Your staff could be your largest IT risk to your company. Despite all the money you’ve spent on the right hardware and software, the best practice configurations, and the management of your IT infrastructure, you may have forgotten about the other part of the equation. Your people.
You hired the right people of course. They have great personalities, understand how to work together and you’ve given them any training they need to be super-efficient at the jobs they love. That’s the dream, absolutely. As a business owner, if all of the above is true I’m sure I’d be feeling safe and secure about my business. But then, on a super busy and hectic day, an accounts payable clerk gets an e-mail that looks like it is legitimately from one of the bosses. It is asking for a sum of money to be paid to some account for one reason or another and this clerk goes ahead and pays thinking they are just following the correct process. This clerk never noticed the very small change in the e-mail address from which they received the e-mail. They were busy and they were just doing their job.
Another example is of companies receiving fake threats of attacks if they don’t pay. Because of the time they haven’t invested in educating themselves, or their staff, what do they do? They pay. The threat was never real. There was never going to be an attack. But they didn’t know that, so they did what they thought they had to do. To this new “fake” threat, businesses have already paid over $100,000 to scammers.
There are lots more examples of where a lack of training or understanding has led to staff inviting different infections into businesses costing money in downtime or ransoms or lost data. Don’t let this happen to you by ensuring your staff are “IT Educated”.
Ask yourself:
1. Do you and your staff know how to spot a fake e-mail?
2. Do you and your staff know how to spot a fake link?
3. Do you have a process in place that makes it impossible for a payment to be made unless it’s a legitimate account?
Talk to your IT provider today to make sure you’ve covered both sides of the equation to your businesses security.
