Nancy Deol is aMarketing Manager at Advanced Kiosks , aLastPass Enterprise customer. She is joining us on our blog today to make the case for adopting password management in your business. What a timely topic. We’ve seen countless brands not to mention CEOs in the news lately due to cyber incidents, but so many businesses aren’t sure where to start in addressing the password security problem. Nancy’s advice will help you understand how to get started in the right direction and how LastPass can banish bad password practices.
Cybercrime is not something we take lightly at Advanced Kiosks. We work with many government and healthcare organizations, so protecting their data is not just fundamental, it’s non-negotiable. When we are selected for an interactive kiosk project, we explain to the Project Manager (before they can even ask us) that we include our pre-installed kiosk management software to protect their kiosks from malicious tampering. This software, called Zamok, locks down the touch screen and keeps the interactive kiosk safe from hackers and unwanted web browsing. It also ensures the next person who uses the kiosk doesn’t have access to the previous user’s information. There is a lot of personal data that passes tothe software or application, and we ensure that this data remains confidential. We also protect administrator files and settings so they are not able to be accessed by outside individuals.
So if we go to these lengths to secure our products, why wouldn’t we do the same to protect our workplace computers?It’s Not Just Big Brands Under Attack
Part of our role at Advanced Kiosks is to remain informed of new cybercrime attacks and best practices to prevent them. IBM and the Ponemon Institute released their findings for the 2015 Cost of Data Breach Study and the average total cost of a single data breach was a staggering $3.79 million US dollars .
Many of us may read that statistic and think, “Well, we’re probably ok. Things like that only happen to the really large businesses.” Well, think again. While we often see news coverage of cybercrime happening to big names like Target, LinkedIn, Ashley Madison, Sony or NASDAQ, the truth of the matter is that 1 in 40 small businesses are at risk of becoming a target for cyber criminals. Attacks against small businesses have been increasing at an alarming rate. Symantec’s 2016 Internet Security Report revealed that what small businesses really need to worry about are less advanced attacks that are cheap and easy to execute, like password reuse attacks and phishing attacks.
Ultimately, you need to be protecting your assets, as well as your customer’s assets. This is critical if your company sells SaaS (as we do) or you require your customers to provide personal, financial or other sensitive data through an exchange. I believe this is something most small businesses do not devote enough thought to, and because of that lack of preparation, leave themselves and their customers open and vulnerable to attacks.So Why Aren’t Businesses Protecting Themselves Against Cybercrime? “This will never happen to me”
One of the biggest reasons is that businesses truly believe that they aren’t a valuable enough target and that there is no way it could ever happen to them. It reminds me of that saying from the Hunger Games, “May the odds be ever in your favor.” This line of thinking is a risky gamble and doesn’t reflect the reality of cyber attacks.
The data shows that cybercriminals are opportunistic, targeting their victims at random and looking for easy access to money when they attack. And unfortunately, small businesses make easy targets. According to Small Business Trends , who gleaned key insights from Symantec’s study , “These phishing attacks target employees largely responsible for the finances of a small business.” So if you think that just because you aren’t Target or Sony means you’re safe, it’s time to shift your thinking and acknowledge the very real risks to your business.“I just don’t have the time”
There’s a common misconception that finding the right ounce of prevention is going to take too much time . This always surprises me because it will definitely cost you so much more if you roll the dice and you lose. Especially when you take into account that according to a recent Experian report , 60% of small businesses that experience a data breach go out of business within 6 months.
Yes, you do need to spend some measure of time to:Find the right technology for your business Learn the technology Deploy the technology Teach the technology to your employees
But not all SaaS is created equal, and the time-to-implementation varies considerably. All of the above factors are key reasons forwhy we decided thatLastPass Enterprise was the right solution for our business, and why we believe it is the perfect password solution for any business that doesn’t have a lot of extra time available.
LastPass makes everything incredibly easy for anyone to use. It’s a self-service solution , which means that anyone (I’m looking at you, non-IT folks!) can be up and running quickly. It’s a perfect fit for us since we are a self-service technology company . LastPass Enterprise alsoscales well, so you can start small with certain key members on your team and then deploy across your organization when you are ready.“I trust my employees are protecting themselves”
Quite frankly, this isn’t about a trust issue, and honestly, you cannot know for sure either way until you have a system in place to actually confirm if employees are following best practices. The first questions to ask (and answer) is Do I know what the best password practices are for protecting our data from cybercriminals, and are my employees equipped to follow those best practices?
If yes, then I applaud you for keeping up on cybersecurity. It’s so important to your business. If you aren’t sure, I’m here to share the information you need to know.Tech Talks offers some very helpful best practices in their article,