IT Risks: Lessons Learned and Precautions For Your Business
The world of bits and bytes is complex, constantly changing and also has a few pitfalls – even for IT experts. In this article, we talk about some real damage events that not only stuck in our memory, but also contain useful lessons for your company. Hopefully you will be spared these unpleasant experiences.
IT Risks – Small Omissions with a big impact
It’s often the small things that have fatal consequences. One input error, the use of outdated technology or a click on the wrong link is enough to lose data and usually a large sum of money with it.
Careless Mistakes With Expensive Consequences...
For example, that’s how an IT service provider insured through exali found himself in our article Mixed-Up Numbers: IT Expert Causes Damage Amounting to 14.000 Euros and is confronted with the consequences of a simple mix-up with numbers. His small error caused 17.000 electronic letters to be sent instead of the originally intended 50. The damage? EUR 14.000. A case with another IT service provider shows that such careless mistakes can also occur away from the screen: In this damage event an IT Pro Sets Snow Plough on Fire and causes over 14.000 euro in Damages!
Programming Glitch With Competition App
On the other hand, an IT service company that was responsible for maintaining the McDonald’s competition app provided some unexpected profits. In the contest, two people were each supposed to be able to win 100.000 euros via this app, but instead there were four lucky winners within the first four hours! According to McDonald’s, this was due to a technical glitch when a test environment was left open for too long. Find out exactly what went wrong in the article Competition Fail Causes 400.000 Euros in Damages for McDonald’s.
Missed Data Backup
It’s not just third parties that can suffer enormous damage from seemingly minor errors. In a real exali damage event involving data loss on his own hard drive, an IT expert lost almost all of his work documents himself. Because he kept them on an external hard drive – without a backup. When he tried to access the hard drive, it was unreadable. Fortunately, he had taken out Professional Indemnity Insurance through exali, which covers such first-party claims in its basic coverage – so the insurer took over the costs for the data recovery.
Cybercrime – Beware, Fraud!
IT risks can be found beyond corporate structures too. Cyber criminals have long since seen companies of all sizes as worthwhile victims and have developed perfidious scams to steal money and/or data.
The Fake President Trick
The employee of a software start-up insured via exali also had a painful experience in our article Fake President Trick: When Scammers Pretend to Be the CEO. His supposed CEO instructed him to buy Google Play Store gift cards worth EUR 1.500 – and then pass on the activation codes. But by the time the employee became suspicious of the request, it was already too late: The supposed CEO was of course a scammer and the money was gone.
Hackers Hijack Corporate Servers
In another case, hackers turned a consulting firm’s IT into a lucrative Bitcoin mine. Our article tells you how an IT specialist got the paralysed systems running again and how you can also protect your business against modern risks such as illegal cryptomining: Real exali Damage Event: Cyber Criminals Turn Consulting Firm into Bitcoin Mine!
Read our article Cybercrime 2021: Online Crime at Record Level Thanks to Covid to find out how big cybercrime can still get.
Software Errors – Keep Your Eyes Open When Programming
Sure, technology simplifies everyday life, but a software glitch in Austria’s electronic health portal exposed around 1.000 people to a huge medical risk. Because instead of taking over the medication that the doctors had prescribed for their patients, the software in the pharmacies issued incorrect dosage recommendations. The fact that no one was hurt was mainly due to luck. Read about all the background information in our article A Software Error at Pharmacies Resulted in Incorrect Information on Medications.
Another software error hit the employees of the British Post particularly hard. The Horizon accounting program caused irregularities in various accounts managed by employees. This had legal consequences for 736 of them. Read how this bizarre case unfolded here: How Faulty Software Resulted in Hundreds of Innocent Employees Ending Up in Jail.
IT Risks – The Causes Are Diverse
The damage events described are impressive proof that IT risks can arise in many different ways. Because increasing flexibility in the working world offers an excellent breeding ground for IT security gaps that can throw your business off track. The various factors are often related and support each other.
IT Risk #1 – Humans
The greatest risk to the security of your IT is often in your own company. Of course, very few employees specifically try to harm their own employer. Most of the time, human error associated with cyber incidents is simply due to carelessness or lack of knowledge.
For example, so that your team doesn’t underestimate the dangers of a hacker attack or reject supposedly cumbersome security precautions from the outset, it is crucial to ensure comprehensive security awareness among all the members of the company. This includes regular training, prevention options, changing passwords and very clear responsibilities.
You need good password management to prevent hackers from accessing your login data as well. Find out how to do this in the article 5 Tips for Good Password Management in Business.
IT Risk #2 - Cyber Attacks
The risk of cyber attacks is inextricably linked to the human factor. With social engineering, for example, criminals manipulate their victims in a targeted way to do something – such as disclosing confidential information or transferring large sums of money. Versions of this scam include phishing emails used to obtain sensitive data or the so-called fake president trick. Fraudsters pretend to be managers and get employees to transfer large amounts to them with these scams.
The spread of malicious software such as ransomware or malware is also very popular with hackers. Ransomware blocks access to data or entire computers by encrypting files. The criminals then demand a ransom to release the encrypted data. Malware, on the other hand, penetrates your computer systems and causes disruptions or damage there.
That’s why it is crucial that you are aware of the multitude of threats in this area and take appropriate protective measures. These include, among others:
- Antivirus software and firewalls
- Regular data backup
- Clear responsibilities
- Sensible management of access rights
- Current state-of-the-art hardware and software
- Regular training of all employees
We have even more measures for ensuring cyber security in your business in our article Cyber Security for SMEs: How to Achieve Effective Safety Standards
IT Risk #3 – Cloud
Many companies use the advantages of cloud services because they are flexible and location-independent. Important digital processes can be relocated easily, and the data is stored globally instead of being kept somewhere in the company. But this also entails risks such as data loss, failures, and unauthorised access to sensitive data. That’s why it is important to create a comprehensive security strategy with regulated access management via multi-factor authentication.
IT Risk #4 – Interfaces
Interfaces to the outside are now an integral part of computer networks. But if they’re left unprotected, they are excellent gateways for unauthorised access. Regular checks ensure no unauthorised people can accesses your network. Firewalls, proxy servers and detection systems for cyber attacks (intrusion detection and intrusion prevention systems) can help here. Encrypt your WIFI with additional standards such as WPA2 and carry out authentication only via central servers.
Make IT Security a Priority!
Digitisation is constantly driving the emergence of new technologies. This also creates new weak points that cybercriminals use as gateways to third-party IT systems. But if you manage to firmly anchor IT security at all levels of your company, the risk of data loss, unauthorised access, and data leaks can be minimised many times over. And if worst comes to worst, Professional Indemnity Insurance from exali has got you covered.
Our customer advisors will be happy to advise you on the right insurance coverage for your business. You can reach our customer service team by phone from Monday to Friday from 9:00 a.m. to 6:00 p.m. on +49 (0) 821 80 99 46-0 or by email using our contact form.