Just last week the story broke that Google’s social media product, Google Plus, had been hacked. What was so scandalous was that Google had not immediately alerted users to the breach. Instead, it waited for the announcement that it would be shutting down the ailing social media platform before revealing that some half a million profiles were compromised.
Big companies can cope with breaches like this, especially when they are planning to ditch the affected products. But entrepreneurs don’t have the luxury of sitting on billions of dollars in cash to soak up any fallout. No – they have to mop up the mess with their own blood, sweat and tears.
Cybersecurity threats to startups are particularly deadly. They can derail operations and prevent nascent businesses from delivering on critical projects. In other words, security issues can mean the difference between the life and death of the company.
Companies are vulnerable to the actions of their employees. A study by KPMG, the financial audit firm, of more than 4500 CIOs found that the biggest challenge facing entrepreneurs wasn’t the action of some hooded hacker in a bedroom in Paris, but the activities of their workforce.
Employees, they found, were many more times more likely to be the cause of security breaches than external malicious actors, especially in cash-rich industries. The study revealed that attacks were most likely in the healthcare, manufacturing and IT industries because of their financial assets. Thanks to high levels of security clearance, employees were much more likely to embezzle funds, attack the network, or steal sensitive company data and sell it on for a profit.
So what can entrepreneurs do to prevent their computing from becoming the reason their business fails?
- Restrict Access On An Individual Level. There’s no reason why every employee should have access to every file your company owns. Sales executives do not need to access the company’s accounts, for instance. But despite this obvious point, many entrepreneurs trust their employees not to work against the interests of the company, and as a result, they avoid spending the time to partition access. Cheap VPS solutions make it easier to restrict access at the user-level. Through the cloud, each user gets an identity and then can only access the files they need to do their work.
- Conduct Background Check On Employees. If you’re thinking about hiring somebody who will have access to your company’s sensitive information, it’s a good idea to do a little digging into their past. Find out where they have worked in the past and whether they have been accused of behaving maliciously. Remember to screen outside consultants as well as new full-time employees.
- Train Employees Periodically. Employees can derail your business, even if they are not behaving maliciously. For instance, poor security practices could leave your business vulnerable to outside attack, even if your staff is honest and hardworking.
This is why many entrepreneurs provide some training on how to avoid the most common cybersecurity threats, such as phishing and ransomware attacks. Keep your employees up to date on these issues, and you’ll be rewarded in time.
Note: this post contains contributed content.