Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses business security
[Start of transcript]
Hi. My name is Roger. Today I’d like to talk to you about what is business security. Now business security to a lot of people is something that usually doesn’t get thought about until after it happens. But a small and medium business, not-for-profit organization who is collecting data needs to have an understanding of why they are collecting it and where it is being stored and who is going to make sure that nobody else can get it.
And those three criteria are what is involved in business security. How do we make sure the information that we’ve collected is safe? But more importantly, why are we collecting that information in itself. If we really are collecting that information so that we can put it into a CRM, how much information do we need? We don’t – do we need their driver’s license, do we need their date of birth, do we need their tax number? Those three questions should control how you protect that information.
Because those three components of anybody is really interesting personal information for the bad guys. And they are after that information. And one of the things that a lot of people don’t realize, that if I have a certain amounts of information then I can use that information to create a clone of a person. And that clone of a person can then open up bank accounts and take. And if someone who’s opened up a bank account in your name and taking over $20,000/- and then run off with it, what happens to your reputation?
On top of that, making sure that the business is secure also allows you to know what you’re protecting it from. You know the bad guys are out there. Because you hear about it every day in the news. You know that the bad guys are after everything and anything that they could get because I’ve been telling you a lot of that. But you also need to know that if the bad guys do get hold of the information, how are they going to use it? If they get into the database and see the spreadsheet, then we’ve got a severe problem.
But if it’s in a database in a spreadsheet that’s encrypted with high-end encryption then we don’t really have a problem because we can turn around and go, yes we know the system has been compromised. We know that we’ve lost that information because someone sent it out of the system but what the bad guys don’t know is they can’t use that information and that is really critical to getting your business secure.
Thank you very much.
[End of transcript]