Cyber Security: How do SME’s protect themselves?

security

Cyber-crime has often been regarded as something a teenager does from their bedroom or criminal individuals to disrupt businesses or for small gain. However, this is no longer the case anymore. Cyber-crime is a major part of organised crime and has now become so large scale that it is being run by gangs that are able to purchase tools cheaply to perform mass attacks on businesses. Mode looks at the most common forms of attacks and what we recommend for combating this.

Phishers: Phishing emails pose as emails from trustworthy companies, they could look like they have come from a trusted company you deal with or even a customer, asking for information or even urgent action like making a payment or confirming details from yourselves. As these cyber criminals are becoming more sophisticated and evolving their techniques now,  more than ever,  you must be wary of proceeding.

Check:

  • The email address. Tap on the email address to see the full email address behind it. If it looks full of gobbledegook, then you will know this is a fake address. Also look for misspellings or additional characters in the email address.
  • What details or payments are they asking you to make. If necessary, make a call to see if this is real.

Ransomware: this is where cyber criminals steal and encrypt your data and hold it to ransom until you exchange the release of that data for money.

Mobile Malware: A new sophisticated process where criminals are developing apps that look like games. Once downloaded this enables them access to steal your personal information.

What must SME’s do to help prevent cyber-criminal activity?

  • Back up: Mitigate the risk and danger of attack by backing up all your data. Think about all your operational and financial data that is important to you and that is business critical.
  • 2 factor Authentication: Consider having a password and a pin required (where this is sent by text) to be able to access software and emails. Strong passwords involving words as well as numbers and symbols will also help protection.
  • IT Policy: create one to prevent attacks but do make sure that this is easy to read for your employees. Make it the Top 10 points of cyber security but make sure it covers:
    1. Acceptable usage of your systems
    2. Password policy
    3. Social media guidelines
    4. Network security
    5. Physical security
    6. Data protection
    7. Incident response
    8. Disaster recovery
  • Finally, TEST: Staff training, simulated phishing emails, these will all educate employees and help highlight potential risk areas.

For more guidance on being Secure in print, contact Mode today

Entrepreneur Day 2018

entrepreneur

Entrepreneur day was 20th November and it celebrates and creates awareness for entrepreneurship and leadership.

Many people dream of owning their own business but there are many factors that often prevent people from branching out and working for themselves. However, in celebration of all those entrepreneurs out there, Mode has compiled our top 10 tips for being the next Alan Sugar!

The hardest part to be an entrepreneur is starting, so find the will to start!

  1. Think big: If you have a vision of the type of business you want to create, or you see the need in a market, have your dream and think about how you are going to pursue this. Walt Disney said “All our dreams can come true, if we have the courage to pursue them”
  1. Have values: all the greatest businesses have been created underpinned by strong values and having a clear mission statement. Think about what you want to stand for, make this your starting point.
  1. Be passionate: drive, commitment, hard work. These are the key elements to owning your own business.
  1. Reach out: in this age of technology and mass customisation remember that whatever service or product you are offering, each person’s experience is individual to them. Make sure your offering allows for each unique encounter, speak to people, conduct market research.
  1. Focus: Where do you want your business to be, how are you going to get there. Plan the future.
  1. Know your market: understand whether there is a need for your product/service, as in point 4, conduct the right research, know your competitors.
  1. Be relolute: You’ll have mishaps, setbacks, brick walls to face, you’ll want to give up. Being resolute in your vision will be paramount in these moments.
  1. Trust your skills: have faith and self-belief in your talents.
  1. Accept change: don’t be too headstrong or stubborn. Accept that sometimes things must change and will change.
  1. Evolve: keep an open mind and be eager to learn new things, find new technologies.

If you bear all of these in mind, then you have every opportunity to be that successful entrepreneur.

What is Follow Me Printing?

follow me printing

Follow me printing has become a popular solution in a variation of print environments, such as legal settings where the need for confidentiality is paramount, for example. This is due to the many benefits; it is convenient, flexible, and secure, and increases the level of control that the user has. What’s more, by making print more intentional, it also reduces waste. But what is it?

Essentially, with follow me printing solutions the user starts a print job from their workstation, but it doesn’t actually print until it has been authenticated by the user. Authentication protocols could be something like scanning an ID badge.

Example 1;

A lawyer needs to print an extremely confidential document about a client’s case, which cannot be seen by prying eyes. Follow me printing allows the lawyer to verify their identity upon retrieving the document, so that it does not fall into the wrong hands. The system reduces the need for a personal printer for each lawyer.

 Example 2;

A student is studying in the library and wants to print something in the room where she will have her next lesson. When she leaves the library and finds her way to the printer in her classroom, she can scan her ID badge and receive the document. This means she can print to a convenient location without her documents being left for someone else to see or even take (either accidentally or on purpose).

