weakest link

The Weakest Link In Your Business

SHARE

Businesses of all sizes,but particularly small- and medium-sized ones, are at risk of a particularly sneaky Cyber Security threat. This peril – the weakest link – is unique because it is hidden in plain sight and springs from an unlikely source: Family.

The fact that the hazard is often unintentional does not reduce the risk – indeed, the very nature of family (including trusted employees, friends and relatives, as well as siblings, children, parents and other bloodline relations) tends to increase the odds of a successful cyber incident.

Why? Because a business owner or other individual with access to sensitive data is more likely to share passwords, devices and other “keys to the business” with a member of their (extended) family in the belief there is less chance of misuse by a trusted individual. But that is a mistake — even if the business has robust Cyber Security services in place — because a family member does not have to be malicious in order to do harm.

Remember that once you hand over a password to another person, you simply do not know how they will handle it. One danger is that they may jot down the password, or share it with someone else who may then share the password with another individual, all the way down the line until it reaches an ill-intentioned person. Or the trusted individual you originally handed it to may write it down on a piece of paper that is left in an unsecured location — leaving it visible to unauthorized parties. Regardless of the specific circumstances, your password’s next stop is likely to be the Dark Web or some other menacing location.

Shared devices are another common threat vector. How many times does a small-business owner bring his or her laptop home, and a spouse or child asks for access so they can do homework, create a shopping list or engage in some other innocent task? The problem is that the owner has no way of knowing what happens next. That assignment your son or daughter is working on will likely require them to log onto their school’s network — and just how secure is it? Or, as children, adolescents and even young (and older) adults are prone to do, they may log onto a gaming or other site — or even check and open their email — potentially enabling a program to covertly download malicious software onto your device.

Once a device leaves your hand, you are no longer its custodian and typically have no way of knowing how the device is being used, until it is too late. The danger may be compounded by the use of certain browsers, which, depending on their settings, may display a list of stored passwords, including those of bank accounts and of other sensitive data.

Finding a Solution for the Weakest Link

Fortunately, the solution is simple — although it may not be painless: restrict access to passwords and devices on a “need to know or use” basis. Do not circulate passwords unnecessarily; make sure you change them on a regular basis, and do not use the same password for multiple accounts. To further safeguard a password, consider using a password manager, a software application that is designed to store and manage online credentials. A password manager also creates passwords, and usually stores them in an encrypted database that is locked behind a master password.

Along with that, consider utilizing MFA, or multifactor authentication. This adds a layer of protection by adding a step to the sign-in process before email and other accounts or apps can be accessed. When MFA is enabled, a user trying to access his or own account, or a hacker trying to hijack one will first be prompted to provide an additional identity verification, such as scanning a fingerprint or entering a code received by a phone or other device registered to the legitimate user.

Perhaps the toughest part about all this is informing you family member or other person that they no longer have access to your device, or that you will no longer share your password with them. Some people have a difficult time understanding the importance of security protocols, and how dangerous it can be to bypass them. But the effort is worth it. If a hacker gets access to your personal or business accounts — and often, entry to one results in entry to the other — the hacker will be a like a kid in a candy shop, grabbing all the goodies they can, password manager.

eCare SOC Security Monitoring

Security Operations Center 24x7x365

Security Awareness Training

Reduce phishing attacks and malware infections.

Multi-Factor Authentication

Passwords are no longer enough.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Coming Soon On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories