The first thing clients and other stakeholders will question when utilising offshore services is their exposure to cyber-security and privacy of information. However these risks are broader than just ‘offshore’
Did you know one in five employees would sell their work passwords? A recent international survey showed that 20% of employees would sell their passwords for less than $1,000, some for less than $100.
It is estimated more than 1 million Australians have their identity stolen each year at a cost of about $1 billion. A recent study funded by the Australian Government uncovered that the average identity theft is almost $28,000 and it takes an average of 54 days for a victim to discover it. Long after your money is gone.
To learn if you have your bases covered, can you answer the following?
- Would your reputation be damaged in the event that your company or client information entered the public domain?
- What tools do you have in place to stop staff from logging into your cloud based applications from home or sharing or selling access with third parties?
- Can you terminate access with one password change in the event that someone leaves?
- Are you able to monitor usage by application? (Eg, Team Member X logged into application Y on this time and date)
- Do you distribute multiple sets of credentials to various systems or applications? How do you manage this?
- Have you taken any due diligence measures regarding offshore staff having access to client information?
Whether the misuse is fraudulent, malicious or accidental, taking the right preventative steps to protect your business and reputation is the first thing you should think about when moving to the cloud.
How will you answer these important questions when your customers and stakeholders raise it?
According to Jamie Beresford, Managing Director of from Ready Offshore, “there are a number of easy and cost effective steps you can put in place to lock down your private information. A lot of business owners are left wide open risk wise because they don’t have any deterrents in place. ”
Ready Offshore’s approach to cyber security
- Single sign on – Ready Secure provides customers with a central point of managing a single set of credentials per team member. This ‘single sign-on’ accesses all of yours and your client’s systems, making login quicker and easier to remember, while allowing management to remove access in an instant.
- BPO access only – They lock down access to your systems from your BPO only, preventing logins from uncontrolled computers or sharing of credentials to third parties.
- Audit trail – Ready Secure provides a granular logging of access so an audit trail can be kept.
- Password policy – They implement a password policy whereby passwords need to be complex and changed regularly.
- Control access – Distribute controlled access to your systems without having to make remote team members privy to your system passwords.
There are also a number of things you can do personally to reduce the risk. Be careful what you share on social media and emails, also never provide personal information to anyone who calls or emails you.
Unfortunately in the modern world it is impossible to stamp out cyber threats completely, which are even impacting the likes of Yahoo and U.S. Congress who were recently victims of a Crypto-locker attack. However you can dramatically reduce your exposure by taking these steps and keeping your technology up to date.