Just had a couple of co-incidences last 2 weeks which made me think.
First of which, I was talking to a potential customer about how backup was essential and the risks of ransomware and the next week the company’s secretary in-inadvertently clicked the wrong link and infected her machine, encrypting its contents. Luckily this didn’t spread across the customers network, and we could clean up the machine itself. But it should make the visit to explain why they really need IT support and maintenance a lot more relevant when I talk to the boss next week.
The second was that immediately after presenting a IT security slideshow and question and answer session to one of our long term customers, they were targeted the next day with a conveyancing style fraud where the finance department got an email from a director instructing funds be sent to a new bank account. The finance controller smelled a rat and checked with the director and the other party, as we had explained was best practice in our talk the previous day. (Factual note: Actually the person who did the checks had been on holiday for the talk but still did the right thing).
SO back to the thought:
What we are talking nowadays as IT techs, upfront and open, is proving increasingly relevant and important. This is now quite different as previously the best IT security went on behind the scenes, keeping people safe with patches and procedures, everyone not even realising they were being protected. Its now a much bigger problem and whole organisations need to be involved in keeping themselves safe not just relying on the backroom staff. The IT security game has changed, its much bigger, harder and relies on everyone pulling together.
So some advice: Listen to your IT security people (or get some), get your staff trained and you’ll be a lot safer