{"id":6682,"date":"2020-11-25T15:04:39","date_gmt":"2020-11-25T15:04:39","guid":{"rendered":"https:\/\/cybersmart.com\/?p=6682"},"modified":"2021-10-25T13:56:44","modified_gmt":"2021-10-25T13:56:44","slug":"how-to-keep-your-business-and-people-safe-this-black-friday","status":"publish","type":"post","link":"https:\/\/cybersmart.com\/blog\/how-to-keep-your-business-and-people-safe-this-black-friday\/","title":{"rendered":"How to keep your business (and people) safe this Black Friday"},"content":{"rendered":"
Black Friday is nearly upon us. Cue endless headlines about e-commerce retailers recording their \u2018best day ever\u2019 (since last year) and photographs of monstrous queues outside\u00a0<\/span>department stores.<\/span><\/p>\n In amongst the frenzy of articles titled things like \u201810 of the best deals on electricals this Black Friday,\u2019 you\u2019re also bound to find a few on safety- how to stay physically safe during the hustle and bustle or how-to\u2019s for shopping securely online.\u00a0<\/span><\/p>\n However, what you won\u2019t find is much guidance for small businesses. Black Friday brings with it a heightened risk of cyberattack, particularly in an environment when many SMEs are working remotely. So, to help you get your business through this year unscathed, we\u2019ve put together a brief overview of the risks and some suggestions on how to avoid them.\u00a0<\/span><\/p>\n Black Friday is a veritable all-you-can-eat buffet for cybercriminals. Millions of online shoppers, in a rush to grab that must-have deal, often means widespread carelessness on a scale that simply doesn\u2019t happen any other day of the year \u2013 with the exception of China\u2019s <\/span>Single\u2019s Day<\/span><\/a>.\u00a0<\/span><\/p>\n Hackers look to exploit consumers temporarily taking leave of their better instincts in a number of ways. Let\u2019s take a look at some of them. <\/span> Phishing scams are a year-round problem. We\u2019ve all had a fake email from a major retailer that\u2019s <\/span>almost <\/span><\/i>a carbon copy of the real thing but for the slightly misaligned logo, weird syntax or font that just doesn\u2019t look quite right.\u00a0<\/span><\/p>\n However, during a major retail event like Black Friday, the chances of a successful scam go up. If you\u2019re desperately trying to get a killer deal for a new TV and an email comes through telling you that you\u2019re billing information needs updating, you\u2019re much less likely to spot a fake.\u00a0<\/span><\/p>\n You\u2019re probably in a bit of a rush, never the best frame of mind for considered judgements. What\u2019s more, if you\u2019re already shopping, a fake email claiming to relate to what you\u2019re doing online might not set off the alarm bells it normally would.\u00a0<\/span><\/p>\n Again, this is a problem 365 days of the year. But a major retail event provides the perfect cover for cybercriminals to test out the vulnerabilities of popular software and applications for two reasons. One, technical teams\u2019 attention tends to be focused on ensuring apps can handle the sudden surge in demand rather than security. And, two, because many consumers will suddenly be using apps they haven\u2019t used or updated in months \u2013 giving cybercriminals an easy route in.\u00a0<\/span><\/p>\n Much like phishing scams, Black Friday usually comes hand-in-hand with a glut of fake websites claiming to sell this years\u2019 must-haves at bargain-basement rates. Most of these sites are simply fronts for hackers to acquire data or launch attacks on unsuspecting consumers.\u00a0<\/span><\/p>\n This is unlikely to be a problem at your workplace. But you\u2019d be surprised how often people pop to the local coffee shop for lunch and log into an unsecured public WiFi network on a company device. And this is all the more likely on Black Friday as people check out the latest offers during their lunch hour.\u00a0<\/span><\/p>\n The problem is this gives cybercriminals an unbelievably simple way to hack into any unsecured devices on the network. Once in, they\u2019ll be able to get to any company assets accessible from that device.