Business
   A cyber attack can be your worst nightmare. Data destroyed or held hostage until you stump up big money to have it released. Stickman Cyber founder Ajay Unni outlines the basic requirements every printer should be adhering to.
Cyber security: What to know and what to look out for
     Printing businesses have massive amounts of sensitive data on their premises, from budgets to bank statements to
the latest Harry Potter book. Unfortunately, this is all data that can be used by hackers to exploit, blackmail, and steal.
Despite this serious risk, a large number of printing businesses remain uncertain and fearful when it comes to setting up their own cyber security processes. Cyber security is often pushed to the bottom of the to-do list, competing with the never- ending, time-sensitive demands of printing.
The result is that companies are exposed to unknown threats that are only revealed once the damage has been done. There are four main types of cyber attacks that need to be protected against. First is the destructive/wiper-style attacks where the intent is simply to wreck the data and damage the business.
28   Print21 JULY/AUGUST 2021
Cyber security essential:
Ajay Unni
Then there are the ransomware attacks where the hackers effectively take the target’s data hostage, and will only release it when a payment is made. Then there is the malicious breach which exposes sensitive information that can be shared or viewed without permission, and finally unintended data breaches. All four can be seriously costly.
In the case of ransomware attacks, businesses are brought to a standstill, with hackers expecting a ransom to be paid before data
is released. We have seen a lot of unprotected businesses small and large that have been affected, and some were forced to cease business operations as they were unable to recover from the attack.
The recent attack on US oil giant Colonial Pipeline, for example, caused major disruptions to its supply chain and delivery of its products to its end customers with hackers derailing their business. By not putting the right precautions in place, printing businesses are risking similar damage to reputation, finances and livelihood.
Thankfully, there are a few
simple steps that businesses can
put in place to help better protect themselves from cyber-attacks. Firstly, get your passwords in check. Passwords should be rotated at the very least every 60 days, although every 30 days is even better. To
make them even harder to guess, passwords should be at least eight to 10 characters long, have at least one number, one capital letter, and one special character, such as one of the following: ‘!@#$)’.
Multi-factor authentication
(MFA) is the next step up from mere passwords. MFA adds an extra layer of security by using two or more pieces of evidence to log in to a single location. Some common examples of MFA include an SMS message, phone call, or authenticator app to verify
a browser login. Other verification factors could include personal
questions, a physical object such as a security token or bank card, or fingerprint, face, or iris scanning. MFA can mitigate against hackers posing as suppliers and asking for funds.
Changing passwords and implementing MFA is great, but it won’t help if those passwords and special answers are being shared between multiple members of staff, with the potential for them to be leaked.
Instead, every staff member should have their own accounts with their own unique user ID and password so that there is no need to share passwords between staff members. Any shared accounts should be removed and replaced with individual accounts, and each individual account should have its password updated regularly.
The same should be true of any external IT support staff who should each have a unique ID and password with MFA enabled. This means
that every time someone accesses your network, you can log and track exactly when, where, and who it was accessed by. This will not only keep your own business records safe, but will keep your customer’s sensitive information safe and secure too.
Installing a firewall or antivirus software is no longer enough for true cybersecurity. Weak spots must be identified and eradicated before an attack occurs, especially for printing businesses that hold incredibly sensitive customer information at their fingertips. 21
About the author:
Ajay Unni is the founder of StickmanCyber, a business that
helps companies mitigate their cyber security risk. He is part of the 2020 NSW Government Cyber Security Task Force, a group of experts tasked with accelerating the adoption of cyber security across Australia. www.stickman.com.au