What do cyber threats have to do with commercial construction? Commercial Construction is no longer the last industry to embrace new technology. We are all diving into Commercial Construction technology, sometimes whether is it beneficial to our business or not. See our article “Keeping up with the Joneses” here. Because of the rapid deployment of technology many commercial construction companies are not keeping up with cyber security.
According to Rival Security the chances of a data compromise is 27%. One out of every four commercial construction companies will experience some type of data breach. What would happen to your company if you came into work and all systems had been locked out by a crypto-locker virus? How long would you be down? How would this effect your customers and your bottom line? Construct Connect reported that two of the nation’s largest General Contractors both had security breaches that included the release of employee personal information such as social security numbers.
How can you mitigate cyber security threats in our ever changing technical world? It is difficult to show an ROI for security measures if nothing has happened to your company, yet. There is no silver bullet that will ensure that you will always be protected but there are measures that you can take to make sure that your company is more difficult to breach than the next company. Below is a list and description of measures to assist with securing your company data. While this is not a comprehensive list of security methods, it will help make sure that your company is better able to fight against security breaches.
Firewalls – A good firewall is worth its weight in 25% margin commercial contracts. This enables all of your computer systems to remain anonymous to the internet. This device will block all incoming traffic unless you allow it.
Antivirus – If you don’t have good antivirus, that is up to date, it is only a matter of time before you will realize that you were the slowest one when the bear was chasing you and your friends.
Updates – You have to keep all of your operating systems AND software up to date. This can be time consuming. Most hackers find their way into system exploiting systems that have not been patched.
VPN – If you have remote users that need access to data stored on your premise then you need some type of encrypted remote access. Don’t forget that encryption slows down connections so you will need to make sure your internet connection has fast upload AND download speeds.
Policies – Make sure your employees know what they are permitted to do and more importantly NOT permitted to do. Make sure that your policies are enforceable. Many a computer virus infection started with “I didn’t know I wasn’t allowed to download an emoji generator”.
Training – The last and best line of cyber defense is the most important part of your company. Train your employees and test them. We all get busy and it is very easy to see that meeting schedule for a large project can put a training session on the back burner. Let employees know why training is important and what could happen. No one wants to be the person that provided their Office 365 login on a bogus website causing all of your customers to receive PHISHING emails from your company. Make training and passing a test the requirement for continued permission to use your IT systems.
Insurance – Would you drive your car without insurance? Contact your insurance agent and let them know you want cyber insurance. They will likely ask you to show that you have certain security measures in place.