Cybersecurity Dangers Even When Closing Down Your Business
The SBA “Small Business Administration” claims that cyber-attacks are a growing threat for small businesses and the U.S. economy. According to the FBI’s Internet Crime Report, the cost of cyber crimes reached $2.7 billion in 2022 alone. Businesses are not only experiencing these attacks while in business, but also there are cybersecurity dangers even when closing down the business.
MSPs such as JNS depend on their clients such as those serviced by our Managed IT Services team on staying in business. Although, in making every attempt to keep our customers in business, not always and necessarily keeping their internal systems running, but engaging in alternate solutions for new revenue streams. However, between April 2020 and April 2021, 200,000 American businesses closed due to the pandemic.
Not only our customers can lose their business, but equally as an MSP so can we loose our IT Services teams. As with any other vendor or stakeholder, when a business reaches the end or (customer) closes down, understandably all vendors want to get paid and get out.” However, there are cybersecurity implications to not having an orderly exit with your customers. This why many businesses during shutdowns get hacked.
Essentially, there are two types business closings: abrupt and without notice, and planned closures when there has been some preparation which is the route you should go obviously.
In a perfect world, businesses realize that they can’t function anymore and provide a month or multi-month for a smooth wind-down. During this time it is important to arrange for an orderly shutdown that includes data security and decommissioning of hardware. This is the best case scenario.
Cybersecurity threats can arise when a business closes permanently. This can have a negative impact on us and on the customers brand if they want to reopen at a later time.
So the worst scenario is when a business owner realizes that they don’t have enough cash and shuts down without notice.
Both the business and the supporting IT Services company run the risk of a website being hijacked by malicious actors. They can also install code and launch attacks from the site. This can cause reputational damage if the business is shut down. There are also the physical assets of the business.
“We have seen offices left abandoned like workers fleeing from a volcano. Everything is frozen in time and left in its place. ]These abandoned assets could be a goldmine of hackers.
Continue cybersecurity defenses up to closing
Up to closing we make sure that no hacker is left behind. There are laws and regulations that must also be observed. After all we may be liable for data that isn’t protected, even if a business does not exist. It is important to properly handle client data that is highly regulated such as financial or medical customers.
Upon closing we seen some of the equipment could contain credit card and personally identifiable information. We’ve seen offices abandoned with employees writing passwords on notepads at their desks.
We take the time to assess our clients’ economic health and create a plan should they lose their customer base.
However, the reality is that our role in closing a company is limited to what the SMB owners are willing or able to do. We cannot do anything but limit our own exposure, and do what is right by limiting the risk to others and our customers.
These limitations aside, there are guidelines that MSPs should follow when a client is forced to close their doors.
Closing business? But not your cybersecurity checklist
Every client is different, so IT Services providers such as JNS must have an exit plan for each client. Few businesses realize they will go out of business before they do.
Many folks know, “It can occur so suddenly.” every situation is unique, so it’s impossible to have a plan. It is best to have a plan and stick with it.
Every SMB should evaluate their financial health and discuss a plan with their IT Services Provider in case they need it.
If necessary, the Managed IT Services company should disable access to accounts and terminate IT vendor relationships. Data should also be securely destroyed if the company is closing. To prevent breaches, the Managed IT Services provider should coordinate with the IT contact of the company or a CISO.
Websites
This includes working with the hosting company to complete the website’s shut down. However, the Managed IT Service provider arrangement between the business and their hosting company can limit what can be done.
Clients shouldn’t allow their businesses to continue operating on inadvertently because the site was not properly shut down.
Locking down your physical site
This is a more difficult one because the MSP may not be able help the business if they are closing down for lack of funds. However, it is important to do all you can to prevent an empty office with data-packed computer systems sitting around. If the company is in trouble and plans to abandon hardware, you might be able to buy it from them. Or, they may let you take it.
Be vigilant with insiders
If the ship is in danger, insiders may act in a devious way to save passwords, data or hardware. This could have serious cybersecurity implications. If a company is in trouble, the IT Services company must immediately block account access.
It can be difficult to close a business and all it is related information systems, Joint Network Systems is here to help even in these scenarios.
