Malware, Ghostware and Worms… Oh My!
In this month’s issue, Roofing Contractor explores emerging technologies. Nearly every day we hear of new and improved systems to help your roofing business operate more efficiently, with more robust and seamless communications between the office, the field, vendors and customers.
In addition to the rise of great apps to drive the sales, marketing, production, and finance/accounting portions of your business, we’re seeing improvements in online worker recruiting and training initiatives. We can imagine the Internet of things becoming a more useful part of the roof-contracting business with the deployment of geo-tracking systems on not only company vehicles, but all hardware assets that are used on remote worksites.
Driving many new innovations is connectivity: The ability to access data and communicate instantly over your entire business platform. The increased use of the Internet has been supported by improving network hardware systems and expanding bandwidth.
As your roofing business has become more connected, however, the danger of malicious attack from outside your business has increased. Dramatically. As you’ve adopted new technologies and connections, have you likewise adopted new systems and policies to protect your business from attack?
I stake no claim to any level of expertise in cybersecurity, but would like to offer a few thought starters for your consideration.
To begin with, you should review your policies on the use of company computer and telecom systems and devices. Even if you have a written policy in place, it’s likely that some apps or hardware weren’t even around the last time you updated it. If you don’t have a written policy, it’s a good idea if you have any connected devices.
While you’re at it, take a serious look at how your written policies are being enforced. Chances are you may need to reel in some personal use of company systems and when/where they’re connected online. In some cases, you may need to review and change access to establish a separation of duties between personnel.
Look at your computer’s operating systems, Internet browsers, network protection and malware software. It’s not enough just to have the latest version of these systems; it’s essential to maintain updates on all devices. Many updates are patches in holes that allow bad actors into your system to create mischief.
You need someone in charge of these things and you may want to bring in some professional assistance. In any event, it should be someone besides yourself. All this cybersecurity is important, but you must still run your roofing business.
There are more things to consider, but here’s one last item to ponder: Make a disaster recovery plan a part of your written policy. What would you do if your system were attacked, shut down, and held for ransom? What if your banking or other vital data becomes public? Who do you call and what do you do? Following a written plan in the event of an attack will get your business back faster and result in fewer losses.
And remember this: Just because you’re not worried about any headless worms, ghostware, or two-faced malware… it doesn’t mean they aren’t out to get you!