Reports in the Guardian in September revealed that Big Four firm, Deloitte, was the victim of a cyber-attack following a breach of their email system, which led to client information becoming compromised. Even more worryingly, whilst the breach was discovered in March 2017, it’s likely that the cyber-criminals gained access as early as October 2016, giving them a full six months to browse the company’s records. The truth is that experiencing a cyber-attack is a case of ‘when’ not ‘if’ in the modern business world. With that in mind, let’s have a look at the best ways for firms to protect themselves and make life as hard as possible for hackers.
- Two-factor authentication – Whilst most networks and servers require a username and password to gain access as standard, two-factor authentication adds an extra layer of protection by requiring an additional form of authentication such as a fingerprint, iris scan or unique code sent to a smartphone. It’s a basic measure that adds further security to your account. Importantly, it’s something that Deloitte didn’t use, and which may well have slowed down the hackers had it been in place.
- Access management – Simply put, this makes sure people only have access to things they actually need. The more people who can get into something, the higher the potential for it to become compromised. If only a select few need access to the most sensitive data, then make sure those who don’t need access, don’t have it. This makes hacking their accounts less worthwhile for a hacker.
- The human factor – People are undoubtedly the greatest security issue in a network, as hackers can exploit the weakness of employees who are unaware of the risks and how to avoid them. For example, the two most commonly used passwords are ‘123456’ and ‘password’, both of which could be cracked by a hacker in a matter of moments. It’s therefore worthwhile for firms to invest in cybersecurity training to ensure its workforce isn’t making life easier for hackers.
Comments on In the wake of the Deloitte cyber attack, how can you protect your firm?
There are 0 comments on In the wake of the Deloitte cyber attack, how can you protect your firm?