees, are either generic (password, pasword123, the name of your business, etc), or are common passwords, i.e. the use of one password, sometimes with slight variations, across a range of accounts, services and systems.
The use of these sorts of passwords exposes your business to the risks highlighted above, so what can you do. Here are some suggestions:
- Use a password manager – password managers create and store complicated and unique passwords for all your online accounts so you don’t have to remember them.
- Implement two-factor authentication – this involves using a password in conjunction with another way of authenticating users, such as a fingerprint, or an IP address. Access is denied unless both match up.
- Educate staff – this is the most important part of the process, and it needs to start from the top of your business with directors and senior managers stressing the importance of good password control
You should insist on the following from your staff:
- Use unique passwords for work related accounts that are different to the passwords they use for personal accounts
- They shouldn’t share passwords, even among team members
- The passwords should not be guessable – like password123 or something equally easy to guess
When you hear about IT security breaches or data theft most people think of computer experts sitting in front of lines of code hacking their way into systems. Very often this is not the case, though. A lot of “hacking” is done by people guessing passwords, or tricking others into giving them the password. Following the tips above will go some way to protecting your business from this risk.
Need some IT Security Guidance or Training?
If you wish to conduct a training session with staff to highlight the importance of IT security or have a review of your current practices contact our IT team at the link below for more: