Credit : CNA
This type of news is too common and it seems owners are at the mercy of the staff that is managing the system.
How many of you have got SOP in place as what to do when a staff resigned?
Email password, bank internet access disabled, accounting system password change? Payroll system password changed? etc?
https://api.realtimme.io/basic/index.html?Change_user_password.htm
The due diligence part of the business owner is to ensure that all password given to the exiting staff be changed before the news of termination is sent to them.
However, the case mentioned here is the disgruntled staff “hacked” into the system without the valid id and password.
It was said that his adminstrator creditials were still valid, meaning he still have access to the company system.
The cost of the damage is estimated to be SGD918,000, not including, I believe the loss of time and recovery costs that keep adding up months into the operation.
Not sure if they have got backup, however, if the perpetrator knows the system too well, all backups will still be messed up.
I always advised our users to print a hardcopy into pdf or excel of the relevant reports at the end of each month
If possible, print half monthly, depending on your resources.
To limit junior uses from deleting or editing posted records. However it is challenging that SME only have limited staff and
often not, rights to access and print is not properly designated.
https://api.realtimme.io/basic/index.html?User_Group_Control.htm
Use one-time password to authenticate user access (that is provided you disabled the exiting staff email account.
In a worst case scenario, the vendor can quickly move the data into the
system. Imagine you have thousands of records of customers’ profile, supplier profiles and stock profiles, that painstakingly took many years to build up.
https://api.realtimme.io/basic/index.html?Excel.htm
And what happen if the person tasked to do protect the data is finally become the perpetrator? We still require the owner of the system to do the job.
As for Realtimme Cloud, we have a copy of daily backup done for our users. We can always recover the latest copy and you lost only a few days of data.
The amount of data recovery will be subject to the damage done to the system.
Situation can arise when current users noticed that the damage could go back to months ago, where records were randomly deleted
and all appears to be in order when it is not.
Should you need further advise, do feel free to email to our team
sales@realtimme.net or WhatsApp +65 81488824