Don't Leave the Back Door OpenPosted 9/11/2007
By Angie Kilbourne
Opening your business to the Internet allows small businesses to play at the same level as chains and dealerships. It also exposes shops to the same digital threats to information and productivity.
Only a decade ago, large companies were the almost-exclusive users of business technologies such as e-mail and high-speed Internet. But today, even the smallest businesses are reaping the benefits of the latest digital technologies. In today's competitive repair market, e-mail, Web sites, online appointment forms and electronicdirect marketing efforts are helping shops stay in constant contact with their customers, business associates and related partners.
However, the deployment and use of these technologies doesn't come without its own set of headaches. Simply put, electronic threats to information security and productivity are no longer the worries of just big corporations. By opening the doors of your business to the Internet, you face the same risks that early adopters continue to battle.
You may think your shop is just a small fish in a big pond. But that's exactly what cyber criminals are looking for: a business that doesn't have the luxury of a fully staffed, experienced information technology (IT) department to oversee operations.
It starts with your Internet connection, especially those broadband connections so critical to a shop's day-to-day operations. Broadband connections are on the rise, both in homes and businesses; AutoInc.'s own "How's Your Business?" 2006 survey highlights the fact that more than 90 percent of the respondents connect to the Internet via DSL or cable service. You need the fast downloads and lightning-quick browsing speeds to access service information and e-mail your customers. Criminals love broadband because they can get into your computer system even quicker.
"What people don't get is that when you're connected to the Internet, the Internet is connected to you. It's a reciprocal relationship," said Steve Gibson, president of Gibson Research Corp, who was quoted in PCWorld magazine. "There is a serious, not just a hypothetical, risk - a consequence - that involves a responsibility with a connection to the Internet. Yes, it is wonderful. Yes, there is really cool stuff out there, but there are also people without your best interest at heart."
Clearswift, a Redwood City, Calif.-based firm that specializes in e-mail security products, released a 2006 white paper titled "Simplifying Content Security." In the report, it found that just a few years ago, the vast majority of business-related content resided as "structured data, living within the controlled security of corporate applications and databases." Clearswift pointed out that 80 percent of business data is held today in unstructured environments - e-mail, text documents, pdfs, presentations, and spreadsheets - and circulates freely within and outside of company environments. Consider that point in relation to your own organization.
We're not talking pranksters here
These attacks aren't just limited to the familiar spyware, viruses, Trojans and worms. Add to the list phishing, vishing, pharming, phaxing, and the deadly denial of service (DoS) attacks. Now throw in theft of equipment; data breaches, both accidental and intended, by employees, customers or vendors; and the "uncontrollable" factors, such as racial, sexual or criminal content within e-mails or planted on a Web site unbeknownst to the company. Clearly, this isn't a few college kids out for a virtual joyride.
Let's look at some clearly plausible examples of information breaches that can occur within a business:
Starting to feel a little queasy? Does the possibility of one of these breaches actually occurring - and leaking out to the media - give you a bad taste in your mouth? Well, rest assured, you aren't the only one.
The Battle Plan
Source: The National Federation of Independent Business
Katy, bar the door
"But I've got virus protection and firewall software installed," you say. It's a great start, considering the frightening numbers of surfers out there who still don't use these simple precautions. But it's just the tip of the iceberg.
The 2006 Clearswift white paper points out that although firewalls protect against network attacks, they are designed to allow e-mail and Web traffic to pass through unscathed. Anti-virus software will catch most viruses coming in; however, it only works on known viruses and is only effective when the software is up-to-date. Further, depending on the product, it can miss viruses buried deep within files that appear to be harmless.
In early 2004, Microsoft founder Bill Gates predicted that spam would be eradicated by the end of 2006. Someone should ask Gates to check his e-mail. In a May 2007 white paper produced by New York-based MessageLabs, "Effectively Securing Small Businesses from Online Threats," spam is the "silent killer" for small businesses. If a spammer decides to target your business, your e-mail server could effectively be overwhelmed, shutting down the system and stopping commerce in its tracks.
The company's research shows that "one out of every 1.33 e-mails is spam, one in every 126 messages contains a virus or Trojan horse threat, and one in seven employees will handle some form of harmful Web content." Given the overwhelming numbers of malicious messages out there, spam continues to be a criminal's choice method of infiltration into any organization.
The best defense is a good offense
Shop owners and managers need both a battle plan and the proper weapons to battle these threats to a company's integrity and economic health. It starts with securing your system. Here are some tips:
Barely scratched the surface
We've only touched on the basics here, and in the time elapsed between my writing and you reading this piece, millions of attacks on businesses and home users will take place.
One thing is clear for the future of the professional service provider: Dependence on electronic communication between businesses, customers and vendors will only increase. Every security compromise, big or small, only erodes consumer confidence and slows the growth of your business.
Don't be the one making headlines. Do your homework and secure your most precious asset: information.
Interested in doing more research on the topic of Internet security? Please see the September 2007 issue of Consumer Reports magazine. The issue contains:
AutoInc. Web Site |
ASA Web Site |
U.S. Court of Appeals Affirms District Court Ruling in Allstate Insurance Case |
Alternative Fuels, Part 2 |
Don't Leave the Back Door Open |
Avoiding a Rush Job |
Wage-Hour Standards in the Auto Repair Industry, Part 2 |
Guest Editorial |
Tech to Tech |
Tech Tips |
News Briefs |
Taking the Hill |
Around ASA |
Shop Profile |
Net Worth |
Stat Corner |
Copyright (c) 1996-2011. Automotive Service Association®. All rights reserved.