7 Cybersecurity Tips for Everyday Safety
Everybody likes checklists; they represent activities you can say you completed, check them off and they are done. That is just not true for cybersecurity because of its fluid nature. However, I’ll present a pseudo checklist which represents major areas that every small business should concentrate on and address on a regular basis.
1- Rely on Employees to Maintain Cybersecurity
Believe it or not, your first line of defense is your employees. A plethora of articles on cybersecurity for SMB’s identifies this item in the top five, usually number one. Employees need to be made aware that their actions could easily lead to a cyber-security incident. Following is a partial list of topics you need to cover with your employees.
A- identifying, reporting and not opening suspicious or questionable emails. Email is still the most popular technique for attacking a company network.
B– not surfing or clicking on links to or on untrusted websites. Also keep in mind that some of the recent flood of ransomware came from well-known trusted sites.
C- only downloading software from reputable sources. It is debatable to allow employees to download software and install it on their workstations without getting prior approval from management. Better yet, establish a list of acceptable software and download it once on the network and allow it to be installed from there.
D- be aware that cyber threats don’t always come directly from the Internet. To allow employees to bring removable drives and CDs/DVDs to the workplace and their PC is just creating an additional path for cyber threats. Be aware most larger organizations disable those local I/O ports on all workstations. That prevents cyber threats from coming in and business data from going out.
2- Security Through Passwords
Use strong passwords, two-factor authentication, a password manager, or most preferably a single sign on package to control both passwords and acceptable applications and websites. In addition, protect administrator rights on the network. Remember only administrators need those rights, not every employee.
3- Protect Yourself from Malware
Install and maintain an up-to-date reliable malware protection solution. Ensure that the maintenance of that solution is either automatic or in the hands of an administrator, not every individual employee. Remember though, that no matter how good that solution, it is not going to be 100%. Incorporate a network firewall in with the malware solution in order to strengthen your protection.
4- Keep Software Up-to-Date
Maintain all your software by applying all vendor patches as soon as possible. Many malware threats take advantage of vulnerabilities in both operating system and application software packages. In many cases those vulnerabilities are patched by the vendor, but it does no good for you unless you apply it to all of your software in your business.
5- Mobile Devices are Not Without Risk
If your organization has made mobile devices a part of doing business, don’t forget they are also vulnerable to attack and must be included in the considerations listed above. Attacks on mobile devices are increasing daily, and are becoming a more and more popular target amongst cyber criminals.
6- Protect that Data!
Keep in mind that on numerous occasions your business voluntarily sends business data out of the organization, probably by email. An example would be emailing income statements and balance sheets and monthly transaction reports to your outside accountant. Email is a great convenience for this kind of communication but email is plaintext; anybody that intercepts that email will be able to read it without any assistance at all. Consider using encrypted emails for this kind of business email communication.
7- You Must Have a Disaster Recovery Plan
Prepare and maintain a backup and disaster recovery plan. Make sure you test it on a regular basis. Make sure that the backup is an off-site backup and that it is an automatic backup. A backup to magnetic tape that is stored in the cardboard box right next to the server does no good when the facility itself is compromised. Depending on one or more employees to change out the tape every night is also a poor choice.
The bottom line is your business is at risk. It’s up to you to take the steps to protect it, either by monitoring and maintaining your business’s security yourself or by contracting a business IT solutions company you trust.
If you’d like more information about the security solutions BBSYS can offer you, please contact us using the form below.
Get More Info or Request A Quote