Based on the above scenarios, you can see just how beneficial follow me printing can be, especially when applied correctly, on large sites. Since the documents are deliberately printed during the authentication stage, the potential for wasted, unclaimed items drastically declines. As a result, the cost benefits on ink and paper is remarkable. This level of efficiency and cost-effectiveness is one of the key benefits to follow me printing.

If you have any questions about follow me printing, or managed print in general, please don’t hesitate to contact us – we’d be more than happy to help.

National Fraud Awareness Week: How Can Small Businesses Prevent Fraud?

fraud prevention

Fraud threat affects every size of business, however smaller businesses can often be more vulnerable to fraud than those larger organisations. Last year an estimated £18.9 billion was lost as a result of fraud in SME’s alone.

Fraud can occur from within your organisation but can often extend beyond that even though Banks and other fraud prevention organisations have highlighted the need to be wary of disclosing information. Yet still worryingly, cyber crime is up by 63% in 2017. This is a decrease of 15% from the previous year, but this is still a concerning figure.

To ensure your business is protected you should identify:

  • Common types of fraud that can expose your small business
  • Steps you should take to prevent fraud and implement regulations to help you achieve this.
  • Identify employees that could potentially commit fraud. This is an awful way to have to think but the reality is, to always keep an open mind and minimise the potential risk of any kind of fraud anywhere.

Whilst the types of fraud are no different to larger organisations, smaller businesses are more susceptible because they often do not have the measures in place to identify or ringfence potential issues.

Until your business understands the type of frauds that can occur, it’s essential to understand what fraud can be committed and this can be split into 6 categories:

Assets fraud

  • Expenses theft: when an employee uses their expenses for their own benefit
  • Compensation fraud: When an injury is exaggerated to gain compensation for something that wasn’t the company’s fault.
  • Cheque forging/tampering: An employee forging signatures or altering payee info, amount info.
  • Cash theft: Stealing physical cash from the business
  • Product theft: When an employee uses company money to gain a product for their own use

Accounting

  • Embezzlement: When someone has control of the company funds and uses them inappropriately for their own benefit
  • Personal use purchases: When company funds are used to buy something for personal use, but it is recorded as legitimate company purposes.
  • Accounts payable: This can be the most detrimental fraud to the business, as this can involve invoice or expenses tampering
  • Fake Employees: When an employee does not exist but appears on the payroll
  • Ghost suppliers: Suppliers that don’t exist that are billing for services or products that don’t exist.

Data:

  • Trade secrets: when these are sold to competitors to the detriment to your business.
  • Theft of sensitive data: when data such as credit card numbers, client info is sold to 3rd

Bribery & or corruption:

  • Bribes: This occurs when another business is paid to aid their own company’s or personal benefit.
  • Product fakes: When the original product is substituted for inferior products than what was initially agreed. This is usually to help reduce cost.

Billing:

  • Billing schemes: False payments are sent to individuals within the business from the company and can involve creating a fake customer or editing an existing one.

Overcharging:

  • Overcharging people than what was initially agreed.

Preventing fraud in small business:

There are several steps to prevent fraud in your small business and protect your assets whether they are physical or monetary assets. So, we have come up with a series of tips to help you:

Know your clients: Vet potential clients, there is nothing wring in ascertaining who your potential clients are.

Threats identified: dubious clients can use several methods to pay for things which could leave you out of pocket. This can include using cloned cards to make payments.

Cheque fraud: This is a great way to commit fraud. The fraudster can leave with the product but leave you with a cheque that can be bounced by the bank

Therefore, only accept cheques from trusted customers and suppliers and always use a pen and cross through any empty spaces. Ask for alternative payment if the cheque appears to look wrong in any way or if the customer writes a greater amount and asks for change.

Cash: fraudulent cash is an old school tactic, and this is still occurring even in the light of the new £5 £10 notes. Therefore, always check the following:

  • Any raised print: you should feel this on words like “Bank of England” if it feels flat then it could be fake.
  • The print on the new polymer notes is sharp: if there is any blurriness then then its fake. Big Ben is finely detailed and when the note is tilted you should see a coloured rainbow effect.

Look out for suspicious orders: if a client wants to pay outside of your preferred payment method this will lower your protection to fraud, so you should always stick to your payment methods.

