Safer Internet Day calls upon all of us to make the internet a safer and better place for everyone. According to a 2017 Ponemon Institute survey of over 1000 IT leaders at small- and medium-sized businesses, 54% of data breaches happened as a direct result of a negligent employee or contractor. Every member of your organization has a role to play in keeping your business safe. Read on for ideas and recommendations to help secure your business, or click here if your business is ready to undergo a cybersecurity assessment.
1) Create a Culture of Safety
Better Business Bureau’s 2017 State of Cybersecurity Among Small Businesses in North America report showed that 47% of small businesses believe the first line of cybersecurity defense in their business was employee education. This is a continuous process and should be performed a minimum of once a year, however, we would recommend quarterly reminders. Here are some simple tips to help keep you safe in our digital world.
- Be wary of email attachments and web links and DO NOT click or open on emails you were not expecting.
- Keep work and personal life separate by using separate systems and email addresses for both.
- Never insert unrecognized storage devices into your computer, server, or mobile device.
- Disable “auto-run” on your devices for USB, CD, or DVD drives to prevent malware from automatically installing if you inadvertently insert an affected disk.
- Be cautious when downloading software and only download from reputable businesses that you are work with.
- NEVER share your username or password. Also be wary of answering questions about what type of operating systems or firewalls you use, as this information can make it easier for a hacker to gain unauthorized access.
- Keep an eye out for harmful pop-ups, and do not respond to any popup asking you to click “ok” for any reason. Use popup blockers and only accept pop-ups from websites you trust.
- Use strong passwords with a mix of random upper and lowercase numbers, special characters, and are at least 12 characters long. Where possible, enable multifactor authentication.
- Be more secure online by only accessing banking, medical, and other sensitive information from a secure browser connection.
2) Protect Your Digital Assets
According to the 2017 State of Cybersecurity Among Small Businesses in North America survey, 11% of respondents indicated they had no cybersecurity measures in place. The top two contributing factors for the absence of security measures were a lack of resources and expertise. Also in the Ponemon Institute’s 2017 survey, 61% of small businesses had experienced a cyber attack. Four years later, malicious actors have only become more creative in their efforts to steal your confidential information. Here are 5 things you can do to start securing your business.
- Protect your email inbox – The weakest point of entry into your confidential data is email, mostly as a result of employees unknowingly falling for phishing and other email scams. Make sure you’re utilizing software that scans email for potentially dangerous viruses and links is the first step in protecting your business, along with educating employees on the common phishing tactics.
- Secure your server – Limit access to cloud backups, firewalls, and server access to only authorized users whose jobs require that they have access. The fewer points of entry there are, the easier it is to keep an eye on what is happening on your network, and the quicker you will be able to react in the event of a breach.
- Partner with a security-focused managed service provider – Maybe you don’t have a dedicated IT professional on staff – or if you do they may not specialize in cybersecurity. Regardless, partnering with an outside IT firm is well worth the investment.
- Create and enforce secure password protocols – Passwords need to be complicated and difficult to predict and are most effective when paired with multifactor authentication wherever possible. Remind your employees of the real and constant danger of hacking and how password protocols can be effective in preventing a breach. Investing in a password management system can also reduce frustration and discourage password reuse or the use of easy to guess passwords.
- Endpoint detection and response – Another first line of defense for you is endpoint detection and response software that can detect threats to your system before they cause damage. We can help you select from the various options to choose the best software for your business needs.
3) Keep Your Physical Assets Safe
Physical security also plays a role in keeping your business safe in the digital world.
- Vetting new employees – Background checks can be helpful, but looking at digital footprints and social media presence can give you a more comprehensive look at the candidates you are considering. Since most cybercrime occurs from internal sources (ie, employees accidentally triggering a virus, internal employee theft of sensitive information, etc.) it is crucial that you have a well-rounded view of potential employees.
- Limit access – Not every member of your staff needs access to your sensitive business information. Effective access credentials to both physical and digital databases are key to helping your information stay secure.
- Security system – Regardless of all the systems put into place, there is always a risk of a physical breach. Investing in a security system that can record entry doors and internal activities can be crucial to finding a malicious actor after the fact.
It only takes one weak link to breach the walls. Start today by taking a hard look at your security protocols currently in place and see where there is room for improvement. And if you’re ready to take the next steps, show your business some love with a cybersecurity assessment. Reach out today to learn more.