Safeguard your company

Take steps to protect your business from cyber threats.

During the past several months, hacking of computer systems has caused widespread mayhem across a myriad of industries. Roofing companies are not immune, and you should safeguard your systems to avoid disruptions, which can be catastrophic.

According to constructiondive.com, during the past three years, cloud-based email breaches cost U.S. businesses more than $2 billion. David Anderson, principal cybersecurity consultant at Minneapolis-based CliftonLarsonAllen, told constructiondive.com about 80% of data breaches involve password compromises and an increase in remote work during the COVID-19 pandemic increased opportunities for breaches.

In addition to password compromises, Anderson shared the top ways hackers infiltrate company computer systems:

  • Business email compromise. This entails email spoofing where hackers pose as trusted email senders asking recipients to click on links that will allow hackers access to data.
  • Domain impersonation. Hackers can purchase domain names similar to your company’s domain name. They simply change a letter to fool recipients into trusting emailers.
  • Name dropping. Hackers can create an email address appearing to be a CEO’s email address and ask an employee to buy and mail gift cards to a given address. (This, in fact, happened at NRCA, and I thought NRCA CEO Reid Ribble wanted me to buy several $100 Amazon gift cards. The email looked surprisingly legitimate.)
  • Unauthorized access. Another way hackers can gain access is to use a compromised legitimate mailbox to send email.
  • Password guessing. Weak passwords that don’t contain a combination of uppercase and lowercase letters, numerals and symbols can fall prey to hackers guessing passwords correctly and entering a system.

To protect yourself against hackers, Anderson recommended these protective measures:

  • Enable multifactor authentication on as many accounts as possible.
  • Harden your email spam filter.
  • Create a strong password policy with long passwords.
  • Train employees to look for suspicious emails.
  • Keep backups that are isolated from your network.
  • Consider cyber insurance.
  • Evaluate security controls of third parties.

Better to be safe than sorry!

AMBIKA PUNIANI REID is editor of Professional Roofing and NRCA’s vice president of communications.

More Like This

  • The durability factor

    Consider the benefits of cold-applied liquid waterproofing for performance-critical waterproofing jobs.

  • Roofing “old red”

    CMR Construction and Roofing, Dallas, restores the slate roof system on a Dallas museum.

  • An improved offering

    Health care plans have evolved, and you may want to consider switching.

;