This article originally appeared on Xerox Connect. It offers great advice on how channel partners can help small and medium-size business customers address the increasingly important issue of protecting their sensitive business data.
About 15 years ago, a friend told me about her job at a private security firm. Her duties included finding information about people. She matter-of-factly told me how easy it was to obtain names, birthdays, addresses and phone numbers. Armed with this minimal information, she could call most businesses or agencies on the phone and learn everything she needed to know about anyone.
Guess who purchased a paper shredder the next day?
Information security isn’t about just one thing, especially for your customers, and paper isn’t their only exposure. But you already know that, and maybe you already know what I’m about to tell you.
The cost of cybercrime is expected to rise to $6 trillion by 2021 according to market research firm Cybersecurity Ventures. For the criminals, your customers’ data is at the core of a lucrative business model, which is why the threat landscape always changes. While information security is several things, it is never a one-and-done thing, making knowledgeable, ongoing support in the form of a channel partner an excellent resource for any business.
Here’s a list of things you can teach your SMB customers to help improve their information security strategy:
- Assume you’ve been compromised.
The old saying “it’s not if, but when,” is officially overused because “when” has very likely happened by now. Find the vulnerabilities in your system and shut them down. - Automate.
The threats are in the hundreds of millions, and the bad guys are also numerous. It’s too much for any group of humans to monitor. Invest in systems that detect and react to threats and leave the intelligent work to your people. - Do the basic stuff on your hardware.
For instance, when the setup wizard asks you about ports, decide whether or not they should be open. Change or create passwords when prompted. - Don’t go it alone.
Security is a team effort. Companies like McAfee, Cisco, and Xerox work together and share information with each other, as well as with the wider industry. Look for partners who have partners. Allow your security team to talk to their counterparts in your competitors’ security teams. - Check your supply chain.
A corollary to “don’t go it alone,” is to be sure that anyone who accesses your systems comply with your security policies and procedures. - Use your advantage.
Despite all the sophisticated tools and programs, cybercriminals have at their disposal, you own the physics of your space. Don’t let your adversaries take advantage of the weaknesses that you installed.
- Upgrade.
When an app pushes a patch to your computer or mobile device, verify it’s from a trusted vendor, then accept it. Refresh your hardware regularly, and look for products that have security built in.For instance, our AltaLink devices are the first multifunction printers to be certified by the National Information Assurance Partnership (NIAP) against the latest Common Criteria security protection profile for hardcopy devices.
- Integrate.
You should have several security solutions. Make sure they work together. Silos are not for technology. - Educate your people.
For starters, don’t leave documents at the printer. Delete emails from people they don’t know, especially if it contains an attachment or hyperlink. If a “customer” calls, be helpful but verify. There’s more, but be sure that you make it possible for your people to act. (Telling them to shred documents is no good if they don’t have shredders.)
But don’t take it from me. These are some of the ideas I took away from a Security Summit that Xerox hosted for our customers. The event was over-subscribed, mostly because of the topic but also because of who presented at the event:
- Sergio Caltagirone, Director of Threat Intelligence and Analytics, Dragos
- Steve Hoover, Chief Technology Officer, Xerox
- Alissa Johnson, Chief Information Security Officer, Xerox
- Kevin Mitnick, computer security consultant, author, and hacker
- Ersin Uzun, Director of System Sciences Laboratory, PARC, A Xerox Company
- Candace Worley, Chief Technical Strategist, McAfee
This nine-item list is great way to start a conversation about data security with your customers, but it’s just one part of the equation. To stay informed of the latest security issues affecting SMB customers, subscribe to the Channel Connection blog using the box below.
My friend never told me whether she used her tactics on me. I never asked, nor will I ever. And that paper shredder? A gear jammed after a few years of use. I’m on shredder No. 2 right now. It works really well.
Become a Xerox Channel Partner
Visit the Xerox Global Partner Program (GPP) site and apply to become a Xerox channel partner today. Once accepted, you’ll gain access to success-generating resources such as sales incentive programs, training and certification opportunities, and digital marketing support.
To find out how other channel partners are helping small businesses improve their business process with digitization, join our private Xerox Channel Partners LinkedIn Group.
Share this on Twitter!
Tweet: The cost of cybercrime is expected to rise to $6 trillion by 2021, much of it targeting SMBs: https://ctt.ec/hVPZ8+ via @XeroxPartners
Subscribe to the Channel Partner Connection and receive email updates when we publish a new article.[wysija_form id=”1″]
Great post. We recommend all of our customers take a multi-tiered approach to security to ensure all bases are covered. Solutions all customers should utilize include Network Security, Anti-virus, Anti-malware & Spyware Protection, DNS Protection for Workstations and Email Security. For Xerox multifunction printers, all customers should utilize the Firmware Connect App which updates firmware and software automatically and applies new security patches as they are available. One does not replace the other and together form a strong layer of protection.
So glad you enjoyed this article, Joshua. More insights on cybersecurity are available in “A Step Ahead: Focus on Security.” It’s a PDF of a handout for the people who attended the Security Summit that I referenced in this article. “Step Ahead” contains insights on security from the people who spoke at our summit. For instance, Kevin Mitnick, a former hacker turned security consultant, shares examples of how data can be breached, and what you can do about it. Our own corporate information security officer, Dr. Alissa Johnson, writes that we don’t face only one future of cybersecurity, therefore we must prepare for several.
You may download “A Step Ahead” here: http://www.xerox.com/downloads/usa/en/s/a_step_ahead_focus_on_security.pdf