As the first official week of Summer comes to an end, we at Eze Castle Integration hope that you are enjoying this warmer weather. We also wanted to take this opportunity to remind everyone to be aware that your firm is just as vulnerable when the weather is warm and sunny. As heat and humidity rise, power usage simultaneously increases to keep offices cool, leaving firms more susceptible to power outages. Additionally, this weather brings about more prevalent employee vacations and less crowded offices, implying that there are fewer gatekeepers protecting your firm from social engineering threats and hackers. Now, let’s examine some of these factors more closely and go over some business continuity and security tips from our team at ECI that will keep your firm running at full speed in the summer heat.
Impact of the Heat: Power Outages
The months of July, August, and September have been deemed the “blackout season”, because major cities use the most power during this period of time, therefore increasing the odds of a power outage. Power outages, surges, and spikes create damages of over $100 billion annually, and there is no way of knowing if your company could fall victim to one.
To put this in perspective, imagine you are sitting at your desk recording sensitive information for one of your clients, and suddenly your screen goes black and the office goes completely dark. Your company has experienced a power outage caused by your building’s increased AC usage during the summer, and you are not sure if your information and technology is protected.
In preparation for situations like these, your firm should have a Business Continuity Plan (BCP) in place. Effective Business Continuity Planning (BCP) can help minimize financial loss and the negative effects of disruptions on an investment firm’s strategic plans, market position, operations, and reputation.
In case of a situation like the one above, you’ll also want to know the answers to the questions below:
Does your building have an uninterruptible power supply or backup generator?
Does your firm have a disaster recovery plan? Will your data automatically failover if an outage affects your production environment?
Does your firm have someone in charge to handle incident response in the event of a power outage?
Do your employees have a secondary location to work from in the event the outage is long-lasting?
Employee Factors: Vacations and Remote Access
Phishing emails or phone calls are regularly put into action during these times. When it comes to who is vulnerable to social engineering attacks and hackers, there are no exceptions. Even employees who are set up to work remotely are susceptible, so it is crucial to train them to be mindful of potential threats. In fact, hackers often target remote access points because they believe the odds of gaining access to an employee’s personal laptop or mobile device through social engineering and phishing techniques are better than hacking into a company’s systems with presumably more secure firewalls and protections.
For example, if you are working on your laptop at a coffee shop, you should be cautious about which wireless connection network you are connecting to. It can be very difficult to see the slight differences between real and fake networks. By choosing the wrong network, your important personal and company information could be lost or stolen within minutes.
In order for your employees to be properly educated for these situations, your firm should implement Managed Phishing & Training Services. Through controlled phishing simulations, the services test employees' responses to phishing attacks and provide ‘in-the-moment’ security education. This greatly decreases the risk of your company and its employees suffering from social engineering attacks.
Employee training plays an important role in preventing situations such as these from occurring. Firms should employ information security training to ensure users understand the importance of using strong passwords and not leaving their laptops and mobile devices unattended in public settings.
Just because the weather is nice and employees are taking time off for vacation, does not mean that hackers are taking a vacation. Don’t let your guard down.
Finally, the benefits of investing in power backup plans far outweigh the costs related to damages and potential loss of revenue as a result of power outages, surges, and spikes. Make sure your firm is properly prepared to beat the heat this summer.
For more information on how to keep your firm and its employees’ confidential data safe, read our eBook on the 20 IT Securities Dos and Don’ts
Photo credit: Tayloraldredge
This article was originally written by Estani Laredo in July 2015 and updated by Sarah Cahaly in June 2018.