ARE YOU VULNERABLE? -PART II
Recently, I received a call from a prospective client. She was concerned that employees working remotely, might be allowing other household members to use their “work” computer for personal purposes thus putting the company in a potentially vulnerable position. Despite staff members signing their employment agreement acknowledging that the computer issued to them was strictly for work purposes, there had never been any enforcement of this policy and it was common knowledge that staff members were using their company computer for their personal social media accounts, banking, etc. While this scenario is fairly commonplace in today’s work setting, it raises many concerns. I referred her to an IT specialist who assessed her company’s software ensuring that it was fully encrypted and secure. The next step was to inform each employee of the risks involved in potentially compromising the company simply by not adhering to protocol. Lastly was to develop a guidebook to deal with the fallout from a breach, commonly referred to as a Business Continuity Plan.
The BCP laid the groundwork for her and her company to ensure they knew exactly what steps to take in the event of a breach, who would be the point person for each and an strategy for every contingency. The greatest danger after a breach is having no plan which ultimately leads to rash decisions which often have disastrous effects. After many meetings and walk-throughs, her document is complete. The client is now completely in tune with her business and keenly aware of the risks associated with having a largely external workforce. She has reached out to her key suppliers, seeking to determine who has done their own Business Continuity Plan. This will be a key factor when renewing agreements or entering into new ones.
Just a few days ago, we read of a cyber attack in Regina with the hackers attempting to extort money from this company. They have already posted several clients' personal insurance documents on the internet including their names, addresses, phone numbers and credit card information. The implications are frightening for both the company and its clients. Click on this link to read the entire news article. https://thestarphoenix.com/business/local-business/saskatchewan-insurer-target-of-cyber-attack . For those of us who feel that we are somehow exempt from these hackers, think again. It appears as though any person or company can be a target.
If you have questions about what your next steps should be, contact me. I'll be happy to discuss strategy and offer solutions. At Firebird Business Consulting, https://firebirdbusinessconsulting.ca ,we focus on working one on one with businesses to provide successful solutions.
I can be reached at 306-221-7422 or via email at [email protected]