\u00a0<\/span><\/p>\n We\u2019re often banging the drum about the importance of strong passwords. And although it\u2019s vital all the time, it\u2019s particularly so during an event like Black Friday. With so much traffic on popular sites, it\u2019s the perfect time for cybercriminals to try out large-scale <\/span>brute-force attacks.<\/span><\/a>\u00a0<\/span><\/p>\n You could be forgiven for wondering what the risks we\u2019ve outlined have to do with your business? After all, aren\u2019t they all related to consumers?<\/span><\/p>\n Unfortunately, that\u2019s just the problem. We\u2019re all consumers. And your business is made up of them. Whether it\u2019s on their lunch break or in a spare 15 mins before meetings, it\u2019s highly probable that at least some of your people are going to spend time buying or browsing this Black Friday. This could open up your business to some of the risks we\u2019ve run through so far.\u00a0<\/span><\/p>\n If, like most companies, your staff are working from home the risks are even higher. As <\/span>research from ZDNET reveals<\/span><\/a>, 52% of employees believe they can get away with riskier behaviour when working from home.<\/span> This includes activities like browsing suspect websites and using public networks.<\/span><\/p>\n So what can you do about it? With Black Friday just a few days away, here are a few quick tips for keeping your business safe.<\/span><\/p>\n Most risky cyber behaviour stems more often from ignorance or carelessness than malicious intent. So educate your people about the risks we\u2019ve covered in this piece. It doesn\u2019t have to be more than a quick all-company email later this week.<\/span><\/p>\n Check that all corporate-owned or managed devices have the latest security capabilities correctly set up. With many people working from home, ensure the same practices you\u2019d insist on in the office are being used everywhere.\u00a0<\/span><\/p>\n All your employees should be using complex passwords and two-factor authentication, as well as changing passwords regularly. So, set up a password policy with these requirements and ensure everyone follows it.\u00a0<\/span><\/p>\n Ensure everyone is regularly installing updates and patches for the software on their devices. You can read more about the importance of patching and updates <\/span>here<\/span><\/a>.\u00a0<\/span><\/p>\n It might not sound like much, but limiting the number of sites your people visit using company devices can minimise the risk of attack. So by all means let your employees shop \u2018til they drop, but keep it to personal devices.\u00a0<\/span><\/p>\n It\u2019s easy to forget about WiFi itself when thinking about cybersecurity, but it\u2019s a crucial part of good <\/span>cyber hygiene<\/span><\/a>. Changing the default settings and passwords on home routers can help reduce the likelihood of staff being attacked and, in turn, reduce the risk of a breach for your business.\u00a0<\/span><\/p>\n \u2018Black Friday\u2019 always sounds a bit like an economic disaster or tragedy. And, in cybersecurity terms, it certainly has the potential to cause problems. However, by following the guidance we\u2019ve provided, you should have everything you need to ensure this year passes without a hitch.\u00a0<\/span><\/p>\n Want to know more about how to reduce the risks involved with remote working? Then download our new guide<\/a>, <\/span>Cyber Safety in a New Era of Work.<\/span><\/i><\/p>\nWhat cybersecurity risks does Black Friday present?\u00a0<\/b><\/h3>\n
\n<\/span><\/p>\nPhishing scams\u00a0<\/b><\/h4>\n
Old apps\u00a0<\/b><\/h4>\n
Is your business considering switching to remote working permanently? Don’t make a decision before reading our new guide, Cyber Safety in a New Era of Work.<\/span><\/i><\/a><\/h4>\n
Fake websites\u00a0<\/b><\/h4>\n
Public networks<\/b><\/h4>\n
Weak passwords\u00a0<\/b><\/h4>\n
How does this affect SMEs?\u00a0<\/b><\/h3>\n
How can you protect your business?\u00a0<\/b><\/h3>\n
Educate your people<\/b><\/h4>\n
Ensure everyone has the right security<\/b><\/h4>\n
Practice good password hygiene<\/b><\/h4>\n
Run the latest versions of all software<\/b><\/h4>\n
Encourage staff to shop on personal devices<\/b><\/h4>\n
Secure your network gateways<\/b>
\n<\/span><\/h4>\n