Your supply chain is an essential cog in the machine that is your business. With the finality of Brexit looming (we are to officially leave and enter our transition period on 23rd March 2019) big changes are coming up for UK business that could affect your supply chain.
With this in mind, what would you do if your supply chain was breached and a supplier was hacked? Do you know what would happen next?
According to research from the Ponemon Institute, only 35% of companies have a list of all the third parties they’re sharing sensitive information with. As your business grows and your supply chain expands, sometimes it can be difficult to keep track of the complex web of suppliers which provide key services for your brand.
A third-party supplier can be anything from the company that provides your electricity, a catering company or the company you use to import the all-important goods that you sell in your online store.
As we move closer to Brexit, now is the time to be thinking more carefully about our supply chains and how to keep them safe, particularly from the threats of cybersecurity breaches.
We’ve teamed up with Secarma, the cybersecurity and ethical hacking experts, to bring you the top five security tips to protect your supply chain.
First things first…
1. Get your security basics right
Without a stable foundation, how can your business stay secure? According to the Online Trust Alliance, 93% of all breaches in 2017 could have been avoided with simple cyber practices. The main culprits are unpatched and out-of-date systems and poor or weak password management.
When it comes to your passwords, follow these simple rules:
Educating your staff on phishing attacks and basic security tips is vital to keep yourself safe. For example, never give away your details to unknown companies or leave your screen unlocked when it could be seen by someone outside the company. Implement this training as soon as possible to tick another box of the foundations of keeping your company secure.
Symantec’s Annual Internet Security Threat Report showed a 200% increase in supply chain attacks in 2017, and that’s just the ones that were reported.
As we’ve mentioned before, your web of suppliers naturally grows and becomes more complicated over time.
It should be more than one person’s responsibility within your company to keep an up-to-date list of suppliers, this way if one person is out of the office, you always have someone in the office who is able to tell you the details of a supplier – the wheres, the hows and the whys.
Creating a close working relationship with your suppliers brings massive obvious advantages to your business. When you’re able to have simple, honest conversations – asking about their procedures and keeping on top of any new legislation – you’re also able to maintain control more and awareness of potential cybersecurity issues.
Share best-practise between your team and theirs so they are in-the-know about the latest security tips and procedures that you use within your own company, while you can learn from theirs.
In all honesty, suppliers should only see the most basic level of information needed to complete their role in your supply chain. They should only be given access to your network if it is truly needed.
Privilege levels are here to help. Different tiers of access mean only the few who really need it can access the core of your data, while those who need low-level access to the basic information can simply access this and no more. The more critical the data, the stronger the security measures you need to put in place around access. What information do your suppliers really need to see?
It is equally important to segregate your network. Splitting your network into different sections means that if a supplier was to be breached, it’s harder for hackers to jump across to your network and gain access to your critical data.
Whether it’s a new supplier relationship or one that’s existed for many years, you need to ensure you’re taking control of the relationship in regards to the minimum security requirements suppliers should adhere to.
When it comes down to it, you have to do your utmost to keep yourself safe from all angles. There’s no use going to extensive lengths to secure your business from the outside if you’re not going to do the same from the inside.
Carry out a penetration test so you can see how easily the hackers could access your systems. These tests highlight any potential holes that would give hackers access to your systems and data, and make recommendations on how to resolve these issues and remain secure. It’s only after this that you’ll know just how secure you really are.
Or speak to your account manager or a member of the UKFast Sales team
to get the best from your security solution.