Brian Balloon is a Business Analyst with over 10 years of experience implementing and analyzing IT infrastructures.
Cyberhackers are everywhere. In an ever-growing and evolving digital business world, public housing authorities and related business consultants are becoming targets of data breaches. Quadel’s Business Analyst, Brian Balloon, discusses strategies and best practices PHAs and contractors can implement to prevent data breaches and protect sensitive business information.
Understand Business IT Essentials
Combating data breaches starts with preventative measures. Balloon recommends two essential business practices to protect data that are also easy to implement and enforce.
“Organizations should have strong access controls such as a multi-factor authentication system. This requires those wanting access to not only use a strong password but also answer a text code sent to their cell or input the number given in an authentication app on their device,” Balloon said. “You’ll also want to ensure all software is kept up-to-date. Implementing software updates consistently often fixes vulnerabilities and reduces the risk of cyber threats.”
Have a Plan in Place for Cyberattacks
An organization’s IT department should have a quality control process that analyzes network traffic and conducts security audits to detect and respond to potential security threats. But, even with a firewall, cyberattacks may occur. Balloon reminds organizations to be prepared for such an event and respond immediately.
“First, you’ll want to isolate the affected systems by disconnecting compromised systems from the network to prevent further spread of the breach and limit damage. IT employees should activate the organization’s incident response plan to guide the response efforts and ensure a coordinated and effective response to the breach,” Balloon said. “The benefits to putting this in place are clearly defined roles and responsibilities, rapid response and containment, and enhanced preparedness.”
Educate Employees Continuously About Cyber Threats
Balloon noted the importance of cross-team communication when it comes to IT and cybersecurity efforts. IT employees must communicate important information in non-technical terms to increase employee understanding of cybersecurity threats and the organization’s policy and procedures to mitigate risk.
“Organizations want to have continuing education on social engineering attempts. Educate employees about how to spot phishing and smishing attempts that try to grab confidential information, how to avoid them, and report them to IT,” Balloon said. “It’s important to foster a culture of sharing threat intelligence and security updates between teams to stay informed about emerging threats, vulnerabilities, and best practices for mitigating risks.”
Quadel offers IT assessments that help PHAs determine weaknesses in their IT infrastructure. If you’re interested in seeing how Quadel might be able to mitigate cybersecurity risks for your PHA, request a quote.