Peter Hartley has a background in datacentre security, strategy, design & management for some of Australia’s largest corporate and government organisations. This positions Peter to always have his mind on the future direction and success of your business. Ambient iT doesn’t believe that small businesses should think small when it comes to protecting their data and they pride themselves in creating big business solutions on a small business budget. It is important to remember that your data and that of your clients is directly tied to your reputation and should always be handled with care.

Nadine: Hello and welcome, everyone. We’re here running a short summit with the aim to provide brokers with the general and industry-specific strategies, hacks, and information to assist with the continuation of business through the current COVID crisis. We’ll cover four important topics delivered by industry experts in their respective fields.

IT and Online Security will be delivered by Peter from Ambient IT. Hello, Peter. Awesome. Okay. Let’s just roll straight into it. Peter, what can brokers do in this environment to help protect them online and make sure that their data is secure?

Peter: Hi, Nadine. Okay, so the answer to this is a really complex one that I will try to make it as simple as possible. Technology changes at an incredibly rapid pace. In fact, it is the fastest-changing field and subject of study on the face of the planet even more so than medical.

So what we have done is we’ve digested it down into a few simple tips; that things you need to consider that will help you move forward with how you approach your data sovereignty where it sits, how you protect yourself against the multitude of threats that are out there and a direction to head going forward and considerations you need to make.

So on that front, our focuses for this are, first and foremost: your data storage. Our strong recommendation in this day and age is to look at a cloud-based solution. The reason for this is that the old adage of a VPN will protect me and my data will sit on a server in my office is no longer the safest way to handle things. The amount of data that people hold is actually quite high and the amount of personally-protected, personal identifiable information that an average broker will hold potentially throws them in a massive risk of breach for being caught out in notifiable data breach scenarios if they mistakenly click the wrong email and access the wrong piece of information.

So with this, what we would recommend is looking at your options whether it be with Google Drive, whether it be with Microsoft Office 365, even Dropbox, there’s a number of tools out there but the first and foremost most important aspect of this is click the button, go into your settings and have a look at where your data is stored.

For most of these, they’ve now automatically set you to within a country region of Australia which will keep you protected and set you up right. However, it’s always worth asking your IT guys just do that little bit of an extra check and make sure that you are covered in that aspect. Notifiable data breach fines are excessively high and it’s not something that anyone ever wants to experience.

Second, make sure you have backups. With a move to home, a lot of people haven’t considered the thought as to ‘who’s actually handling my backups now?’. So if you did have it stored on a local server in your office or even if you had it stored on your local computer, your laptop that you work off on a daily basis that may have been backing up to a device that is no longer connected to you while you’re working from home and you need to be thinking about how you’re backing up your data and making sure that it’s actually protected and encrypted so that your data, if somebody does get their hands on it, is entirely useless to them.

Third, turn on your firewall. Now this is a common one we come across. A lot of people don’t like the annoying pop-ups that come up every time they try to open a new piece of software or open a new program and that frustration leads them to turn off their firewall, turn off the protections that are built in place. The reality is, though, they’re there for a reason. So turn them on, use them, the tools that are there reboot pops up on your screen because as much as we all love to live in this instant yes, yes next, next environment, it’s a very dangerous approach to take to things. And if you’re ever concerned just ask. Most IT people know what you’re installing. We’ve come across it, we’ve worked with it, and we’ve handled it so we’re more than happy to turn around and provide that quick little bit of advice that says, ‘don’t click on that’ just to be on the safe side.

A good quality anti-virus. Now this one I can’t stress enough. A number of months ago, Avast and AVG who are owned by the same parent company, the largest most commonly installed free antivirus tools available. Everybody loved them because they’re simple, they’re easy to use, and they do a reasonably good job of protecting you from viruses. The catch-22 with this is that if it is a free product, chances are you are the product and in this case you very much were. They were offshoring your data, uploading it into the cloud, and taking that information to use for their own purposes and potentially sell on to other people. Educate yourself.

