August 6, 2018 • Published by Mark Carl
Access Control • Endpoint Security
I hate to say it, but what we all hear way too often is true: Nothing will focus you on your business’ cybersecurity like a data breach. Dealing with the aftermath of a breach is also much more expensive than proactively implementing the necessary security tools.
If you’re a small business, a breach of your email security might be a major inconvenience. On the other hand, if your small business is an investment firm that wires millions of dollars on a monthly basis, an email system compromise could cost you in a big way.
Imagine that the spreadsheet you sent to the bank with your funds flow for an investment was intercepted by an attacker, and one of the destinations has been changed to an offshore account. The reality is that organized crime organizations are perpetrating these attacks on small businesses every day. We’re seeing this first hand, because a lot of businesses are coming to us desperate for help following email security incidents.
One of the most common attacks we see is an attack on Office365 using sophisticated spear phishing tactics. The reconnaissance team of an organized crime unit will research LinkedIn and other means to gather intelligence on a particular company or firm. They will then craft very specific phishing emails that look authentic. Very often they are successful, and an unwitting employee will click on the link in the email and enter their credentials, thinking something is wrong with their Office365 account. And a few minutes later, the attackers are alerted of new credentials, and they are in.
You can train your employees as often as possible, and it still seems like there’s no silver bullet to prevent this. Honestly, I’ve seen some phishing emails so convincing that I’m not sure I wouldn’t have clicked on the links myself, even as a programmer and seasoned security professional. The difference that I have that you may not is multi-factor authentication, so I’m still in pretty good shape even if my credentials are compromised.
The number one recommendation is to let someone who understands these risks guide you through it, because it’s not simple. Email is the primary tool we have in business, but it’s also the most high-value target for an attacker, especially if you’re using Office365 and/or SharePoint to store all your company files.
There are a couple of basic tools that you should implement if you decide to handle email security on your own. The first is the Threat Intelligence add-on package for your Office365 accounts. This will set you back a few bucks a month per user, but it’s well worth it. It will allow you to receive alerts from Office365 when there are suspicious things going on in your email environment.
The second must-have is multi-factor authentication. This requires either an app on your smartphone, or a text message with a code, in order to acknowledge that it’s actually you trying to login to your email account. It’s a little bit of a hassle, but it could save you thousands or millions in recovering from a data breach should an unwitting employee provide their credentials in response to a phishing email.
In short, you should train, protect, monitor and alert. Then rinse and repeat. Even if you’re a small business doing it on your own, the tools are out there.
We’re here to help! Give ControlScan a call at 800-825-3301, ext. 2, to discuss your business’s data security challenges.