Protect your Business from Cyber-Crime with Cloud Technology
As cyber-crime and insider fraud increases in Kenya, companies are advised to secure their businesses and IT environments with Cloud applications.
Sage, a company that specialises in integrated accounting, payroll and payment systems, says organisations are not only wrestling with the growing danger posed by threats such as malware, hackers, and theft of computing devices, but that they–according to the 2015 Cyber Security Report–lost an estimated Sh15 Billion to cyber-crime in 2014 alone.
Rutendo Hwindingwi, Divisional Director for Sage East and West Africa, says that though most enterprises “need to defend their businesses against today’s sophisticated cyber-criminal”, they lack the budget and specialist IT expertise. For instance, he says, “64% of respondents [quoted in the 2015 Cyber Security Report] were not trained in cyber-security issues at all and 20% lacked sufficient cyber security budgets.”
“It is particularly alarming that cyber-crime tripled in 2014 over 2013, indicating a country-wide lack of skills and resources to address the problem, Dr Hwindingwi says. Running your own IT infrastructure calls for lots of resources: investing in firewalls and anti-malware software, patching your operating systems and applications, and having specialist skills who are up-to-date with the latest threats.”
It is against this backdrop that organisations are advised to look to the cloud as one way of improving their IT security.
“Leading providers of online payroll and accounting applications,” says Rutendo Hwindingwi, “host the software and their clients’ data in secure data centres underpinned by world-class technology, including the latest security. Access to this specialised data centre is restricted, with only authorised personnel being able to enter. Around-the-clock armed security employees together with CCTV keep a watchful eye over it. This will free SMEs from doing backups, buying and installing new versions of the software, and fencing their data behind high security software. When it comes to accessing the software, each user requires a unique password and username is required. Only invited persons are given access, using their own passwords and usernames. It is easy to track who has accessed the system and changed the data, making it harder for insider fraudsters to tamper with the records.”
Meanwhile, how can one protect one’s business from data security threats?
Rutendo Hwindingwi suggests one does the following:
- Educate your end-users about the basics of information security – for example, make sure they know why they need to choose strong passwords and that they’re alert to the dangers of phishing emails designed to persuade them to give their log-in details to people with criminal intentions
- Install anti-virus and anti-malware software on your laptops and desktop computers, and then keep it up to date with the latest definitions
- Get serious about mobile security. Lock your device behind a PIN code or password when not in use so hackers or thieves can’t access your data. Also, most mobile devices today allow you to track their location or remotely wipe data. It’s a good idea to enable this functionality just in case the device goes missing
- Keep software up to date with security patches: When it comes to desktops and notebooks, be sure to keep your operating systems and browsers up to date with the latest security patches.
- Where your cloud provider allows it, enable two-factor authentication. For example, you could set your account up to ask for a code sent to you by SMS when you log in or use a fingerprint in addition to a password
- Be careful about where you log into cloud services. Be wary of unsecured public Wi-Fi networks.
“The future is mobile and we are giving our customers the power to control their businesses from the palm of their hand, thanks to the power of the cloud. We connect our customers to accountants and partners with real time and intuitive information about their business” Dr Hwindingwi says. “And we’re doing it in a way that helps our clients improving the security and integrity of their data.”