Here is a great example of how easy it is to target a small business, in this case, a CPA firm (after all, it is tax season).
Please remember, CPA firms aren’t the only ones at risk. Organizations of all sizes must invest in IT security. If an organization collects and stores their client’s personal information, they are responsible for safeguarding it. While the NBC News report makes it seem easy for their hacker to break into CPA firms, unfortunately, it really can be that easy if you don’t have the proper security controls in place.
If a staff member was to open a malicious phishing email, it could provide the attacker with access into their system. If your wireless encryption is secured by WEP, it’s not really secured, as WEP is easy to crack.
It is important to invest in IT security education, for all staff members. Security awareness and training is the process of educating employees on computer security and good computing practices. Investing in education, such as, what a phishing attack is and ways to avoid falling victim to them, is covered as part of the course.
I hope you have a Happy Friday, and a safe computing day! And remember, don’t open attachments from people (or email addresses) you do not know.