Originally published on labs.afgonline.com.au on April 7, 2020
As a mortgage broker, you know how to take simple precautions to protect your business against crime when you’re not in the office. All you have to do is make sure the windows are latched, the doors are locked, the alarm is on and the insurance is up to date.
But what about protecting your business against cybercrime now that most, if not all, of your sensitive information is stored online? Cybercrime is a growing threat in Australia, which costs our economy billions of dollars each year. And small businesses are being targeted by an increasing number of cybercrimes.
Even as we enter the COVID-19 crisis opportunities are still being found. The Australian Cyber Security Centre is continually updating its latest threat advice as it reports a significant increase in COVID-19 themed malicious cyber activity across Australia since early March 2020. While we have taxi drivers moving into deliveries because there are far less passengers and Gin Distilleries producing hand sanitisers. Unfortunately, scammers are no different, they are also looking for opportunities.
What is Cybercrime
At its most basic level, cybercrime involves stealing information and money via unauthorised access to computers and mobile devices, infecting computers with malware, online identity theft and fraud, online scams or cyber attacks on computer networks and websites.
Cybercrime isn’t just committed by bored teenage hackers or criminal gangs looking to make a quick buck. It can also be perpetrated by a number of sources such as former or current employees who accidentally or intentionally compromise online information.
Protecting your business against Cybercrime
If your business becomes a victim of cybercrime, the impact can be devastating and costly.
Thankfully, it’s not all doom and gloom. And there are simple measures you can take to protect your business against cybercrime, such as making it a priority to:
- Establish cyber security policies and procedures.
- Introduce a cyber security incident response plan.
- Train staff on your cyber security policies, procedures and incident response plan.
- Turn on automatic updates for computer operating systems, software applications, malware protection and mobile devices.
- Enable multi-factor authentication wherever possible.
- Restrict administration privileges for staff members.
Revoke accounts as soon as staff members leave your business.
- Manage passwords and ensure they’re not being shared or reused.
- Change passwords to long, hard-to-crack passphrases.
- Use a password manager program to create and securely store passphrases.
- Turn on network encryption and encrypt hard drives and data stored or sent online.
- Backup your business data regularly and keep a physical backup stored offsite.
- Foster a culture that understands and values cyber security.
Over the coming months, I’ll provide more information about the ever-evolving cyber security threats in Australia, together with tips to safeguard your business, clients and staff.