With large volume attacks on companies such as LinkedIn and Uber, businesses should be concerned about cybersecurity safety and preparedness now more than ever. The problem is that small to medium-sized businesses read headlines about LinkedIn and Uber and believe the cybersecurity myth that hackers are only interested in larger enterprises. The truth is, predictions put the number of cyberattacks on the rise for all types of businesses, large or small, and last year, small businesses accounted for more than half of all data breach victims.
Varonis, a data security and analytics software provider, recently developed an infographic that separates fact from fiction when it comes to cybersecurity. Here are some myths that could be putting your clients at risk:
- All you need is a strong password. It’s true that using strong passwords is a cybersecurity best practice. The cybersecurity myth is that it’s adequate to protect data and networks. Software solutions that control access to sensitive files and monitoring users is also crucial.
- Only certain industries are targets for cyberattack. Your SMB clients may believe the cybersecurity myth that they don’t have anything worth stealing. But if they have payment information, personal information about employees, or files pertaining to intellectual property, they have data that has the potential to be monetized or held for ransom. Virtually any business can be a target.
- Antivirus and antimalware are enough to keep a system safe. Antivirus and antimalware are important, but dispel the cybersecurity myth that protecting data and networks ends there. Educate your clients about the importance of firewalls, intrusion detection, backup and recovery — and employee training — to build a comprehensive approach to security.
- If you need a password to access Wi-Fi, it’s secure. More and more professionals are working remotely or accessing data and software applications from the field. If employees are using public Wi-Fi, they could be putting their businesses at risk for cyberattack. The password for public Wi-Fi is usually in place to limit users on the system, not to protect it. Provide your clients with VPN for secure remote access.
- Personal devices don’t need to have security for work. Security a bring-you-own-device (BYOD) environment is vital to maintaining security. If any device is used for work, it should have the same cybersecurity measures as a company-owned device. And users should follow the same best practices.
Additional Cybersecurity Myth: Old Data Doesn’t Matter
Varonis also released its 2018 Global Data Risk Report, based on an analysis of 6.2 billion files randomly selected from 130 companies. The research found, on average, that 54 percent of a company’s data is stale, and that 74 percent of companies have more than 1,000 stale files containing employee, customer, or business-sensitive data. Not only is state data costly to manage and store, but it opens the door to an unnecessary security risk. Stale data is often unmonitored and, sometimes, easily accessible. Your clients need solutions that can identify and archive or delete data as soon as it’s no longer necessary.
The report also found that nearly half of companies have stale, but still enabled, user accounts. These accounts can be targets for hackers, enabling them to gain access to applications and valuable data. Solutions that monitor activity and flag unusual actions can help protect systems from a hacked account.
Separate Myth from Truth for Your Clients
Consider sharing the Varonis infographic with your clients to help educate them on the complete list of 10 cybersecurity myths and what they really need to believe to keep their businesses safe.