It should be an issue but all too often it seems business owners are too busy or too scared of the technology to get a plan together for tackling data security.
I recently posted a question on a professional forum through LinkedIn: ” How do we get the message out to those who need it most?”
These answers were given by top-notch individuals within the IT industry.
One respondent Oli Rhys, a Business ICT Advisor for a county council, said:
- “There are two answers to your question. One is to agree with them that it isn’t a big problem. Statistically, they are correct, E-crime is a £300 m problem in Wales, a £60Bn marketplace. It works out as 0.005% of the turnover of a company is lost in e-crime.
- The other option is to explain that criminals use an application called Zeus 1.3 which is able to break any Windows system and steal any financial details on their computer. This package is so simple to use that any criminal with an ASBO can use it. It costs them £2K to buy it, so they are going to want to get their money back. It is able to read the files in Sage where the bank details are found and arrange for the money to be transfered out of the bank, bounced through 25 different accounts and end up as untraced cash in China, India, Brasil or Russia or anywhere else in the world. E-crime Wales is really about criminals commiting crimes in a country they never visit. Criminals who think £10 is worth having for the effort involved in pressing a button! “
Another Tomasz Bergiel business owner of a web design company The Mint Factory said:
“To be honest if you don’t want to you don’t have to pay for any hacksoft at all (as mentioned by Oli Rhys earlier) you can get it for free.
It is very simple to intercept sensible data especially from such unsafe operating environments like Windows. Not many people know that even an average kid can steal your credit card details and other sensible data.
Keyloggers, viruses, trojans etc. they don’t need the internet to infect your computer. They can be transferred on any data carrying medium that has been used with your computer (that includes mobile phones and Bluetooth devices). Then once you connected to the internet malicious software starts its real work.
Some days in the past this kind of software was mainly made to expose security holes and disrupt systems – in simple words “for nasty fun”. These days it is used for much serious purpose – fraud and disruption of whole countries (like Estonia 3 years ago) Probably David Shearmon could tell you more about it.
I would be more concerned about wireless connections and how easy it is to intercept and decode WiFi or mobile signals these days. In this scenario hackers can stay undetected and leave no traces to find them and they can seat right next to you or even talk to you at the same time.
Increasingly more companies are having WiFi hotspots and access points. This creates a security hole in many cases.
Another issue is ID theft and our new passports equipped with RFID chip are pure example how unsecure our data is. RFID chips in the new UK passports are like an open book with all the data you may need to commit fraudulent activity. And they can be read remotely.
No doubt that data protection should be one of very important issues for every business and YES people are not aware how unsafe their data is. As mentioned at the beginning by Rhianne M Griffiths people think “This won’t happen to my business” isn’t that naïve? It is like stating “I will never die” while it is just a matter of time and luck.
I have to deal with hackers, spammers and other nasty stuff on daily basis and believe me if your data is still intact that is because no one used it yet.
Recently (Starting on Dec 2009) giant like Google allowed their systems to be compromised and leaked personal data of email accounts and connected services like Google Checkout, AdWords, AdSense and many more.”
I most sincerely believe that for those people who do not take steps to lock down as much as they can, it is only a matter of time before their luck runs out.
We can’t all be experts in these matters but we can all take intelligent steps to seek help in protecting our data. Remembering also that we are duty bound to protect the data of our clients if it is held on our PC, or for that matter in our filing cabinets.
Useful resources for small business owners:
