Cybercrime is on the rise, and the dangers faced by companies operating online increase year on year. By the end of 2021, the cost of cybercrime is expected to reach $6 trillion globally, with a malicious attack now happening every 39 seconds. No business or organization that operates online is completely safe. In a recent survey performed at the end of 2020, 80.7% of companies reported falling victim to at least one successful attack.
Finding the right IT security specialist
Partnering with an IT company is one of the best ways to protect yourself from attack. With so many network security specialists operating these days, it can often be difficult for company owners to work out who would be best suited to their particular needs. Here are five questions you should ask a prospective IT specialist to get a better idea of their particular skills.
Does the company use the latest hardware and software?
Running dated software and hardware can cause significant problems, so you should ensure your IT provider uses only the latest systems. Besides, you should check that they regularly update software and Operating Systems (OS) and apply new patches where necessary.
Ask how regularly the company takes back-ups of sensitive data – and where the back-ups are stored.
Having sensitive data compromised in an online attack can have disastrous consequences for a company – not just financially but also in terms of reputation (particularly if you store client details on record and therefore also put your customers at risk). Ransomware attacks are becoming increasingly common (where the attacker steals company data then destroys it at source, charging a ransom for its return), so your IT provider must take regular back-ups and store them securely. Most IT providers provide multiple cloud back-up services these days – but don’t just presume. Instead, ask your IT provider to specify exactly how they take back-ups – and how regularly.
Do they value staff training and keep employees up to date with emerging threats?
The tactics used by hackers have become increasingly sophisticated and complex in recent years, so your IT provider must take steps to ensure their employees are fully up to speed with emerging threats. You should ask what training they provide their staff and ask them if they’re aware of the Owasp top 10 – a list of the top 10 security threats faced by modern web applications. If you’re going to trust your provider to run your network and apps, you need to be safe in the knowledge they know the most recent threats.
Do they offer Two-Factor Authentication?
Two-Factor Authentication (2FA) has rapidly become the de facto standard in web security for everything from banking apps to email services. With 2FA, users must provide an additional form of identification (typically a code sent to a personal mobile device). 2FA is one of the most effective ways to prevent unwanted malicious access to your files or network.
Ask what security provisions they have in place for your data.
There’s little point in trusting an IT company to look after your network and data if they don’t employ suitable protection on their systems as well. Be sure to check what security measures they have in place to prevent cyberattacks – and, as noted above, how regularly they take back-ups and how they protect that stored data.