Handling postal service disruptions at Christmas
For franchises that sell products online and ship them...
As much as you may hate to admit it, your business is a prime target for hackers and scammers who will attempt to exploit any vulnerabilities in your technology to access your data and disrupt your operations.
.
What we've learned from the faulty CrowdStrike update
The recent faulty CrowdStrike security update affected 8.5 million Windows users, causing widespread disruption across a number of industry sectors, but security specialists warn that the danger is far from over.
Many reports suggest that malicious actors are attempting to access business and personal information by presenting themselves as technology specialists whose aim is to help customers recover from the outage. Some have claimed to be CrowdStrike employees to gain customer trust, but you should be warned that any unsolicited contact from technology or security specialists is most likely a phishing attempt.
.
How to tech-protect your business
While computer outages of the scale of the recent CrowdStrike update failure are thankfully rare, they demonstrate the interconnected nature of our digital world and the immense fallout that can occur when we are entirely reliant on computers to manage our businesses.
These outages also demonstrate the lengths that malicious actors are willing to go to exploit people and businesses when they are at their most vulnerable. Learning from this event is essential for avoiding future problems and helping businesses remain unscathed by hacking and phishing attempts.
.
Make your business less vulnerable
Strengthen your security settings and ensure that all employees with access to business data understand their role and take their responsibility for managing data seriously. Implement rigorous data security training, and be very clear about the consequences of breaching company data management policies.
Make sure that employees all have their own profiles and only access data they need for their role. By compartmentalizing data, you can reduce the risk of a wide-scale breach in the event that an account is compromised. Encourage employees to set unique passwords and change them regularly to minimize the risk of them being guessed.
.
Don't click on unknown links
Do not click on links from unknown senders, in unexpected emails, or from companies that you would not usually expect to contact you in this manner. If the email looks genuine, call the telephone number that is listed on the company's own website to verify its legitimacy and not the one on the email itself.
If you or an employee inadvertently click on a phishing link or allow a malicious actor remote access to your machine, act swiftly to safeguard your company data. Report the breach and follow specific advice for halting their access, changing passwords as necessary, and proactively notifying any customers or stakeholders whose data may have been compromised of the situation and the plan for containing it.
.
Always be suspicious
Technology companies do not approach their customers to fix their problems unless they have been asked to do so, so if you are contacted by a company - even one that seems very informed about the issue you are experiencing - it is a scam and should be reported as such.
Tech-protecting your business is essential to maintain your reputation, earn your customers' trust, and build business resilience.