Halloween: 5 IT security nightmares to keep you up all night

This blog is tagged to the following categories:

It’s October again. It’s time for Halloween, so it’s the season to be scared. It’s probably not a coincidence that October is also Cyber Security Awareness Month, because if there’s one thing that keeps IT departments everywhere up at night, it’s security breaches.

Here are five common cyber security fears for IT departments. Because sometimes, watching how your customers handle their work data just makes you want to yell like you yell at the tv when the girl runs upstairs from the killer again.

1. Data breach

The ultimate horror scenario: you discover that sensitive data has been available to people that shouldn’t have that kind of access. All organizations create monsters of data, and once the monster gets out of your control, the havoc it wreaks may have severe consequences. There are a lot of things you and your colleagues can do to make sure your data and any potential data breaches are contained, though.

Implement multifactor authentication to make it harder to hack into accounts, and limit access for each employee to the information he or she needs. This reduces the risk of employees accidentally spreading information to unauthorized parties, and if you do get a leak, it’s easier to find the source.

2. Loss of data

What if there’s a fire in your building and all your servers are beyond salvation? You’ve thought of this of course, this is why you have off-site back-ups. You’re not doomed. But there are a lot of ways to lose data. What if your cloud provider goes bankrupt?

Thankfully, that’s very unlikely, but it is wise to take measures to reduce the risk of data loss. Your organization depends on data, so losing a lot of it can be the equivalent of Godzilla come to destroy the place.

How do you maintain security when employees work from home?

3. Ransomware all over the place

Ransomware. We all know what it does by now. And we all have different ways of dealing with the problem. Like I said, you’ve got off-site back-ups, so if somebody comes in with a laptop that’s been ransomed, they’ll fully expect you to be able to put everything back into place. Little do they know of the bigger risk involved: how likely is it that this person’s laptop has unwittingly provided criminals access to your network? They might take down the whole thing!

This is another fear that’s best mitigated by being cautious with who can access what. Only give people access to the parts of your network they actually need. This will keep infected accounts from spreading the virus like an army of zombies.

Are you aware of the risks of shadow IT?

4. Hackers get your privileged users or your password manager

It may sound a little bit out there, but if anybody can get hacked, why not password managers? Randomly generated and then stored passwords are safer than ‘password’, but they’re not immune to the horrors of hacking. And since we’re spiralling now anyway, do you ever wonder how your privileged users come up with their password?

The colleague sitting right next to you might be logging in with ‘qwerty’ right now. And they have access to everything! You can’t always prevent hackers from getting their hands on log-in details, but you can make sure everybody’s alert.

5. The real world is still scarier: break-ins and theft

If you’ve read a post on this blog before, chances are you know we’re really big on working together with other departments. Even your IT security isn’t just a digital affair. Do you have a plan for an actual, old-fashioned burglary? The burglar might not be after valuables lying around. They may have placed devices instead of taking them, so they can access your data later, or hack your network from inside the building.

So, make sure you’ve got a good collaboration with other departments when it comes to security, and help emphasize the importance of locking doors and keeping track of keys and entry passes. You never know what’s lurking out there.

So what do you think? Do security risks keep you up at night? What are your biggest IT security nightmares and  what do you do to make them less likely to come true? Let us know in the comments!