“We Don’t Store Customer Data On-Site, So There’s Nothing For Us To Lose”

As a Cyber Security provider, we are always working closely with our clients and advising them on the best approach to protect their business from malicious threats, but earlier this week one conversation in particular stood out.

“We don’t store customer data on site, so there’s nothing for us to lose”

Unfortunately, this isn’t necessarily the case. If you can access the data, so can a malicious individual.

One of our account directors had been talking to their client about the security of their estate and suitable protections they could implement in order to minimise the risk of a successful breach of their organisation’s security.

We advised the client that whilst customer data is one of the most popular targets for attackers and the consequences of losing it can be significant, this isn’t the only thing attackers are targeting and the implications of a successful breach, whatever the outcome can be very costly.

Unfortunately, this is a conversation we often have with our clients, as many businesses only consider the risk of losing customer data. But think about how your business would be affected if sensitive data such as financial data or IP was stolen.

• If it was financial data, how would you manage cashflow?
• What would be the implication if your IP was stolen?

Attackers aren’t only breaching organisations with theft in mind. Breaches can also be used simply to cause damage and disruption, what would the impact be if:

• Your Website Was Brought Down?
• Access To Your Systems Was Relinquished?

These are just a few examples of attacker’s objectives when breaching your organisations security. With this in mind, the importance of securing your organisation against malicious threats cannot be understated. At SES we strongly advise that you begin by taking simple measures to defend your organisation against the smaller vulnerabilities which are simple for attackers to exploit including:

• Being more diligent of attackers trying to gain access or credentials.
• Create regular backups of your data, enabling you to restore your organisation to an uninfected state if required.
• Two-Factor Authentication to enhance your security.
• Regular updates, Patches and Anti-Virus ensuring vulnerabilities cannot be easily exploited.
• Set Privileges and Limit Access limiting threats from within and restricting malicious individuals’ movement if they are successful in breaching your network.
• We also recommend that you invest in regular Vulnerability Assessments as a basic level of assurance to identify known vulnerabilities within your systems which would be exploited.

These are just a few of the basic steps your organisation should be taking to greatly enhance your security posture. However, every organisation is unique and faces unique challenges. To fully understand your organisations risk portfolio and discuss the right course of action to protect your business, please get in touch to speak to one of our specialists. 

© SES Secure Limited and ses-escrow.co.uk, 2019. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.