In its 2017 State of Cybercrime Executive Summary, released earlier this year, SecureWorks reports that there was a 2,370 per cent increase in email spoofing attacks – fraud targeting small, medium and large businesses – between January 2015 and December 2016.
The National Crime Agency's 2017-2018 report The cyber threat to UK business highlighted ransomware as a widespread and growing threat, with over 300,000 devices in 150 countries infected by the virulent WannaCry ransomware in 2017; data provided by Dell's Integrated Endpoint Security team reveals that, around the world, there's a ransomware attack every 40 seconds.
Ransomware can have a devastating impact on a small business. The typical behaviour of malware of this kind is to encrypt every file on a computer – in some cases including attached USB devices and network shares – before showing the user a message saying that the only way to get the key to unlock their system is to pay a steep ransom, frequently in a cryptocurrency such as bitcoin.
To get their computers working again and get their data back, many businesses pay those ransoms, with ransomware making an estimated $1 billion for criminals between 2014 and 2017. Being adequately prepared and protected means that you'll never have to make that choice.
Dell's Threat Defense endpoint security service uses Cylance's artificial intelligence backed Advanced Threat Protection Technology to stop over 99.7 per cent of both known and unknown threats.
The National Cyber Security Centre says that good enterprise security is vital. Dell Threat Defense can ensure that every computer in your business is equipped with an always-on antivirus to help you monitor the security status of each of those systems, while using local and global threat scores to proactively defend against unknown files.
A key threat vector for ransomware, like most other malicious software, is through users being tricked into running a harmless looking file from the web or clicking on a legitimate-looking email attachment. Dell Threat Defense can protect against those malicious files but, especially for small businesses that might not have a detailed IT security policy, it's also important to address the root of the problem: staff awareness of security.
This is even more pressing now that every business is required by the EU's new General Data Protection Regulation (GDPR) to take adequate measures to protect customer data.
The Dell End-User Security Survey 2017 found that a shocking 72 per cent of employees are willing to share sensitive, confidential or regulated company information.
This is usually well-intentioned – passing data to a colleague or giving a technical support worker their password. But a willingness to do this, in combination with a lack of clear systems for securely sharing access and information, can easily be exploited by criminals.
It's important to ensure that your staff are educated about the risks of poor data security, but you must also put appropriate technology in place to prevent breaches and minimise the potential impact of human error.
Fortunately, technological solutions are available to protect your customers and help your business meet its obligations under GDPR. If you handle customer information, including personal information such as addresses, as well as financial data, you're obliged to use appropriate security measures such as encryption.
Whenever data is stored or transferred, it should be encrypted. Dell Encryption is designed to make it easy to introduce hardened protection to all your data, from laptops and USB drives to file servers. If a computer or storage device is stolen or lost, Dell Encryption means that the data on it cannot be readily extracted. And without the correct passwords and user accounts required to decrypt data, even if an infiltrator makes it on to your network, their ability to access critical business information and steal customers' personal data is strongly limited.
Dell's Workforce Solutions provides a one-stop entry point for small businesses keen to learn more and implement the security they need to keep safe.
Software-as-a-Service endpoint security isn't just for large firms any more: it can also provide a hassle-free way for small businesses to comply with regulations and be assured that they're defending themselves against the latest criminal threats.
--
For more information on Dell click here.
This article was originally published by WIRED UK
