You keep your system firewalls current with regular updates and a switched-on IT provider. What about the human factor?
Scammers using social engineering can fool organisation leaders and team members into revealing key data. Just as people become wise to one technique, scammers develop another. They rely on people being friendly, helpful or naïve. Raise the subject regularly in team meetings to alert your team to scams and strategies to block them.
For instance, ‘pretexting' is a scam where the scammer pretends to be a genuine contact to obtain sensitive data:
- A caller says they’re from the organisation's IT consultant and asks for login details because they’re doing ‘routine maintenance’ and need remote access
- A contact comes through social media as a prospect interested in what the business offers, lulling you into revealing sensitive information
- Team member get an email asking them to purchase some gift cards and then reply back with the details
Run scenarios with your team. Learn to take a minute. Think. Who do you call to verify the contact is genuine? Your in-house IT Manager, your IT consultant or your Organisation Manager? Put procedures in place to safeguard what information is given out, when and to whom.
"I have had regular monthly coaching with Michelle for two years, I found Michelle kind and thoughtful, also analytical. It is helpful each session to review the numbers, budgeting and discuss forecasting with the different events that are occurring in the trust regularly. Each meeting our discussions resulted in myself as CEO to understand the numbers more and receive helpful tips towards improving our financial reporting to make them more readable and understandable to the board."
