Poor IT Policy Implementation – A Use Case in the Construction Industry March 2, 2021 Cyber attacks in construction industry are becoming more common. Builder Co Brothers Ltd. is a building constructor company worldwide and their primary activity consists of manufacturing general building engineering designs and providing consultancy services. To store all the influential information regarding their business, the organization is highly dependent on the physical and cloud-based storage solution to back up their contents of the server.In late 2019, Builder Co Brothers Ltd experienced an attack on their system as they discovered that both their onsite physical backup as well as the secondary cloud backup was affected by ransomware attack. The PDPC was notified that the cyber-attack incident has affected the personal data of 384 employees. How did it happen?In late 2019, Builder Co Brothers Ltd experienced an attack on their system as they discovered that both their onsite physical backup as well as the secondary cloud backup was affected by ransomware attack. The PDPC was notified that the cyber-attack incident has affected the personal data of 384 employees.The method for the ransomware attack remained unidentified but the physical server was unprotected and unverified which opened up a loophole for the hacker. The IT Management was not cautious about cyber-threat protection and did not have good practices which resulted in such an unfortunate attack. After the incident, they improved their procedures with proper backup and adopting of new solutions, to avoid future cyber attacks in construction industry. What they did not do?Unprotected ServersBad IT Practices and Poor IT Policy ManagementNo Privilege Access Management DeployedNo Proper Schedules for Servers BackupOrganization’s ImpactLost of Trust by Employees and CustomersReputation and Branding LossHigh IT Infrastructure Cost to Rectify IssuesInternal Staff Retraining and AwarenessIncreased vulnerability to cyber attacks in construction industry X-PHY Protection Method1. Key Code 2-Factor and Key Code Pro-X within the X-Factor Encryption Lock verify all the data in X-PHY® using unique encryption keys and check any activity before it takes place in the server. Making it impossible for the attacker to upload the malicious files into the server.2. Once the X-File Forensic Agent features detect any ransomware activities in the server, Key Code 2-Factor will be triggered immediately.3. Key Code 2-Factor within the X-Factor Encryption Lock locks the data and makes it accessed only by pairing multiple encryption keys that prevent the ransomware from accessing the data.4. X-PHY® then locks down the data completely by entering the safe mode.This is how X-PHY can help mitigate cyber attacks in construction industry. Share This On Your Favorite Social Media!