Miriam knew about the importance of cyber security and its risks. She had been reading articles on topics like phishing emails. What she didn’t have is the expertise to implement the changes needed nor did she know where to start.
Miriam shared, “I knew we were probably not up to scratch with what we had. We didn’t know what we didn’t know. Some of my staff are not at all IT-savvy. I don’t think people will click on a link, but some of the emails are pretty convincing and they just may do so”
This realisation was the first step. She knew that there were a lot of things outside her control. With news of Kiwi businesses being affected by ransomware and the increasing quantity and quality of these cyber threats, it was only a matter of time until they got affected.
Around the same time, Spark knew businesses were struggling to cope with the changes brought by COVID-19. While remote work and video conferencing may seem like the norm today, a lot of SMBs have never implemented them before. Because of this, customers of Spark Business Hubs often get recommendations on IT areas they may need help with. In this specific instance, Spark was offering a cyber security audit with one of their accredited IT partners; iT360. This was perfect timing for Beth-Shean.
While they already had a trusted IT person that helped them with their basic IT needs, the pandemic swiftly changed the dynamics of their relationship. Their provider was also serving other customers and couldn’t give Beth-Shean as much time and focus as before. With everything that was happening, Miriam jumped at the opportunity to get Beth-Shean audited from an expert’s perspective.
[The cyber security audit] puts its contents in a controllable context for me…having a review time, identifying the 6-7 different domains to look at, seeing where you are, then clearly knowing what kind of things we can work on to bring us up to an acceptable level. I found it extremely helpful.Miriam Milson, Administrator & Manager, Beth Shean Trust
Beth Shean Trust Today
The iT360 cyber security audit looks at 7 different dimensions of the business. Following a series of questions to answer, the audit provides quantitative scores on how the company is performing. Overall, this comprehensive audit provides a clear roadmap of things needed to do to improve an organisation’s security.
After taking the assessment, Beth-Shean has moved forward in implementing some of the recommendations. As an example, they have already updated their years’ old passwords and created policies for both new hires and existing staff.
One of the biggest realisations Miriam shared after taking the cyber security assessment was that “we weren’t quite as hopeless as I thought we might have been and that’s reassuring to know.” She acknowledged that some of the information she did not really understand, and she is okay with that. Miriam knew she was not as tech-savvy as iT360 and nor should she be. At the end of the day, all she cares about is that Beth-Shean’s data is safe and secure.
The assessment analysed areas they needed help with and which ones they could do themselves. Not all recommendations would involve big purchases for them. This is what made Miriam place her trust in iT360.
“The fact that the initial consultation was free really did help. It set us up for success. We got enough information from the audit to know we needed to invest some money into updating critical areas and it seemed a reasonable amount of money too.”
“[The cyber security audit] puts its contents in a controllable context for me,” said Miriam. “Having a review time, identifying the 6-7 different domains to look at, seeing where you are, then clearly knowing what kind of things we can work on to bring us up to an acceptable level. I found it extremely helpful.”
When asked about what she thought about the cyber security assessment, Miriam said “I wouldn’t have known the extent of our lack of knowledge without the assessment. Also, we wouldn’t have had the assessment if we had not of been a Spark business customer.”
She further adds that the “assessment was quite in-depth. I think, yeah, iT360 know what they are talking about. They have provided some useful tips, not just trying to sell me something and they weren’t all hard things. Some, we could do it ourselves.”
As a final word of advice for other SMBs, Miriam said that “if you don’t keep on top of things, you could end up in a situation that might cost a lot of money to fix. But for a relatively small amount of money, you’re able to get a sense of assurance that somebody identified our areas of vulnerability”
In a few months, Beth-Shean Trust plans to take the assessment again to find out how they score against where they were a few months ago.