Silent night(s): Are your clients prepped to keep their systems safe?
The first Monday after Thanksgiving is widely celebrated by consumers searching for mega-savings during the take-no-prisoners season of holiday shopping.
You know who else takes no prisoners—especially on and around Cyber Monday?
Christmas has again come early for cybercriminals, and this year it lasts for 26 days between Black Friday and December 25. Managed service providers (MSPs) may want to think twice about taking extra helpings of turkey; fighting tryptophan-induced fatigue when work resumes won’t help your cause.
And your customers will likely need you alert.
According to the Ponemon Institute, “While shoppers on Cyber Monday can significantly boost sales, just one hour of downtime as a result of an attack could mean an average loss of almost $500,000. Or, about $8,000 for every minute a purchase is prevented or the integrity of the website compromised.”
Those findings were published shortly before last year’s holiday season. Think the price tag on an hour of downtime has dropped below $500,000 since 2013?
For argument’s sake, let’s say the cost for 60 minutes of downtime during the holidays has decreased. It still stands to reason that the hit to a business’ bottom line will be substantial. Consider these findings, per Ponemon:
- “64% of respondents say their organizations have seen an increase in Internet fraud and/or attempted website attacks during high traffic days such as Cyber Monday.”
- “Only 23% of respondents say most Internet fraud that occurs on their company’s websites is quickly detected and remediated.”
What does it all mean for you?
“MSPs are the defacto IT departments for their customers,” MAXfocus Security Lead Ian Trump says. “When bad guys attack their customers’ network, be prepared to take those phone calls and help.”
You can also help yourself. Be proactive and communicate with your customers on the dangers that lurk online during the holiday season.
Here are a few tips worth sharing with your customers:
Do some digging
Don’t assume an email attachment or link in a social media post is legitimate. (And avoid clicking pop-up ads altogether.) If you come across an enticing promotion, your first step should be visiting the retailer’s website to confirm its authenticity. A little skepticism can be a good thing.
Look for the lock
Before providing financial information, check if there’s a padlock in the web page’s URL. It indicates you’re on a secure page – as does the “s” in the address (e.g., https://). And if it’s an option, use PayPal, which Trump says has heavily invested in security and anti-fraud protection.
Lock ’em down
Use the lock screen on mobile devices. According to IBM’s Cyber Monday 2013 statistics, smartphones accounted for nearly 20% of all online traffic, and tablets drove nearly 12% of online sales. Consider the risk if network-connected devices are stolen and the lock screen isn’t enabled.
Launching multiple browsers and opening more than one window at the same time may make users feel like they’re successfully multi-tasking. But it’s an invitation for trouble. Trump says using one browser, and opening one window at a time, helps avoid malicious scripting attacks.
Hammering home the need for common sense can’t be understated. Even responsible clients suffer occasional lapses in judgment.
Cybercriminals are banking on it. For them, this is truly the most wonderful time of the year.