5 Security Scares to Watch Out For This Halloween

Posted on 31 October 2019

This Halloween, there are plenty of spine-chilling threats for your IT team to be afraid of. Don’t fret, though: we’ve consulted our Ouija board to give you a helping hand, meaning cyber security doesn’t have to be one of them.

Everybody loves Halloween, but along with the treats that come with this spooky season, there are equally plenty of tricks. Those nasty surprises could be lurking in your corporate systems already and causing unknown havoc. Reader beware: someone could be leeching off your precious data, bugs could be crawling all over your company devices, or a shadowy figure could be lying in wait for a member of your team to make a fatal error – so they can pounce.

Equifax, Bupa, and British Airways are just a few of the many organisations that have experienced their worst nightmare with a large data breach, but malicious actors target businesses of all shapes and sizes. There’s no rest for the wicked, however being armed with knowledge (and the right tech) is the best way to avoid your own Halloween horror show. With that said, we’ve consulted the ancestors, the old gods, and a spirit or two to compile a creepy catalogue of things to look out for. Here’s a list of 5 things that go bump in the night:



Hackers are the most well-known fiends of the cyber security world, and as they get more and more sophisticated, combating their schemes becomes more of a daunting (or should it be haunting?) task. Although you may only hear about large organisations falling victim to a monstrous hacking effort, no organisation is too small to be a target. All data is useful, and no-matter your company size, ravenous hordes are hungry for it.

These creepy crawlers can be kept at bay with the right tech that can expose and combat threats a break-neck speed, so unmask these villains with the help of Microsoft’s cyber security solutions. Find out more about how we partner with Microsoft to protect your business here.



Password Fatigue

Sometimes we can be our own worst enemy, but don’t let password management scare the life out of you. The average user needs logins for work, social media, banking, apps, and more, so having a unique password for each one is quite a feat. As a result, many users will duplicate passwords, create simple passwords, or physically store passwords in a way that is easily accessible to prying eyes – all of these things weaken your security, and all it takes is one weak link to spell disaster for your business.

The silver bullet to this situation is Single Sign-On. With SSO, users only enter one set of credentials to access their web apps in the cloud and behind the company firewall. Our partners OneLogin specialise in SSO and can build trusted experiences for your workforce, while keeping password related woes at bay.



Human Error

It’s impossible to build the perfect employee from scratch, but you can train your workforce to take the correct precautions, make less mistakes, and keep cyber security at the forefront of their practice at all times. Human error is, by far, the leading cause of data breaches, and although sometimes it may feel as though you have clowns to the left of you and jokers to the right, there’s no need to be stuck in the middle.

With robust training schemes, you can educate your team at lightning speed, breathing life back into your workforce, and energising them in their security management. Looking into our in-house and partner-led training schemes is the best way to put a stop to a series of unfortunate events.



Shadow IT

Shadow IT stands out as a clear concern because even the name sounds spooky. The first way to tackle this shady practice is to develop your knowledge and shed some light onto the situation. Shadow IT is where devices, software, and services are used by your employees without the ownership, control, or sometimes even the awareness of your IT department. Unsanctioned apps could be lurking inside your corporate devices and turning each one into its own haunted house – with no way for your IT department to reign them in.

Bring your workplace out of the shadows with help from Microsoft’s Cloud Access Security Broker, an enlightening way to extend your security policies into the cloud. It starts by giving you a detailed picture of what cloud applications employees are using and provides you with the tools to control that usage and protect your organisation.



Social Engineering

Social engineering schemes are on the rise, with phishing attempts having grown 65% over the course of the last year. More than 1.5 million new phishing sites are launched each month, so, in other words, there are plenty more fish in the sea. Cyber criminals are always finding new ways to make their targets fall hook, line, and sinker for their schemes, for example the practice of angler phishing – posing as a trusted source over social media in order to secure user details or direct an unsuspecting victim to a malicious website. Additionally, social engineering scams are increasingly targeting mobile users, due to the way that phones display email content, inadvertently acting like a mask that hides the true identity of the sender.

These creatures from the Black Lagoon can be vanquished, the same as any ghoul. Phishing scams rely on a user’s naivety, so ensure your staff are fully trained and up to date on social engineering techniques. If an email from a trusted source reads in an unexpected way, question it before clicking any links, as it’s important to verify a source before you can trust it. A strong anti-spam filter is also a good way to make sure that dangerous emails never see the light of day.


Weak cyber security can be a real plague on your business, but with knowledge on your side, a fully trained workforce, and the latest technological defences, you can exorcise your digital demons and enjoy the Halloween festivities without getting spooked.

If you’d like to know more about combating the spookiest of cyber threats, just contact a member of our dedicated team – we ain’t afraid of no ghosts!

A few people we've already done it for