The news that Jennifer Lawrence and about 100 other Hollywood starlets have had their iCloud accounts hacked has raised a number of questions about the security of cloud based services. Whilst it is not expected that small business owners will have nude selfies of themselves stored on their corporate network, (although stranger things have occurred!) often there is other very important information stored on the cloud based services.
Popular cloud based services used by small businesses included:
Accounting software like Xero, storage applications like Drop Box, One Drive and Google Drive, productivity applications like Google Apps, backup services like iCloud, marketing applications like Facebook and a whole range of other applications that small businesses use to run their business.
The lure of Cloud Based applications for Small Businesses is that they are very cheap, especially on a per user basis. A business with only a couple of users can gain access to awesome technology for a simple per month fee. The downside in this case however is that your data is stored with everyone’s else’s and you are at risk to these kinds of data loss.
The data loss probably occurred from a spear phishing attack, where a carefully crafted email was sent to each of the celebrities, asking them to change their password. Skilled hackers can create these campaigns in a matter of hours and they can be hired very cheaply.
To help Small Business Onwers, we have our “7 Tips to minimise the risk of data loss from cloud base services.”
- Ensure you have a strong password. Word combinations with special characters and a mix of lower and upper case make it hard to guess. Never use 12345, your dogs name or children’s birthdays. L3mon_Strudel! Is very difficult for a brute force attack to guess.
- Never use the same password across multiple services. If you lose one, you lose the lot and many hackers know that people are often lazy when it comes to passwords and often use the same ones for multiple accounts.
- Review what you store on the cloud. What is the risk if it is released? This is why many companies have never moved to the cloud and probably never will, because there are a range of attacks available to hackers that would not be available if their content is stored on premise.
- Always be wary of emails asking you to click on a web URL. A useful tip is to ‘mouse over’ the link and Outlook will tell you where the link will send you. These email, saying it is from Westpac, has a link that goes to a very weird URL. Definitely not something to be clicked on.
- Ensure you have up to date Antivirus – We use and recommend Webroot. It is lightweight, doesn’t slow down PCs and does a great job of protecting PCs.
- Ensure that you have a Firewall. These devices can strip out viruses and phishing emails
before they even hit your inbox. They look at the content of all of the emails that you are sent, as well as the websites that users go to and block many of the malicious attempts to access your data. The combination of a great firewall and a great antivirus system ensures that you have the best chance of avoiding phishing and Trojan attacks.
- Make sure that you computers are all regularly patched. Patching applies the latest security updates for Windows and means that your computer has the best chance to defend itself.
- Don’t use Windows XP. Microsoft dropped support for Windows XP a while ago and there are no longer any security updates for it, meaning that it is becoming increasingly likely to become infected with viruses.
There are some tips to help Small Business owners protect their precious company data, specifically if it is hosted in the cloud. Always think first about where you store your company’s sensitive information. If you have any questions or concerns, or need to update your Anti-Virus or Firewalls, please call the team from Extreme Networks on 03 97857162.