It might be time to worry. If the largest companies in the world can get hacked, so can yours.
Imagine if all of your customers’ personal information was stolen. What would a data breach mean to your company? A ruined reputation? Profit loss? A potential shut down? All of the above?
Hackers are everywhere. It’s unfortunate for sure, but it doesn’t mean you can’t fight back. Armed with knowledge, you can make a potential cyber attack less likely. Here are 6 basic tips that can only bolster your business’ defense against a cybercrime.
- Educate your employees
Human error is often the gateway to a cyber attack on business. It’s important that your workforce – no matter how big your business – is educated on online security threats. General awareness will go a long a way in keeping your business safe.
Encourage your staff to not open suspicious emails, avoid certain websites, and not download any software to their work computers. If your company has an IT department, set up security measures on workstations such as requiring admin clearance to install software and blocking internal access to suspicious or malware-ridden websites. Make completing training materials or online courses on cyber safety required for new hires.
- Password safety
If your IT department, or IT individual, doesn’t require employees to change passwords every few weeks, they should. It might be an annoyance to your team, but for a number of reasons, such as limiting constant access to an account or throwing off a hacking program’s guessing game, it’s a good idea.
Encourage employees to use complicated passwords that use symbols and numbers and don’t involve personal information like their name or initials. If possible, set up two-factor authentication. This is when there are two checks in place to verify an identity. This is especially important for admin accounts that may be authorized to pay bills or access sensitive data. (Example: a verification code is sent in the form of a text to a mobile device to a user trying to login).
- Network security
Hopefully your company already uses a firewall for your network and business website. Make sure it’s updated frequently and managed correctly by either your IT team, or a company that specializes in managed security.
It’s a good idea to get in the habit of monitoring its’ daily activity. If you have Wi-Fi, be sure you're encrypting your wireless network. A WPA (Wi-Fi protected access) encrypted network asks for an authentication key before making a connection, making it much more secure. In addition, always update the firmware on your network and Wi-Fi servers when prompted.
- Email awareness
Know who you are emailing with and who is emailing you. Phishing is one of the most common techniques of a hacker to get you to reveal personal information such as a bank account or social security number, login info, or other personal information. By pretending to be a trusted source, a hacker might inform one of your employees or your bookkeeper that your bank or credit card account has a discrepancy or is about to expire, then ask them to login into a fake site to enter your personal info.
Encourage employees to look at emails carefully. Are addresses spelled exactly as they should be? Is the link to your bank’s website as it should be? (It might be off by one letter, or contain two letters side by side that the naked eye might see as one) If the situation seems off, call the sender directly.
- Apply security updates and patches
Those annoying little software updates you’re continually asked to install are your friends. Vulnerabilities are discovered all the time in Windows operations systems. It’s important your IT department, or IT person, implements these systems updates whenever necessary. It’s quite likely that a new virus has been discovered or a new hole has been found in your OS’s armor.
And don’t think because your business uses Macs, you’re in the clear. Macs get hacked too. Update your system when prompted. It’s easy. Same goes for mobile devices if your employees use them for work purposes.
- Back up your data
Not too long ago, business servers had tape drives to back up all your important company’s data. They may still, but in the here and now we also have cloud services and other managed methods to keep copies of your data. Depending on what sort of business you are in, you may have different needs.
In all cases, you probably want to be up and running ASAP after an attack. In the event one does happen, you’d instill much more confidence to your customers or clients if you were. Even safer still, employ 2 methods to back up data in the case that one fails.