Brother
  1. Sākums Brother
  2. Biznesa risinājumi
  3. Biznesa resursu centrs
  4. Bloga raksti
  5. Security
  6. 2020
  7. Five common data security risks for professional service businesses
Ihmisiä toimistossa

Five common data security risks for professional service businesses

Professional services businesses are at greatest risk of cyber threats and data breaches. Here are the top five risks they face.

Professional services companies are seen as the 'soft-route' to their customers' sensitive information because they often have less sophisticated data security than their clients2  - with financial data security a particular concern.

Indeed, research tells us that financial data is among the most at risk3. In accountancy alone, it is estimated that the number of cybersecurity incidents increased almost tenfold between 2007 and 2017, with a median loss of over €700,000.2  

So, what are the risks that could leave businesses open to data loss?

Five risks that lead to data loss

The majority of financial data security breaches are caused by one or a combination of common factors: 

1. Weak or stolen passwords
Your systems are only as strong as your weakest password - and poor password protocols are an open door to data criminals. Weak passwords such as ‘Password1’ are practically useless, but even complex ones can be hacked by sophisticated programs that automatically run millions of permutations. 

2. Malicious users
Users with access to sensitive information may feel tempted to misuse their privileges - whether for profit or revenge. A diligent access control policy helps counteract this threat. Regular reviews of your authentication and authorisation protocols limit user access and minimise any financial data security risks.

3. User error 
Employees don't have to act deliberately to cause a data breach. They could easily copy the wrong people in on an email, attach the wrong document or send confidential information to an open printer where it could be seen or taken. Education is key here. Sharing best practice – from advice on printer data security to tips on spotting phishing emails – will help keep users alert to the risks.

4. Software vulnerabilities 
Hackers are always looking for vulnerabilities in applications - and software providers are constantly working to fix them via security updates. Businesses should apply updates as soon as possible, as criminals will turn their attention to slow-reacting businesses that remain exposed to attack.

5. Malware 
The average organisation gets hit by up to 22 pieces of malware per year3. This malicious software exploits vulnerabilities and infiltrates your system to disrupt your business or steal your data. Prevention requires a proactive strategy that educates users on avoiding all suspicious links, emails and websites and thinking carefully before downloading any software. On a business level, invest in anti-malware software, ensure that all security updates and patches are installed - and keep your firewall correctly configured and switched on at all times.
An image with a graphic padlock overlaying a human hand on a teal coloured background with connected dots.

Counting the cost of data loss

With potential attacks on multiple fronts, hoping for the best is not an option. The advent of the EU's General Data Protection Regulation (GDPR) in 2018, means that failing to manage data risks can cost companies dearly - in both reputational damage and in severe financial penalties.

GDPR compels businesses to protect their data, with fines of up to €20m or 4% of global turnover (whichever is the greater) for those that transgress – and the statistics are scary.

In the first eight months after GDPR came into effect in May 2018, the scale of the issue became apparent, with 160,000 breaches across the European Economic Area4

What were the top 10 biggest GDPR fines? 

The fines imposed for data breaches in 2019 indicate that regulators have become more severe in penalising businesses that don’t protect their customer data. The ten biggest GDPR breaches in 2019 accrued fines of €402.6m in total5.

Highest data breach penalties in 2019 (in millions of Euros):

  1. British Airways - Fine: €204,600,000
  2. Marriott International, Inc - Fine: €110,390,200
  3. Google Inc - Fine: €50,000,000
  4. Austrian Post - Fine: €18,000,000
  5. Deutsche Wohnen SE - Fine: €14,500,000
  6. Bulgarian National Revenue Agency - Fine: €2,600,000
  7. UWV (Dutch employee insurance service provider) - Fine: €900,000
  8. Morele.net - Fine: €644,780
  9. DSK Bank - Fine: €511,000
  10. Haga Hospital - Fine: €460,000

Despite the introduction of GDPR, data breaches increased by 33% in 2018/19.6 And it’s a threat that can come from the least expected of places.

A close up of a hand scanning a unique ID card to a printing device to print securely

Printers: a security blind-spot

A recent report identified that the exploitation of vulnerabilities is increasing as a result of poor security practices in connected devices.7  11% of all security incidents are printer-related - with 59% of businesses experiencing at least one printer security-related data loss in the last year.

Professional services teams can run the risk of simply taking their devices for granted hence why the most likely cause of a printer data security breach is the accidental actions of internal users.

But with only a quarter of IT professionals investing in printer security, more than half not using user authentication and three-quarters saying they have never invested in document encryption, printer data security remains a real blind-spot.9

Brother Nordic sales manager says: “With data breaches on the rise, it has never been more critical for businesses to evaluate their financial data security. From pre-empting security threats to complying with legislation, organisations need to start looking at professional devices that secure their printing functions and safeguard their data.”

At Brother we recommend that professional services businesses should consider printers that:
- Use SSL encryption to protect communications over IP networks
- Come with PIN and ID Card-protected printing to ensure that documents only get seen or taken by authorised users.

Find out how Brother can help you make your printing more secure. Take a look at our printer security pages - or check out our other blog articles on security.
Sources 
1. https://gdpr.report/news/2017/06/30/cyber-threat-professionals-time-high/
2. Clyde & Co: "Cyber and privacy risks for professional firms" - 2017
3. Verizon: "2018 Data Breach Investigations Report"
4. statista.com/chart/20566/personal-data-breaches-notified-per-eea-jurisdiction/ - Jan 21, 2020
5. https://www.precisesecurity.com/articles/top-10-gdpr-breaches-in-2019-cause-e402-6-million-fines/
6. Ponemon Institute/IBM Security: "Cost of a Data Breach Report" – 2019
7. National Cyber Security Centre/National Crime Agency 'The cyber threat to UKbusiness' -  2016/2017
8. Quocirca: “Global Print Security Landscape” -  2019
9. Brother: "The print security blind spot"

Vairāk Security

Iesakām izlasīt

A dark blue banner with an illustration showing an employee in an hybrid, home and office, working environment

Why is IT the best-equipped team for flexible working?

Brother explores why the IT sector has been best equipped for flexible working.
5 Minutes read
Two professionals having a conversation and looking over a laptop

Cyber security threats are rising. Why isn’t awareness?

Cybersecurity threats are on the rise, but awareness is lagging behind. In this article, we discuss the risks, need for employee training, and demand for stronger security measures.
5 Minutes read
Staff being trained on how to be cyber security aware

5 expert tips to prevent phishing attacks

What IT leaders say you should do to prevent phishing attacks in your business.
5 Minutes read
Back to top