Browsing The Global Web
We’re not saying that you don’t need antivirus software and a routine security check on your phone and laptop now and then. It’s just that the odds of getting a serious data-compromising infection are relatively slim as long as you practice basic security measures. If you’re not downloading zip and exe files from questionable sources, if you’re not cruising the deep web, if you’re not handing your email out to everyone who asks for it, then you have very little to worry about.
A cyber attack is more likely to target your network than it is your devices. Hacking an iPad gives a cyber-criminal a piece of the puzzle. Hacking the network gives them the entire thing. In any event, the gateway to your data is more likely to be your people than your hardware. It’s been noted that many leaks began with a misplaced USB drive or a laptop left open in a public place or an ex-employee who bears a grudge. Targeted, web-based cyber attacks are relatively few and far between. Cyber-criminals tend to be opportunists, not masterminds. Keeping your network secure and your hiring the right people will do more good than adding another layer of encryption onto your desktop computer.
In a survey, 76% of those polled said that their main security concern was cloud-based services, with almost half believing cloud-based services to be inherently insecure. However, a good majority of data breaches involve on-site servers. In truth, some cloud services are safer than others, the same with any other area of data, but the cloud is not nearly as at-risk as many believe it to be. Again, the real threat is in “social engineering.” People who give their information to the wrong people, employees who have more data than they actually need in order to do their job and so on.
The moral of the story is simply that the hardware is not the most at-risk gateway in any organization. Serious cyber-criminals rely more heavily on social engineering and opportunism than they do on any inherent security flaws in a server or a wireless device. You can’t improve your cyber security by rejecting cloud-based services, but you can do a world of good by hiring the right people and giving them the right training.