Secure your assets

  • List your assets (Physical and digital) and initiate an action plan on how you can keep these safe. E.g. loss of data is extremely detrimental to your business.
  • Protect your branding and identity: this is the most valuable thing to you so read up on your intellectual property rights. Plus ensure that your details at Companies house is protected as this is often an ideal place for fraudsters to go to obtain your details.
  • All businesses must comply with the Payment Card Industry and Data Security Standard (PCI DSS) an this applies to all businesses that handle card and online payments. There are huge consequences if you do not comply
  • Know your suppliers: invoice fraud is the most common type of B2B fraud. Research who you are dealing with and keep regular checks on them including financial health checks.
  • Know your employees: 80% of data breaches occur as a result of employees according to the Information Commissioners Office. Monitor their behaviour and be alerted to any changes in their behaviour as even the most loyal person can be swayed into committing fraud.
  • Implement an anti-fraud/Anti bribery policy in your company handbook so that everyone is clear that this behaviour is not accepted and will result in disciplinary procedures.
  • Educate your employees on fraud and bribery: including preventing the use of common passwords and implement a policy to ensure that the company data and products are secure.
  • Keep clear records: As a small business it is very easy to be stretched in all directions but keeping consistent and clear records will minimise your risk to fraud.
  • One computer for accounting: do not allow people to use social media on this computer as this can create vulnerabilities that can allow hackers to break into your accounting systems.
  • Insurance cover: essential for any business so that you are covered if you do fall victim to fraud.
  • Secure your IT: implement a firewall as well as anti-virus, spyware, and malware detection.

If you need any assistance with how Mode can help you secure your hardware and software against fraud then visit https://www.modeprintsolutions.co.uk/secure-printing/ or contact us on 0345 223 2203 or alternatively email us on enquiries@modeprintsolutions.co.uk

What is Secure Printing?

secure printer

Secure and printing are not two words that are often in the same sentence or understood when placed together. However, with GDPR law now firmly in place businesses cannot afford to be complacent about printing securely.

Whilst security has become important for businesses, less than 25% have adopted secure printing practises, and this problem is becoming bigger.

Quocirca recently reported the many vulnerabilities around print and that now in the era of advanced connectivity and our ability to collect, process and store large volumes of data, the photocopier or printer has become the weak link in security and no longer can we ignore this. Quocirca quotes that 61% of large Companies have admitted to suffering a data breach. Therefore, now is the time to be proactive in your printing equipment and evaluate the security of your print environment. Discussing this with a print supplier will mean that they can recommend the appropriate hardware and software that means your business is secure, as well as offer education to your employees and help you implement printing practises.

As a business it is important to assess the following things:

  1. Access: Can confidential documents be accessed in your organisation. Who has access, and do you have controls in place to manage this information and track it?
  2. Policy: Do you have a security policy in place for accessing and printing to the network including the multifunction printers?
  3. Guidelines: Do your employees have any guidelines in place for printing securely and how do you monitor that they are adhering to this?
  4. Network security: Do you have firmware and has this been implemented?
  5. Procedure assurance: are you alerted if a device fails the security policy? How do you identify the weakness?
  6. Vulnerability: Does your printer pose as a security issue? Could you be a potential target for hacking or data to be stolen?
  7. Printer compliance: Given you have network security, do your printers comply? How can you check and resolve this?
  8. Reporting: Do you receive reports on the security of your hardware and software? If something isn’t complying, how are you informed so that you can resolve the issue?
  9. Mobile: Do you have a mobile work force that needs to access the network and print?
  10. Configuration of security: Has there been any changes to the firmware you have already installed? Are you up to date?

A printer supplier will be able to help you answer all these questions and help you implement a policy, along with the correct equipment that will help you make your printing environment secure. At Mode we follow this principle:

  • Security strategy: integrate printers and all hardware to be part of your overall security strategy
  • Policy: ensure that you have a policy in place that includes printers so that in the event of a data breach, you can demonstrate under GDPR, that you have taken every necessary step to limit any breach and secure and protect all devices.
  • Secure the devices: make sure your hardware has encrypted hard drives this offers another layer of security and ensure that when that equipment is disposed of, that all data is wiped.
  • Secure Access: ensure there is no unauthorised use of the hardware allowed. No unclaimed print outs on the printers, only allow print jobs to be released when the author is at the machine.
  • Monitor and manage: You need a centralised and flexible way to manage and monitor the security of your print fleet. There are auditing tools available that can track usage at user level. Multifunctional devices are excellent for this, and you can see who has printed what and when.
  • Seek advice: Printer suppliers are the experts in achieving this and can offer you the best way to protect the data your business is holding.

If you are seeking advice on this, why not take a look at our Secure Printing section on our website: https://www.modeprintsolutions.co.uk/secure-printing/ or alternatively contact us on 0345 223 2203 or enquiries@modeprintsolutions.co.uk

© MODE 2018
Site Map | Privacy Policy | Cookies |Design: Innermedia