Security and Your Software: Are You Safe?

Security and Your Software: Are You Safe?

John Scott  -  June 13, 2019  -  The BG Blog Library  -  0 Comments

“This version of the software is incompatible with your iPad.”

The inevitable error message…

I was trying to convert my ancient iPad into a teleprompter. I play in a couple of bands and thought it’d be nice to have a song lyrics helper nearby. Since the old tablet isn’t good for much else these days, and because I didn’t want to buy a new one, it was worth a try.

Fail.

I found a newer but previously owned tablet, and now I’m singing happily.

Let’s use this analogy and think about your business.

Are you using old/outdated software? Your staff may be comfortable using your current system and may even be resistant to any type of changes! You wait. “It’s working okay,” you say to yourself. “Upgrades cost money.” “I haven’t really thought about it.”

It’s easy to not think about it – until it all falls down.

There’s a cost to do nothing, and it could be big. You deserve to know what that price could be.

We read all the time about data breaches: Home Depot got hit, ditto Target and even the huge credit reporting agency Equifax. The cost was many millions of dollars.

Hackers are constantly trying to stay a step ahead of security improvements. They are relentless. And no one is safe. These bad guys find flaws, holes…and they strike. A Baltimore medical collection agency recently was a victim of an attack. And what did they grab? A story from a local television station reported data stolen included the following:

  • Patient Name
  • Date of Birth
  • Address
  • Phone Number
  • Date of Service
  • Provider
  • Balance Information
  • Payment Card Information
  • Bank Account Information
  • Social Security Number
  • Lab Test Performed

The City of Baltimore itself is currently trying to figure out how to “unlock” their databases after a ransomware attack basically shut down everything city agencies uses to conduct business with residents. They can’t even use their email accounts!

It’s going to cost them a fortune.

But it didn’t have to be this way. There were fixes available which could have prevented this disaster, but the city wasn’t able to get it done in time.

Upgrades to your existing software applications do cost money, of course. They fix bugs, improve functions and processes, and these are the types of patches your employees may gain the most from. Not to mention peace of mind for you.

How safe are you? Here’s how you can find out.

1. Ask your vendor if you’re using the most up-to-date version of their product.

Perhaps they send out a reminder that patches and upgrades are available, and no one inside your company followed up. It could have been an honest mistake or procrastination. Reputable software companies want their customers to be as secure as possible. It’s in their interest to have your back. Find out what you need, backup your current system, and get those updates.

2. Conduct a risk assessment.

In the 2016 Cyber Security Intelligence Index, IBM found that 60% of all attacks were carried out by insiders! In a small company, that could be an admin who opened an email link. It doesn’t necessarily mean you have a spy at your small family business. Several years ago, I was on the faculty at a college in San Francisco. We had an attack which resulted in a data breach. How’d the criminals get in? They sent an email, posing as IT staff of the school, asking employees to check their printer connection! Somebody bit.

That’s all it took.

Here are a couple of tips which don’t cost you anything. Review your current security policies and see if any action needs to be taken. Train your employees, whether you have 4 or 40, on steps to take to avoid this kind of headache. Share policies regarding the sharing of links and other inside processes. The default actions? Controlled paranoia. Ask the sender of the email if that was really them. When a “technician” calls, make sure you know who you’re talking to.

3. Not everyone may need to have the same access in your applications.

Without getting in the technical weeds here, you, an owner or manager, may need to look at everything on your system. But do all your employees need to? Authentication and Authorization inside your software do this: authentication verifies who you are, and authorization verifies what you can see and use.

Keeping up with all of the facets of running your business can certainly make you weary some days. Security shouldn’t be one of them. No one can guarantee 100% protection from every vulnerability, but a software application that’s fresh and up to date might scare off a black hat hacker who’ll move on to someone else’s system which isn’t as robust.

That peace of mind could be very valuable.

Be safe out there!

John Scott is the Senior Marketing Manager at BG Software.
[email protected]
Tags: John Scott, Security
Folsom: Where We Work (and Play)
What We Learned When Google Went Down (Twice)