If you spend any time at all searching the Internet you’re bound to be offered all sorts of great sounding software and services – for FREE!  But as our parents told us, “There’s no free lunch, somebody gets the bill.”  Unfortunately, in the cybersecurity world we live in today, you’re the one getting stuck with the bill when you often don’t even realize it. Let’s review your costs of FREE for just a few of the software and Internet service offerings you may even be using right now.

INSECURITY

One of the most common free services I see used today is DropBox. The free, consumer version is great.  Within one minute of signing up I can upload files too big to email and send them to someone anywhere on the globe. What could be better?  What you aren’t paying for and certainly not getting is a cyber secure place to put sensitive business information.  DropBox has been breached multiple times.  If you’ve had an account with them for long I’m sure you’ve gotten an email telling you to change your password because your login information has been compromised. That’s a fancy word for “STOLEN by cyber criminals.”  The best cyber protection in the world won’t stop a valid username & password that’s been stolen.  (The one exception is multi-factor authentication, but that’s another topic.)

Here’s a sobering stat:  76% of network intrusions exploit weak or stolen credentials (email & passwords)

No matter the service that you use to store data in the cloud, if you want assurances that it is business class protection, ask for a HIPAA Business Associates Agreement (BAA) to cover the service even if your firm isn’t subject to HIPAA.  The cybersecurity requirements are such that if they offer a BAA it is greater assurance the company is being more protective of your data. Generally, the consumer grade versions won't provide a BAA.  I know what that tells me, RUN AWAY.

HIDDEN GOODIES

If you don’t know my humor, the above line would be stated with extremely dry sarcasm. Many free pieces of software are packed with something.  Whether it’s software which causes a pop-up advertisement every time you use the software, or worse, installs malware or ransomware on your computer that won’t trigger for 6 months (so you don’t suspect it), either way it’s BAD.  If you have employees, you better have a policy of not downloading and installing ANY software without the approval of your IT.  This single mistake has bankrupted businesses. Just ask me, I’ll send you the links.

NO SUPPORT

The last cost you pay is no support. If the software or service doesn’t do something correctly or acts badly, when you call me for support I’m likely to say (under my breath) “You get what you pay for.”  My service fixing it on the other hand is going to cost you, sometimes dearly.  By fixing, I normally mean, ripping it out of your computer for good.

Don’t get me wrong, I like free as much as the next guy.  There are some really cool things out there. My advice is not to use it for your business without proper research & approval.  The risk is too great to your clients, your reputation and to any regulatory requirements to which  your firm may be subject.  Do your IT support a favor and ask them before you use or install anything FREE on your business network or devices.

If you’ve had your own cyber nightmares with “free” please leave a comment or send me an email at rrusch.comment@secureerpinc.com.  These also serve as warnings to others.

About the Author, Rick Rusch

For over 25 years Rick Rusch has helped companies utilize technology safely & productively. Recognizing the dangers of the Internet age several years ago, Rick has passionately focused on cybersecurity to help clients guard their reputations & their most precious asset, their digital data. Learn more about me at https://www.secureerpinc.com/about-us/