There’s an idea that a cyber-attacks simply appear out of the blue. Which Is true to an extent, but there are indicators that suggest whether your business is, or has been made vulnerable to an attack. By not acting on these clear indicators in good time, you are leaving yourself unnecessarily weak on defence.
How do you know that you’re systems are vulnerable?
The vast majority of business owners are not IT security experts; it’s hard to know, what you don’t know.
But uBreach can give you definitive information, which plainly states how, where and when your accounts became vulnerable.
What is uBreach?
uBreach is an automated service that shows if your data has been involved in a data breach. Whether it’s usernames, passwords, or essentially any of the information we regularly use when signing up for accounts.
If it has been involved in a breach, and made its way onto the internet, uBreach will find out, and alert you.
Revealing the following information, in a clear and accessible way:
- Which email account was involved?
- What data has been breached?
- When it happened?
- Where it happened (as in which service was breached)?
uBreach is the uSecure integration with the https://haveibeenpwned.com/ service. It’s free, give it a go, input your email and see if it has ever been involved in a breach.
As a free service it lacks the efficiency of uBreach, which is made for businesses and comes with more functions. UBreach is automated, so it is always checking for breaches, and it alerts you if it identifies a breach.
What is a Data Breach?
We’ve all signed up for hundreds of accounts online, some more significant than others. More than likely spread over one or two personal email addresses; maybe one for work.
When of those insignificant accounts is breached, who cares? You only used it once anyway.
The issue comes when you use the same password for multiple accounts. That’s how a seemingly harmless breach of a pointless account can domino into affecting a critical account, like a work one.
A repeated password in the hands of criminals, is like a master key. If you’ve used it once, it’s more than likely you’ve used it elsewhere, and they are more than happy to try it on your most significant accounts.
The following are listed by the ICO (Information Commissioner’s Office) as examples of a breach:
- Access by an unauthorised third party
- Deliberate or accidental action (or inaction) by a controller or processor
- Sending personal data to an incorrect recipient
- Computing devices containing personal data being lost or stolen
- Alteration of personal data without permission
- Loss of availability of personal data
uBreach identifies when your information has been involved in a breach, and alerts you. Then you can change the password of the breached account, and make sure no other account shares the now known password.
Now whatever information a hacker may have, is outdated and useless.
Hopefully this would act as the wakeup call to improve all your password habits. (Of course, we’d recommend improving your password usage as soon as possible, regardless of a near-miss breach.)
But you don’t have to fight your poor password habits alone. Utilise a password manager to create, and store more complicated, unique passwords.
This is such an easy way to avoid the understandable crutch of using the same, simple password for multiple accounts.
Consequence of a data breach?
When one entity is breached, business or otherwise, and your, or employees’ information is exposed, you’re business is left in a weakened state.
You are made vulnerable, then targeted, then attacked, and unfortunately breached.
Now because your business has been breached, someone else could now be vulnerable, via the data stolen from your business. Now they can be targeted, attacked, breached, and on, and on, like a snake eating its own tail.
As for the consequences:
- Invoices can be intercepted, and adapted to redirect the money to the criminals themselves.
- Information can be stolen, to be sold off, to be ransomed back, or just to be destroyed.
- Customers and partners lose trust in your ability to keep their data safe.
- If your business is the source of a data breach, then you may face fines from the ICO for failing to uphold GDPR standards.
Here you can use the ICO self-assessment tool to determine whether you need to report the breach to the ICO, and inform your customers. This is based on primarily on, how likely is it that the breach will result in a risk to individuals?
Using their questions and examples, and your own judgment, you could determine that the risk is unlikely, at which point you do not have to report to the ICO, or inform your customers.
Cyber security can be complicated, but in the case of uBreach’s merits it really isn’t.
“Four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months.”Cyber Security Breaches Survey 2021 – GOV.UK (www.gov.uk)
Four in ten businesses experienced security breaches in the past 12 months. There are many systems required to protect your business, but uBreach lets you know if you are already vulnerable.
As cyber attacks continue to get more advanced, requiring more advanced levels of cyber security, no business can afford to leave themselves open to vulnerabilities such as breached login information.
Security Shield package
It’s our goal to put in place a multi-layered Security Shield package system to protect businesses as much as possible with an economical solution.
uBreach is just one aspect of the uSecure system we provide, which is just one layer of security shield package we offer, alongside User training, simulated phishing attacks, cyber security policies, password management, content filtering, offsite backups, email security and mobile device management, all these as a package for just£30 per user, per month.
With this comprehensive security package only the most determined of attacks have a chance of getting through. If your business is compromised, our package also ensures that you have the backups required to get you back up and running; and on your way to make your business better than ever
Keep your eyes open for a subsequent blogs which will explore and explain other features of our Security Shield package.