A successful business has powerful and effective customer support running in the background that can solve problems for the company’s clients. But what if this problem-solving channel becomes the problem itself? What if a hacker could get inside the company and eavesdrop on every conversation that employees have? That’s a disaster, and the ugly truth is that this scenario could happen at any time to your company if you don’t properly protect against it.
Tech Support Hacks
A Belgian ethical hacker was able to hack hundreds of companies through their help desks and gained access to their internal communications. According to Inti De Ceukelaire, “it only takes a couple of clicks to potentially access intranets, social media accounts such as Twitter, and, most commonly, Yammer and Slack teams”. That’s quite scary, but fortunately he’s one of the good guys, and so he pointed out this security issue to third-party helpdesk services.
Considering the ease of this hack and its implications, it’s worrying how easily security flaws can be exploited for malicious purposes. By offering bug bounties, the likes of Google, Facebook, and other technology companies try to address this ever-present concern: the backdoor that was somehow left unlocked while writing the code and developing the internet-based service.
But this help desk threat is only one way that get companies into trouble. Another scam affecting Dell computer owners tries to trick them into purchasing software or technical support to fix a non-existing issue or install software that gives remote control to the hacker.
Now, if your employee uses a Dell computer and receives a scam support call and gives away control of his computer this way, then your business is at risk. Through his remotely hijacked computer the hacker will have access to the business intranet and all the data stored on its computers.
What Can You Do to Protect Your Business?
These examples show just how easy it is to steal your company data. But there is also good news: yes, it is possible to mitigate unauthorized access, though it needs a bit of effort on your part. Before you start downloading any old system monitoring apps and who knows what kind of antivirus software, first educate yourself and your employees about the real presence of the danger.
By connecting a computer to the internet you are practically exposing its data. In order to protect it, you need to ensure there are no opportunities available to hackers, and in any company’s case this starts with proper employee education on computer security. For starters, this means good password hygiene through ensuring that employees use a cryptographically secure and unique password for every online and offline account, because weak passwords can be very costly from a company’s perspective.
Password management services such as Dashlane, 1Password, and LastPass Teams offer neat features developed for businesses, speeding up the company workflow, helping to create a password policy for employees to follow, and putting you as the owner in control of security. If good password hygiene is in place, then it’s time to move forward with selecting reliable and secure third-party platforms, eliminating the potential for hacker attacks targeted at your company.
Best Password Managers of 2019