Safeguarding North American Businesses Against Internet Vulnerabilities

Canadian companies continue to play an influential role in cyberspace, but the progress is also making them vulnerable to the security threats associated with the digital infrastructure.

A memo from Public Safety Act obtained through the Access to Information Act reveals that there are a growing number of software loopholes that make networks of companies vulnerable.

The government can’t do anything if the companies fail to comply with the warnings laid out by the CCIRC, so it’s entirely up to business owners when it comes to taking protective measures against internet threats. Another growing roadblock is that companies often hide data and security breaches in order to preserve their reputation in the eyes of consumers.

A prime example comes in the form of the telecom firm Nortel Networks; Chinese hackers breached the firm’s computers back in 2000, and Brian Shields (a former employee at the company) reported that the hackers had been downloading valuable data from the company for over a decade. The breach only came under limelight few years ago.

Sony’s Canadian website was also compromised 2 years ago in an attack, and hackers managed to steal personal data of 2,000 customers, including passwords, e-mails and phone numbers.

Among the various vulnerabilities surrounding the North American cyberspace, the threats that companies neglect in most instances include:

1. Breaches related to malware: includes error logs, monitoring attacks and network modifications.

2. Employee access: common problems include employees accessing important company data over public Wi-Fi networks and shared passwords/accounts.

3. BYOD threats: includes security vulnerabilities related to data encryption, unsolicited apps etc. on smartphones and tablets used for company related tasks.

4. Hosting domains and accounts: includes transferring of websites to illicit locations because of unlocked domains and hosting accounts.  

5. Email spam: includes financial investment offers from individuals, mail list spam and directory harvest open attacks.


Taking preventive measures against internet vulnerabilities

Thankfully, there are ways to make vulnerabilities more transparent and ensure the protection of business data. Based on the ever evolving hacking abilities of internet criminals, this type of protection is increasingly becoming a priority for companies. Some of them include:

1. All-in-one solutions

Many businesses worry that some employees may fail to adapt to company policies. However, there is software that can alleviate some potential concerns a company will have as it provides security protection against social media, web, email and spam threats.

Some software even enables companies to backup data as well as identify and remove fraudulent apps (pretty handy when employees fail to recognize malware while downloading applications, plugins or files).

2.  Employee education

A company-wide policy should be adopted and all the employees should adhere to the guidelines in place. In case of BYOD, passwords should be protected with the help of passcodes and security tools, and employees should be instructed to avoid emails and text messages from suspicious addresses and individuals. For continuity reasons, firms can also look into offsite back solutions for immediate restoration during internal breaches.

3. Installation of secured socket layers

As one breach is often enough to tarnish the reputation of the business, companies need to secure their business websites. Secured socket layers are an ideal solution as they can prevent information breaches by developing an encrypted link between the browser and the web server. This action secures customer data when they interact or make a transaction through the company website.  

Internet security is not going to become less important as time goes on. Quite the opposite. In looking for measures to protect their information and their customer and client data, North American businesses may benefit from following the example set by Canada in addressing network security.