It seems every other week the news reports that another high profile business has been hacked / breached. One that caught my attention last week was some headlines that Bunnings had been hacked. Here's the 7News headline in full:
"Bunnings hacked: Shopper's personal data possibly compromised in security breach relating to Flexbooker scare"
As it turns out, it wasn't Bunnings that was hacked, but one of their suppliers that helps to run their website was.
This happens more often than you might think. You, as a business owner, don't have complete control over how your suppliers secure your data. Let's do a quick check to see which major services you trust with your data right now:
Xero and MYOB Online - holds customer contact details and your business banking details (and probably the balance!)
Gmail and Exchange Online - holds internal correspondence and everything that you talk to customers about over email
Dropbox / Sharepoint / OneDrive - holds business documents including confidential information about jobs
These big guys tend to make lots of security options / extensions available…but they leave it to your to actually secure the system! If you are still using your Office 365 system as Microsoft gave it to you, then you are probably "leaving the back door open". If you haven't been hacked, then now would be a good time to have your cybersecurity reviewed to see what can be done to improve your business safety.
And what about some other minor services?
Ever booked a flight with Webjet?
Using any job scheduling software like Acuity or Harvest or Monday.com ?
What about any suppliers that you have accounts with where you login to an online portal?
For minor services like these, the best defense is usually a strong unique password, which you can do with a password manager. Password managers aren't just a buzz word in IT, they are being recommended by Australian banks, the Federal Government, and Australian universities. Please get in touch if you'd like help implementing a password manager.