Cyber Security defined … And why it’s important
When we think of cyber security, perhaps our first thought is of someone hacking into
our computer systems, and stealing our information. And certainly, that happens often enough for us to be concerned.
“Unless it’s denial of service, which basically is overwhelming the servers,” says Ivan Shkirev of Crumbacher, an Albuquerque business IT company, “they are there to steal information and use it for their own illegal purposes.” It could be commercial espionage, or phishing, or examining email patterns so sending an email in your name is easier to fake.
How do you protect against a cyber attack?
“The biggest issue,” Shkirev says, “is weak passwords.” Most people think a strong password involves eight characters, a combination of which are capitals, special characters, and numbers. If you think your password, which uses this pattern, is secure, it’s not. Password security improves with length. “It’s an order of magnitude,” Shkirev says. Cyber attackers try different combinations of characters involving the alphabet, special characters, and numbers. It doesn’t matter how long it takes, and usually, it doesn’t take very long. Shkirev recommends using much longer passwords. “It’s better to have a spelled sentence,” he says, “One that’s easy to remember.” Then he adds, almost in jest, “Maybe ‘I love New Mexico. It’s the most amazing place in the world’ — one phrase. It will be much more secure.” While most people might hate changing passwords, certain organizations are required to change them every six months — according to governing protocols, like CIPA, HIPPA, and ISO.
How to Prevent a Cyber Disaster
Beyond passwords, weak cyber security entails not following office procedures. For example, you receive an email from your boss or a business owner. It makes an unusual request, but you don’t question it. Security may fail then if you don’t pick up the phone and ask if the boss really sent it. “It’s just this extra step of what’s missing because the communications channels were hot-wired, and someone got into the email, and people just assumed you were Ok with it,” Shkirev says. He says he’s seen cases where people were scammed out of hundreds of thousands of dollars — all because someone didn’t question the email.
These are simple solutions to complex problems. However, not everything involves criminals at a troll farm. Not everything involves unscrupulous competitors trying to worm their way into your computers seeking an unfair advantage. What may be an even more dire security issue doesn’t involve hacking at all. It’s how to protect against a disaster, be it fire, flood, or some other cause. In this case, Crumbacher counsels its Albuquerque business IT clients about this kind of cyber security. “We determine what information needs to be protected — proprietary stuff, things that have to do with clients or patients,” Shkirev says. “We determine where data are located, what’s the means of access to this information, and can channels be secured.” At the same time, he continues, we ask what happens if the building is destroyed by outside forces and how soon we can get the infrastructure back online, including the data?
While your business now operates in a safe and secure environment, it may not always be that way. Your cyber security requires a little forethought and a plan, so you don’t wake from a bad dream at 3 a.m. — or a call from the fire department.