Now there’s so much information out there about IT. It’s hard to know what you can and can’t trust. So what I would strongly recommend is unless your mother and grandmother work in IT, do not trust what they post and share on Facebook. Go to your trusted IT provider.

The government has a fantastic site Jump on there, sign up for the notifications, honestly, it’s probably an email every two weeks so it’s not a lot of information to digest, it’s really easy and simple and jump online, follow your local IT provider. Follow us if you feel so inclined. We’re always posting up new and fresh information about what is out there, what you need to do, and how you can protect yourself. There are a lot of scams out there especially with COVID-19 being what it is right at the moment, there’s a lot of people who are considering this from a point of what is real and what is not.

Just so you’re aware, you cannot protect yourself from COVID-19 with any form of electronic device that you buy online, so don’t click the links in those emails and consider very much what you’ve got sitting in front of you before you actually dive into it. Data encryption is important. You need to consider that the data that you’re handling online, how you’re passing it to and from your clients, that is encrypted and protected but also look at encrypting your data on your local machine so that if you were to lose your phone, your laptop, a portable hard drive, that information is not accessible to the outside world and you have absolute peace of mind that even if they did really, really want to get into it, chances are, on some of the world’s largest computers with the current generation of encryption, that would take 40 or 50 years at that point in time it’s probably not your issue to worry about anymore and the data is very likely irrelevant.

Look at using mobile device management tools and multi-factor authentication. We have so much data on our phones. It honestly baffles me how much people don’t consider them as an important part of their data security. On my phone, I have contacts for almost every single one of my clients. I have emails, I have access to my password management tools, I have a full history of information on here. This phone is worth far more than any laptop in my entire organization. So because of that, we make sure that the phone has a proper encryption on it, we make sure that it’s always up-to-date and we make sure that we use proper security on it. So no putting in 1 1 1 1 as your pin code password. Look at using proper tools. Fingerprint is always far better than facial recognition. That really comes in handy if you’re going to fall asleep and one of your friends is going to get access to your phone. So just make sure that you cover yourself for these sorts of things.

And be careful when you work within an email environment. So for everyone in the way that we all work, we’re inundated. The average person receives something like 80 to 90 emails a day. The average business receives somewhere closer on 200 emails a day. Now a good portion of those are things we’ve signed up for at one point in time to get a discount on an online store and we never look at again. What we need to be careful with is when we see these emails come through, check the links, hover over the links in the emails and you’ll see down the bottom left-hand corner of your program it’ll tell you where that link is going or I’ll hover up underneath your mouse pointer to tell you where that’s going to. So if you were to get an email from say for example Australia Post, you hover over it and the link finishes with something like .in which is the India country code for websites, .cn China, .ru for Russia, one of these many other places that naturally Australia Post is not going to have a web site in the presence, consider that side of things. Don’t click that link. If you have not traveled to South Australia recently and you receive a speeding fine from South Australia, chances are you’re probably safe to delete that.

So there’s a few common-sense things that, unfortunately, because we’re so inundated we don’t stop for a moment and think and you need to slow down, take that moment, consider what you’re about to do on your computer whether that be install a new piece of software, whether that be open a link, whether that be even dialing into a video conferencing meeting which is far more common these days, look at your tools.

Assess what you have available to you, have a look at the information that’s out there, and ask your trusted IT people. We’re professionals, we’ve been doing this for a long time and we have a lot of experience even those who have not been doing it for that long, it’s what we do for a living. You wouldn’t go down to your local butcher and say ‘hey I’ve got this strange rash can you please tell me how to fix it’. So please don’t go to your next-door neighbor and ask him how to fix your IT problem. Go and seek the help of a professional to make sure that you’re actually equipped to move forward in these environments.

Nadine: Ok, fantastic. Thank you, Peter. So basically we need to be making sure that we are being a little more cautious especially with everything that’s going on. Follow a common-sense approach to things and lean on the experts, you know, that we have in our purview whether this be Ambient IT or any IT provider, people that know the industry and it’s in their best interest to help us. So follow your experts, people.

Peter: A hundred percent yes.

Nadine: Yeah, ok fantastic. Thank you, Peter.