3 ways your Small Business can be Hacked
If your small business has eve been hacked, you know the importance of cyber security for small business. You more than likely know that data breaches are no longer just a problem for big business. Any business can be hacked and the ways in which a business is hacked are very widespread. Here are 3 ways your small business can be hacked that are within your control to stop.
Not periodically resetting a password
A few years ago there was a hack that occurred between two baseball teams, the St. Louis Cardinals and the Houston Astros. This hack occurred because a rogue employee (Chris Correa) within the Cardinals Organization guessed what the password of a former Cardinals Employee who now works for the Astros (Jeff Lunhow). It has never been confirmed what exactly the password was and if Correa knew what Lunhows’ password was when he was with the Cardinals, but Correa has admitted that he guessed the correct password for Lunhows’ log in credentials with his new team the Houston Astros.
This could have been prevented by simply resetting a password periodically and not using the same password for all log ins. Here is one tactic, many people use to remember their password when it has to change. Start with a password like:
BaSkeTBaLl_2741+3657
The word Basketball can change with the seasons. For instance, you could use the word baseball in the Summer and Football in the Fall. You could also keep the same password and change the special character. In this example you would change the _ and the +. Be careful using this method because you are not changing much about the password.
Old Employees Still Have Network Access
When an employee leaves your organization there shoul dbe adequate steps taken to ensure the terminated employee no longer has access to any networks or internal files. There also may be several Sales as a Service (SAAS) companies out there that your business has an account with, but the terminated employee is the only employee who used the account. Having a way to keep access to those accounts or to change the password is important.
Third party vendors getting hacked
Two of the largest data breaches in history, Home Depot and Target, were started by a third party vendor being hacked first. In both of these cases a small business was hacked several weeks or months previously and the criminals waited until they realized they had access to the much larger database through this vendor partnership. In the case of Target it was a local HVAC company that serviced a few of their locations in the Pittsburgh area. Home Depot had a vendor partner that processed the credit and debit card transactions at their self check out stations in most of their locations.
