Why the LexisNexis Security Failure is a Wake-Up Call for Small Business

Towards the end of February of this year, LexisNexis Legal & Professional fell victim to a data breach in which the responsible party accessed the data analytics company’s Amazon Web Services infrastructure due to an unpatched application. While the data leak itself was (according to LexisNexis L&P, at least) relatively minimal, this breach presents an opportunity to reiterate the importance of an easy-to-overlook vulnerability that quietly causes problems for businesses of all sizes.

After all, if a multi-billion-dollar enterprise can be tripped up, what’s to say you won’t be?

You Should Never Assume It Won’t Happen to You

It is too simple for the average person in charge of a small to medium-sized business to operate under one or two critically flawed presumptions:

1. Cybercriminals are only interested in targeting large businesses
2. There are so many potential targets out there that the likelihood of being attacked is small enough to protect them

Both are problematic. Not only are businesses of all sizes targeted, but cybercriminals now use tools that identify vulnerabilities, enabling them to scale their efforts considerably. All it takes is a single open door.

Don’t Put Off Patch Management

It is critical that you regularly apply the appropriate patches (or fixes to existing software) that developers will release for both your productivity and your security. If a cyberthreat relies on a particular vulnerability, patching your IT against it means that’s one less threat you need to worry about.

This is assuming, of course, that you have installed these crucial updates.

As a general rule, software devs will make patches available, but the responsibility falls on the business itself to apply them in a timely manner. Failing to do so is effectively accepting the increased risk of being breached.

How to Keep Your Business Secure

Here are a few essential tips to help you keep your IT properly updated:

Keep Up with Your Inventory

Yes, software counts. You need visibility into the tools your team uses every day, both to avoid issues caused by shadow IT and to better track where patches should be applied.

Automate Your Patches

Updates can be hard to keep track of, so it isn’t a bad idea to set up your systems to automatically apply them as they become available.

Turn to the Pros

Many organizations benefit from recruiting an external provider like us to ensure patches and other critical maintenance are handled, allowing them to continue focusing on their core goals.

Avoid What Happened to LexisNexis

We can help. Reach out at (832) 514-6260 to learn more.