Cyber security specialists Digital Craftsmen has put together a Christmas security checklist to help business directors enjoy Silent Nights over the festive period.
Simon Wilcox, MD of Digital Craftsmen says: “After a busy year, it’s right that business teams are looking forward to a restful break with their families. But it’s equally important to remember that cyber-attacks on businesses of all sizes increase around public holidays and Bank Holidays, when businesses are less well resourced, or not as focused on security as usual. Ransomware attacks can increase by 30% over the holiday period.”
He adds: “Businesses face serious cyber-crime risks all year round, but periods of office closure, when colleagues might be signing onto their systems from home, offer the perfect chance for cyber criminals to attack.”
A common technique is where employees are lured into clicking on a tempting link, which can then set off a download of malware onto a company’s systems. The means of entry can be simple but effective. It could come in the form of an offer of hard-to-obtain tickets for an upcoming concert or sporting event, or unbelievable discounts for a New Year Sale.
“What’s certain is that during the Christmas holiday season, employees are more relaxed and so, whether they are working from the office or from home, we urge business bosses to remind their employees to be vigilant” says Simon.
Digital Craftsmen has compiled a checklist, covering what businesses and IT directors should do before switching off the lights and hitting the mulled wine and mince pies.
Five tips on how businesses can protect their IT systems at Christmas:
- PHISHING – Remind all employees to always check emails before opening them (especially the supposedly urgent ones which might just slip through) and never click on links from unexpected sources. Even the supposedly ‘festive fun’ emails may be hiding something more sinister.
- TURN IT OFF – If you don’t need it, turn it off – particularly User Acceptance Testing systems. Not only will you save money (if you’re in the cloud), but you’ll also deny the hackers a possible route into your systems.
- SIGNING IN – With many employees accessing company networks remotely, make sure all computers use encryption products and passwords. Educate your team on the importance of good password management i.e. never use the same one across different log-ins, never write them down, and use a password manager to keep track of them. Finally, secure access to sensitive websites or data with Multi-Factor Authentication.
- PATCHING & BACK-UP – Use the quiet time just before Christmas to make sure everything is patched up to date. Closing off vulnerabilities is one of the best ways to spoil a hacker’s Christmas. There is time to run a vulnerability scan to pick up and fix any unknown vulnerabilities or issues before hackers find them. Is your Back-Up up to date? For good measure scan your Back-Up to check no malicious ransomware code has already been quietly added by hackers waiting to attack.
- DISASTER RECOVERY – How up-to-date is your Disaster Recovery Plan? (Do you have one?) If you don’t, write one now. Make sure your team knows what their role in the recovery is, should an attack occur. Update contact details so people know who to contact and when. If you have time, have a run-through of your Disaster Recovery Plans before Christmas. It will become apparent what else needs to be updated in your plans.
REMEMBER: Being prepared and able to respond quickly will limit the damage of cyber-attacks and their impact on your business.
Amid the Christmas frivolity, Digital Craftsmen provide a sobering reminder to business leaders. Simon Wilcox advises: “All businesses, large and small, face serious risks from cybercrime including ransomware attacks. One route in is via phishing activities, in which employees are tricked into revealing sensitive security details and company data. Other cyber-crime methods include exploiting software vulnerabilities and malware attacks.”
“Our advice is for business teams to enjoy the Christmas break but to always remain vigilant.”