1100 Brickell Bay Drive
Miami Florida 33231
Tel: 866-JNS-NETS
www.jointnetworks.com
Cybersecurity Dangers Even When Closing Down Your Business
The SBA “Small Business Administration” claims that cyber-attacks are a growing threat for small businesses and the U.S. economy. According to the FBI’s Internet Crime Report, the cost of cyber crimes reached $2.7 billion in 2022 alone. Businesses are not only experiencing these attacks while in business, but also there are cybersecurity dangers even when closing down the business.
MSPs such as JNS depend on their clients staying in business. Although, in making every attempt to keep our customers in business, not always and necessarily keeping their internal systems running, but engaging in alternate solutions for new revenue streams. However, between April 2020 and April 2021, 200,000 American businesses closed due to the pandemic.
Not only our customers can lose their business, but equally as an MSP proving IT Services and Phone System Solutions so can we. As with any other vendor or stakeholder, when a business reaches the end or (customer) closes down, understandably all vendors want to get paid and get out.” However, there are cybersecurity implications to not having an orderly exit with your customers. This why many businesses during shutdowns get hacked.
Essentially, there are two types business closings: abrupt and without notice, and planned closures when there has been some preparation which is the route you should go obviously.
In a perfect world, businesses realize that they can’t function anymore and provide a month or multi-month for a smooth wind-down. During this time it is important to arrange for an orderly shutdown that includes data security and decommissioning of hardware. This is the best case scenario.
Cybersecurity threats can arise when a business closes permanently. This can have a negative impact on us and on the customers brand if they want to reopen at a later time.
So the worst scenario is when a business owner realizes that they don’t have enough cash and shuts down without notice.
Both the business and the supporting IT Services company run the risk of a website being hijacked by malicious actors. They can also install code and launch attacks from the site. This can cause reputational damage if the business is shut down. There are also the physical assets of the business.
“We have seen offices left abandoned like workers fleeing from a volcano. Everything is frozen in time and left in its place. ]These abandoned assets could be a goldmine of hackers.
Continue cybersecurity defenses up to closing
Up to closing we make sure that no hacker is left behind. There are laws and regulations that must also be observed. After all we may be liable for data that isn’t protected, even if a business does not exist. It is important to properly handle client data that is highly regulated such as financial or medical customers.
Upon closing we seen some of the equipment could contain credit card and personally identifiable information. We’ve seen offices abandoned with employees writing passwords on notepads at their desks.
We take the time to assess our clients’ economic health and create a plan should they lose their customer base.
However, the reality is that our role in closing a company is limited to what the SMB owners are willing or able to do. We cannot do anything but limit our own exposure, and do what is right by limiting the risk to others and our customers.
These limitations aside, there are guidelines that MSPs should follow when a client is forced to close their doors.
Closing business? But not your cybersecurity checklist
Every client is different, so IT Services providers such as JNS must have an exit plan for each client. Few businesses realize they will go out of business before they do.
Many folks know, “It can occur so suddenly.” every situation is unique, so it’s impossible to have a plan. It is best to have a plan and stick with it.
Every SMB should evaluate their financial health and discuss a plan with their IT Services Provider in case they need it.
If necessary, the Managed IT Services company should disable access to accounts and terminate IT vendor relationships. Data should also be securely destroyed if the company is closing. To prevent breaches, the Managed IT Services provider should coordinate with the IT contact of the company or a CISO.
Websites
This includes working with the hosting company to complete the website’s shut down. However, the Managed IT Service provider arrangement between the business and their hosting company can limit what can be done.
Clients shouldn’t allow their businesses to continue operating on inadvertently because the site was not properly shut down.
Locking down your physical site
This is a more difficult one because the MSP may not be able help the business if they are closing down for lack of funds. However, it is important to do all you can to prevent an empty office with data-packed computer systems sitting around. If the company is in trouble and plans to abandon hardware, you might be able to buy it from them. Or, they may let you take it.
Be vigilant with insiders
If the ship is in danger, insiders may act in a devious way to save passwords, data or hardware. This could have serious cybersecurity implications. If a company is in trouble, the IT Services company must immediately block account access.
It can be difficult to close a business and all it is related information systems, Joint Network Systems is here to help even in these scenarios.
1100 Brickell Bay Drive
Miami Florida 33231
Tel: 866-JNS-NETS
www.jointnetworks.com