How much could poor security cost your business?
Have a spare $2.82 million? That’s how much you can expect to pay, on average, if your organisation falls victim to a data breach in Australia.
Have a spare $2.82 million? That’s how much you can expect to pay, on average, if your organisation falls victim to a data breach in Australia.
Poor security is one sure-fire way to send your organisation into the red – or at least to the bank manager for a loan. Research by Ponemon Institute and IBM estimates the average cost of an Australian data breach to be $2.82 million.
What’s more, this figure is expected to rise. Commenting on the findings, Ponemon Institute’s founder and chairman, Dr Larry Ponemon, said breaches are happening more often. They are also increasingly expensive to resolve.
If you’ve heard of TorrentLocker, you’ll know how destructive a corporate data breach can be. A strain of ransom ware, TorrentLocker encrypts user files and data backups, rendering information useless until the victim pays a ransom via digital currency Bitcoin.
Since 2014, TorrentLocker has affected more than 16,000 Australian businesses and individuals. The total cost to businesses, according to the Australian Cyber Security Centre’s 2015 Threat Report, is more than $8 million.
Here’s how to protect your business from increasingly clever – and costly – security threats.
Get serious about user authentication
Every organisation should have clear, defined processes for authenticating and authorising users. The type of authentication you need (i.e. two-factor, one-time password, etc.) will depend on the nature of your organisation and the type of data you handle.
At a minimum, consider protecting sensitive data with two-factor authentication and lock down roles and permissions so that users can only access data that is relevant to their day-to-day activities.
You may also like to supplement user authentication measures with extra security including SSL (secure sockets layer), custom audit trails and encryption of sensitive data like customer credit card information.
Tighten your network security
Keeping malicious activity at arm’s length can take more than firewalls and antivirus software. When it comes to protecting your networks, you may also benefit from extra security considerations including VPN (virtual private network), secure wireless and malware, phishing and intrusion prevention.
Tips for success:
Stay up to date with new threats as they’re discovered.
Make time for employees to install software upgrades and patches on all devices used for work purposes.
Keep firewall and antivirus software up to date.
Ensure employees are familiar with your acceptable use policy.
Teach employees how to recognise and respond to a potential data security breach.
Secure mobile devices and printers
It’s not just disgruntled former employees who want to hack into corporate networks. According to the government’s Cyber Security Review, most security breaches are conducted by organised crime gangs. Of the 92 per cent of breaches perpetrated by outsiders, former employees account for just 1 per cent.
No matter who is behind the breaches, the fact is that over 70 per cent of security threats target end users. The reason is simple: the easiest way to your organisation’s data is usually through an unsecured device like a smartphone or printer.
To keep mobile devices safe, set clear, defined processes for authorising user access on unsecured devices. Grant only necessary user permissions for corporate email, files and other sensitive data, and enable remote-wipe functionality as standard.
For printers, look for smart printing solutions that only print documents when a user is at the device. Consider monitoring sensitive documents so you always know who has accessed them, who has printed them and at which device.
Be proactive about monitoring and auditing
There’s no such thing as set and forget when it comes to online security. Real-time monitoring and regular audits are two of the most effective ways to identify threats before they occur.
By monitoring networks, applications and traffic, organisations can ensure users are only performing the activities they are authorised to perform. It is also easier to spot security shortcomings and track and stop unwanted or unauthorised activities. Industry experts recommend round-the-clock monitoring and annual audits for optimal results.
As hackers become increasingly skilled at infiltrating corporate IT, organisations must take a proactive approach to preventing, identifying and thwarting expensive data security breaches. This means staying up to date with the latest threats, following industry best practices and ensuring employees know how to spot and respond to potential threats. Taking action to resolve poor security measures now could save your organisation millions of dollars in the long run.
For forward-thinking legal firms alternative legal services (ALT) an exciting opportunity to shape the future. Is ALT the next step for your practice?
Canon’s uniFLOW print management software can connect with major practice management software
Managing your information security is a complex business. Like any device connected to your network, your printers could be jeopardising your information security if not implemented and managed carefully.
Confidentiality is essential in the legal profession and the stakes are high for your clients and your professional reputation. Canon’s iR-ADV Gen III Series III multifunction devices are designed to boost efficiency and are packed with security features to minimise the risk of cyber-attack.
How to settle on the right practice management software for your business
If you lead an established, market-leading firm, you face a dilemma.
AI has shifted from being experimental technology to the mainstream. Here are six areas where AI is impacting the legal industry right now.
In this digital world, data management is a significant responsibility and a data breach is an equally significant risk. Should things go wrong, businesses must take steps to minimise the impact. With the changes to the Privacy Act coming into effect this week, Andrew Giles, Head of Public Relations and Communications for Canon Australia, shares insights on how to preserve trust and maintain strong customer relationships.
If you're on the Internet, you face security risks. You can no longer afford to assume that your business won't be a target because you're not big enough. Here are some big business takeaways that can substantially benefit your business' security.
Discover how to protect your data and ensure the safety of your cloud solution.
With cyber crime and data breaches on the rise, how can you protect the cyber safety and security of vital public sector organizations?