Understanding Your Security Stats Helps Drive Your Technology
It seems like everybody these days is tracking their health status with wearable tech — weight, daily steps, heart rate, and so on. These stats, along with other indicators like blood pressure and cholesterol, give the user an idea of personal health. But how many business owners know the vital numbers for their company’s security? Just like with personal health, businesses have a “security score” that can indicate security health. Think you’re in good shape because you haven’t been hit with ransomware? You may be operating under a false sense of security.
So what areas are important to a company’s security health?
What percentage of your employees would click links, open attachments, or give away login credentials in phishing emails?
If you don’t know the current answer to this question, you are gambling with your business. When testing end user vulnerability through simulated phishing emails, we typically see about 20% of users clicking links or opening attachments. When phishing tests and security awareness training continue, the number drops to below 5%.
How long does it take to recover from a ransomware attack?
If your network is hit with “land and expand” ransomware, do you know how long it would take to restore backups and reimage all the affected computers? It may surprise you to find out that your recovery time takes days or weeks instead of hours.
How many of the endpoints on your network are sending and receiving malicious traffic?
It is very possible that as you read this blog, your network already has command and control software, key logger software running on computer endpoints, or Trojan Horses. You may even have data leakage due to employees copying critical data to USB drives or emailing sensitive data to outside email addresses.
How many unprotected mobile devices have confidential data?
Most likely, you have employees who receive work email on their device. Would sensitive business data be exposed if that device was lost or stolen? What if a laptop is lost or stolen — do you know if the data on the hard drive is encrypted?
How many of your employees could continue working from home if your building was unavailable tomorrow (fire, flooding, etc.)?
Many employees may be able to work from home. But, how many would be up working from home immediately with the same level of productivity? Chances are the number is low.
Want to know your security stats? Let ProTech assess your company’s security health and design a roadmap to keep your business safe. Because, if you’re struggling to answer the above questions, it may be time to evaluate your security practices and technology tools.