You lock the front door when you leave the house, don’t you? You brush your teeth, you wear a seatbelt, you keep the dog on a lead on busy roads. In fact, like most people, you probably enact half-a-dozen safety and security procedures every day, without even thinking about it. Yet when it comes to data security, many of us choose to adopt a less scientific approach – one that involves simultaneously burying our heads in the sand and crossing our fingers.
We shouldn’t. Cybercrime is big business, costing UK companies up to £30bn year, while phishing scams cost private individuals up to £190,000 every day, according to police figures. And it’s a threat that’s evolving all the time, because as quickly as new technologies emerge, cyber-criminals figure out new ways to exploit them. As Andrea Csuri, one of our SOC analysts shares in her expert intel Types of Cyber Crime Witnessed in the Wild, ‘The agility demonstrated by these cyber criminals indicates their expertise, resources, and deep understanding of the evolving threat landscape’.
Data and documents stored in the ‘cloud’, for instance, are a prime target for hackers and thieves, as are unsecured Internet of Things devices. Machine learning-based artificial intelligence (AI) systems, which store vast amounts of data, present another key new security battlefield. And while AI can help security systems identify threats more quickly and efficiently, it can also be used by criminals to find and exploit potential weaknesses. As AI-based systems increasingly become a part of daily life, your data will only become more vulnerable – unless secure systems are in place to protect it.
Another growth area is ‘cryptojacking’ – hijacking users’ PCs to mine cryptocurrencies. According to the National Crime Agency, this emergent threat affected up to 55 per cent of UK business in 2017.
The costs of poor data security can be devastating: remember the NHS data breach in July 2018, which saw 150,000 patients’ confidential data used (against their wishes) for research, or the attack on US Customs in May 2019, in which hackers stole the photos and licence plate numbers of over 100,000 travellers? Such attacks can result in threats to the safety and privacy of individuals, as well as harming both a company’s bottom line and its reputation. So with companies relying ever more heavily on cloud computing and artificial intelligence to store and process our data, it’s imperative that adequate security measures are in place.
However, data security isn’t just a corporate responsibility: it’s becoming personal. Flexible working, for instance, means our personal devices are increasingly used in the workplace. Employees may be using corporate devices for personal activities, or they may be using their own devices for work purposes (the so-called ‘BYOD’ model) – both situations present their own unique security problems. From data leaks and insurance implications to device theft and loss, we need to ensure we’re doing everything we can to safeguard access. Few people realise, for instance, that simply installing a password manager will make data on their devices up to 80 per cent safer.
With business security and personal responsibility increasingly intertwined, companies like Stripe OLT are essential: they keep business systems secure, compliant and protected with robust security services and employee training. From the implementation of Microsoft’s Advanced Threat Protection, to attaining government best practice certifications like Cyber Essentials Plus, they cover all bases to ensure online business security in the workplace. What’s more, Stripe OLT is a certified Microsoft Gold Partner – meaning their experts have been officially accredited by Microsoft as leaders in their field.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.