By now, you will have heard about the WannaCrypt “ransomware” cyber attack which swept the globe and took down international giants like Telefonica and FedEx. It was reported as one of the largest coordinated attacks to hit computers worldwide.
No doubt you received some very sage advice at the time about updating old devices, upgrading your antivirus software, reinforcing firewalls, securely backing up your data and looking out for scam emails.
The advice you didn’t get is to broaden your focus from just your technology to include your entire business operations. You need to think about how you will manage your business processes and customers in the event of an attack and, importantly, how you will protect yourself from lawsuits in the event of a major disruption.
Despite reports that the WannaCrypt ransomware has finally been disabled, shoring up your business protocols should still be at the top of your list of priorities as variants and copycats of the program remain.
Here are 3 simple steps you can take today to protect your business from the potentially catastrophic impact of a cyber attack:
1. Update your client agreements
Your clients need to be aware of the risk of a cyber attack impacting the work you’re doing for them. Set out clearly in your Client Agreement that you use electronic communication and tools to run your business and, while you take every precaution to protect against cyber attacks, you won’t be liable in the event of an attack causing damage, such as data loss or theft, delay or even fraud.
2. Update your website’s Terms of Use and Disclaimer
Your website should have Terms of Use and a Disclaimer in an easily accessible place (most people include a link at the bottom of the webpage, which sends users to a dedicated page). To make sure your Terms and Disclaimer are sufficient to cover cyber attacks, look for mentions of electronic communications, cyber attacks, ransomware and hacked links. Make sure your documents protect you from liability for such attacks. If you’re unsure about whether your Terms of Use and Disclaimer are enough to protect your business, get in touch with us today to update them to make sure you’re covered.
3. Review your Privacy Policy
A Privacy Policy isn’t just a template document. Your Privacy Policy document is a reflection of the actual policy you have in place to protect the private information you collect from your website viewers and clients, such as names, email and physical addresses and phone numbers. While a Privacy Policy document isn’t strictly necessary for all businesses, it instils confidence in your users (therefore making them more likely to trust you and even to buy).
The presence of a Privacy Policy document on your website also impacts your Google ranking. Now is the time to review your privacy practices and see if you can better protect the personal information you collect. This is particularly important given the potential for data theft and even identity fraud in the event of a ransomware attack.
If you don’t have a privacy policy yet, or if you’re not sure if your privacy policy is still suitable considering these recent attacks, get in touch with us – we can help you put a solid policy in place that protects you and your website users.
