UKBA logo dark

AA Proves That No Company Is Immune

By Bob Lewis-Basson

I’m often asked by potential new clients why IT support for small businesses is so critical. They want to know what I can offer as a consultant that their in-house IT departments might be lacking. Fair enough. The answer to their questions can be found simply by paying attention to the news.

One recent new story that caught my attention was that of insurance agent AA finally publicly admitting to a serious security breach that exposed the personal information of over 120,000 customers. The breach itself was nothing nefarious in nature. Rather, it was the result of a simple server misconfiguration involving backed up data.

How It Happened

The previously mentioned server configuration resulted in 13 GB of data on AA’s website being accessible to the public for a short amount of time. The data included information on customer accounts and orders, including the final four digits of the payment cards customers use to make their purchases. As many as 117,000 unique e-mail addresses were also exposed by the breach.

When the car insurance company first discovered the breach, they attempted to downplay its seriousness by simply telling customers to reset their passwords. That decision did not sit well and AA was forced to admit under media scrutiny that their data had been compromised. They blamed the problem on an IT vendor, insisting that all customer data is now safe.

IT Mistakes Happen

Technology is, by its very nature, somewhat complicated to operate and maintain. No company is immune from IT mistakes ranging from the very minor to the absolutely devastating. AA is proof of that. Furthermore, it doesn’t take a full-scale assault on a company’s network to cause problems. A minor misconfiguration of a server is all that’s necessary.

Third-party IT support for businesses – particularly consulting – offers an impartial perspective capable of identifying potential problems without bias or emotional attachment. Consider what I can do in cases like this. I can offer your company a complete audit of your network hardware, software, and security systems on a regular basis. Regular audits greatly reduce the risks of data breaches by identifying problems in their earliest stages.

It is not possible to say for sure that an outside consultant could have prevented the problem that occurred at AA. Unfortunately, we still don’t have all the details of exactly what happened. But I can say for certain that regular audits of a company’s systems are key to keeping the risks of security breaches at their absolute minimum.

If your company doesn’t yet take advantage of third-party IT support for businesses, I encourage you to ask yourself why that is. Are you under the impression that outside services will not help your company’s IT department? If so, I would love the opportunity to prove how valuable my services are. One of the best things you could do for your company and your IT department is to work with an outside consultant capable of providing an unbiased and fresh perspective.

Sources:

The Register – https://www.theregister.co.uk/2017/07/08/aa_apology_security_breach/

By Bob Lewis-Basson.

Contact us for further information

Need advice & guidance?

We have advisors all over the UK. Get in touch today for expert guidance and support.