For most of this year, COVID-19 has dominated and disrupted our normal business routines, and as we relocated to avoid the first wave of the virus, the hackers and thieves weren’t far behind. As people began working remotely in large numbers, the number of unsecured remote desktops soared, as did brute-force attacks against those desktops. Email scams jumped over six-fold in March alone. As Smith’s Chief Administrative Officer, I am responsible not only for overseeing health and safety protocols for our employees but also for managing the safety and security of Smith’s and our customers’ data. Protecting Smith’s employees, customers, and suppliers from the unauthorized use of data takes diligence, ongoing internal training, and, most importantly, planning. Taking a proactive approach to data security prepares us for the cyberthreats that attempt to infect our critical infrastructure.
Despite the massive surge in cybercrime, shockingly few organizations have response protocols in place for cybersecurity attacks, and it can take companies upwards of six months to discover even large data breaches. Preventing data from being accessed by an unintended audience means establishing parameters. Because cybercrime is so often due to the failure of humans – as opposed to the failure of systems – we begin our protections at Smith with employee training on required best practices for data storage, documentation, transmission, and destruction. Every Smith employee completes training on cybersecurity and proper data hygiene. From file saving and sending to developing a second nature of deleting suspicious links, Smith employees follow detailed processes to keep our business network secure.