Cybersecurity Week: Security Best Practices – It's Not All About Software

Richard Duffy
Richard Duffy in SAP Business One, Security October 23, 2017

This week much of the ASUG team, including myself, is attending the Biz.ONE Conference and launching ONE.Source  | The ASUG Community for SAP Business One.

Additionally, ASUG is hosting Cybersecurity Week, a series of featured webcasts and important content on one of the hottest topics facing our industry. While I hope to connect with many of you here at Biz.ONE, I did not want to miss this opportunity to chime in on this important topic. 

More about Cybersecurity Week

Threats from Social Engineering

When it comes to cybersecurity, I often refer to this infographic from the team at Social-Engineer.com. Statistics show that the biggest source of threats to many organisations does not come from brute force attacks or "hacking;" rather, it comes as a result of social engineering.

SocialEngineeringInfographic.jpg

What Is Social Engineering? 

As is often the case, Wikipedia is helpful for providing a quick definition to get the conversation moving: 

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

You may not have realized how much of an issue this is and how much relies on you to train your staff on this problem; but as the statistics show, it is a major issue.

A few years back, whilst I was at Acumatica, I wrote a blog and recorded a webinar on security best practices in a cloud-enabled world and, as is often the case with best practices, it's just as relevant today as it was when I recorded it.

Read the blog. Webinar recording below.