If you are a small business owner, you may want to spread the word to your employees, especially those who ‘hold the keys to the kingdom.’
Risk management has long been a major concern for any size business or organization. A growing business risk involves cyber security. For instance, you may have heard about the massively coordinated cyber attacks that recently took down two major social networking sites, Twitter and Facebook.
Cyber attacks are also threatening small to medium-sized businesses. According to an Aug. 20, 2009, article published online by InformationWeek, cyber criminals steal tens of millions of dollars from corporate bank accounts every month. And, typically, banks do not reimburse business customers for cyber crimes.
Other news reports describe how “cyber gangs” are targeting vulnerable U.S. businesses. These so-called cyber gangs, many of whom are organized in Eastern Europe, are e-mailing U.S. company employees—such as the treasurer or controller. In some of these cases, when an unsuspecting employee opens or accesses an infected (with a software virus) attachment or link, malicious software automatically installs itself, which can then steal individual passwords.
What can small business owners do to protect their businesses? In this digital day and age, armed security guards can do nothing to keep someone across the ocean, or even someone within your own organization, from stealing hundreds of thousands of dollars from you. Unfortunately, in addition to cyber threats, employee embezzlement is another major concern, as covered in another HRTools.com Insight.
First, it’s critical that small business owners become aware of these threats. It’s also very important to gain cooperation from all employees who have access to your computer systems, which includes cell phones.
To learn more about how businesses can prevent or minimize cyber threats, I asked a colleague—a lead Web developer employed by a large Houston-based corporation. He noted the following:
“Small to medium-sized businesses have a number of options. Among them:
- Remind employees, on a continuing basis, not to open e-mails from unfamiliar sources or individuals.
- Install anti-virus and spam e-mail servers to help capture junk e-mails and malicious attachments.
- Enlist network/security consultants to routinely evaluate network and security setups on a monthly-to-annual basis.
- Ensure that network-oriented, anti-virus software is properly installed. Usually a consultant can help with this step.
- Install malware/adware software.
- Distribute notices regularly that remind employees to monitor their laptops, workstations and cell phones.
- Keep employees happy.”
Continuing, he explained, “Happy employees tend to enjoy their jobs, feel loyalties and, in many cases, have less focus on negative aspects that surround them. Unfortunately an unhappy and disgruntled employee, especially in these tough economic times, can start to look around for opportunities. It’s happened before—an employee, who feels disrespected or unappreciated, perhaps as a way to express unhappiness, starts to see a bad act as a financial opportunity. In turn, such an employee might consider giving away sensitive information to these ‘gangs’ in return for financial rewards.”
As a final note of caution, he added: “There are lots of options; but, it depends upon whether or not employers take the time, not simply make the time, to oversee their infrastructures.”
Indeed, as they say, it’s a very dangerous world. And, in terms of cyber threats, the U.S. government is growing increasingly alarmed and involved.
In fact, the U.S. Department of Homeland Security provides daily security updates online through its Office of Infrastructure Protection. Here individuals can sign up to receive e-mail updates at “DHS Daily Open Source Infrastructure Report,” which are also archived online for 10 days.
This government Internet site provides additional resources including online training and programs for workforce development purposes.
Our world runs on computers, which makes everyone vulnerable. Cyber crime is a reality that almost everyone faces today, and hackers are becoming craftier all the time.
Stay informed, and educate your workforce and enlist their cooperation. Hopefully, as a result, you can minimize your risks and stay one step ahead of these cyber gangs!