This month it was reported that Google and Facebook were both victims of a phishing attack that netted the Lithuanian man perpetrating the scam in excess of 100 million dollars. So let's get this straight; two of the largest technology companies in the world, both of whom probably have some of your private data stored in their technology, fell victim to a phishing attack. These are companies that make 10s of billions of dollars every year in revenue. They have 10s of thousands of employees, a large portion of which work solely on the security of their products. So how on earth can your tiny IT department by comparison protect your small-to-medium sized business?
Training your employees to be aware of these things just isn't enough anymore. You must implement mechanisms that not only prevent this sort of social engineering, but do it in a way that allows your employees to continue to be productive and effective. Informing the employees at your company of the dangers of phishing scams is definitely valuable, but doing that and showing how the mechanisms that you've implemented help them prevent that ensures that every time they use your solution they'll be reminded of why. This helps ensure continued diligence on the part of those users. It's no longer just the "draconian IT overlords" making their lives more difficult, it becomes a story of how you helped them save their job.
By adding mechanisms such as multi-factor authentication, oath tokens, and mobile device management among other processes and procedures, you can prevent if not completely negate the likelihood of one of your employees falling prey to one of these phishing scams as these 2 technology giants did. Seriously, you can do this in a way that fits your budget and still lets your employees be productive and effective.
Whether your trying to prevent such a security nightmare or simply trying to ensure you pass an audit with a gold star, NAPC can help you choose exactly the solutions you need to make this all work. Contact NAPC today for a free consultation or demo of our offerings.