Human Error: The Downfall Giants and SMB’s Alike.
It’s our ignorance that allows for breaches in data. There’s even a proverb that drives this point home: “he who ignores the time walks in darkness, and he who explores it is illumined by a great light.” As SMBs with remote employees, we must keep a watchful eye on trends in data security and preemptively strike.
A list of data breeches and some simple solutions follows.
Small Mistakes Big Trouble
Decision Based Error
Not too long ago, Equifax’s IT staff passed an email along regarding a vulnerability in Apache Struts, software for developing web applications in Java. Their geek squad should’ve rectified the problem, but didn’t. This inattentive work ethos allowed for 155 million sensitive files to fall into the hands of Hackers.
In total, decision-based human error exposed the personal information of 145 million people in the United States and more than 10 million UK citizens to bad actors.
This sort of error occurs when a User makes a faulty decision. As for the Equifax Team, IT failed to update Apache software and the company was fined $594,505.
The lesson: Keep software up to date is the lesson for SMBs with remote employees because any vulnerability may be taken advantage of by hackers.
Skill Based Error
It was a typical day in Strathmore, Australia. On this ordinary day, slapdash work allowed for publishing more than 300 student records on Southmore Secondary College’s intranet. These files included student medical aliments, mental health maladies and prescribed medications, along with any learning or behavioral disorders that students may suffer; the kind of information that’s shielded by HIPAA.
Disgustingly, skill-based human error caused Strathmore Secondary College student records to remain on their intranet for about a day. The sum of the damage in unknown, students and parents had unfettered access to information that should only be seen by a doctor.
This sort of error consists of slips and lapses in reason, small mistakes that occur while performing familiar tasks and activities in a slipshod manner.
The lesson to be learned, overworking employees opens the door for mistakes and prying eyes are always on guard for slip ups.
Password Based Error
It was a slow day when Veeam, a backup and data recovery company left a database wide open. A sloppy Tech Team neglected to password protect classified data: 200 gigabytes of customer records that included names, email and some IP addresses, the sort of thing you should never share with stranger on internet, were leaked into the hands of criminals.
Password-based human error caused Veaam to expose a database to Hackers. This sort of error occurs when we use weak passwords or leave the password blank. What to do? Always use a strong password that consists of non-alphanumeric characters for signing into remote platforms like Zoom. I won’t go on about Zoom’s security flaws because as owners of SMB’s with remote employees our only choice is to use it or look for an alternative.
Bad Actors Get the Better of You
Remember this, upon opening the door to viruses, downloading and installing them, these crafty coded creeps can abuse your machine’s system connection seeking out all computers on the same network. and after, viruses endeavor to abuse all network-based vulnerabilities. This is a serious risk in this age of remote employees.
You may have heard the spiel before, but we must continually update our knowledge base and walk in “a great light” as the proverb goes. Doing so protects the one thing on Earth, for SMBs with remote employees, more valuable than oil or gold, data.