Cybersecurity or Recession?

Cybersecurity or Recession?


As a business owner going into 2019, with all the economic uncertainties that are going on globally in the US, UK, EU etc, should you be worried more about cybersecurity or a recession?

 

Simplistically your answer should be Cybersecurity. You may be asking why, but the answer is quite simple. You can do something about Cybersecurity. Unless you have global influence then a recession will either happen or not, but you wont be able to affect it happening. True you could plan for it and take necessary precautions to ensure your business survives should a recession hit.  However regardless of this uncertainty one thing is for sure – you will face multiple cybersecurity attacks in 2019 and that is something you CAN prepare for.

At the end of this article I am not expecting you will be a CyberSecurity Expert.  I do hope though, that depending on the systems you implement at your company, you will understand and take action on multi/two factor authentication.

The fastest growing email solution on the planet at the time of writing is Microsoft Office 365. One out of every five corporate employees uses an Office 365 cloud service. A fantastic product from a resurgent company. My company is an advocate of Office 365 and we recommend this to most clients these days. Whilst it is a great product, which does exactly what it says on the box, the one thing that almost all companies miss is the security customisation.

I have written a previous article on the security of Office 365 and how out of the box it is designed to work with as many systems and browsers as possible.  This means lots of legacy platforms. That in turn means it needs a lot of configuration to be as secure as possible.

The only one I am talking about in this article is Multi Factor Authentication (MFA). or as most people refer to it “two factor authentication” (2FA). By default this is disabled and needs to be manually turned on and configured.

To highlight the size of the issue only 20% of all organisations that use Office 365 have MFA implemented for their accounts. I find that a shocking statistic, but perhaps I should not be so surprised . Most organisations use Office 365 exactly how it comes in default settings. Couple this low utilisation of MFA with the fact that there are 10 million attacks to Office 365 accounts daily, it really should highlight the importance of at least the basic security settings.

MFA is probably the single most important security feature of Office 365.  This is simply because on its own it almost eliminates the potential for account hacking. The account name for an office 365 user is quite easy to guess.  They are a standard format and most users of Office365 do not implement complex passwords. Yes I still find new clients who have “123456”, “password” or their date of birth etc as their passwords and then they wonder why their account has been hacked. I still find it most frustrating to win a new client after they have lost a lot of money or company confidential information due to a simple password attack.

Enabling MFA or 2FA on your Office 365 should be the single most important action point on any organisations Cyber Security Plan.

If your company is in Hong Kong or Singapore, uses Microsoft Office 365 and is unsure what security measures have been implemented, then please contact phil.aldridge@functioneight.com for a discussion on how to prevent a Cybersecurity breach – even if you cant prevent a Recession.