Equifax lost millions of personal records earlier in 2017. Sony and Target were both breached in 2016 losing millions of records of their customers. Yahoo has lost control of hundreds of millions of records leading to endless phishing scams and fraudulently email campaigns resulting in tremendous financial loss. Those are 4 multi-billion dollar corporations that lost track of the fact that their client data is their most valuable asset and the target of malicious hackers around the world.
How is your business any different? Are you a CPA with numerous SSN’s on file? Are you a lawyer with data in-house that could put people in prison, or worse? Do you think you are exempt because you are just a graphic design firm that doesn’t have anything confidential, yet you are storing digital W9 records for 30 contractors that contain their socials?
As more companies become permanently connected online, it becomes more important to consider the damage that can come from a breach. What you may think is a simple WordPress site is actually a perfect beachhead for a malicious actor to stage an impersonation campaign. Did you realize an infected WordPress site @yourdomain.com can then send out valid email as firstname.lastname@example.org and potentially even modify your DNS MX Records to start capturing the incoming email to email@example.com? Within a few minutes, someone with full access to firstname.lastname@example.org could take over your Google Accounts, Facebook accounts, Bank Accounts and Cell Phone provider at which point you could be locked out completely.
Down this Audit Questionnaire and start thinking about the risks. There are many small changes which can go a long way.
Call 678-667-2185 today if you are interested in our Full Service IT Audit.