You know that cyber security is an important part of any business, but are you unsure of how to become cyber secure? You may already be using some of the top security best practices and not even realize it.
- Anti-Virus Software & Updates
When faced with the enormous task of securing your business, it’s easy to forget about the basics. You want AV software that detects and prevents both known and emerging threats. But don’t just download any free AV software you find online. Only install an anti-virus program from a trusted, legitimate source and always keep it (and your computer) up to date. Updates and patches for your applications and devices guarantee you have the most comprehensive protection.
- Firewalls
A firewall acts as a barrier between your safe, internal network and the horrors lurking in external networks. Firewalls filter incoming and outgoing traffic based on a set of security rules. They’re a critical safeguard for both large and small businesses, as well as home networks. You’ll want to opt for a next-gen firewall, which as the name suggests, offers more advanced features than a traditional firewall. You can learn more in the video above.
- Backups
Regularly and automatically back up all important business data. The SBA suggests backing up all word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Be sure to store in the cloud or off-site. In the event of a ransomware attack, natural disaster, or device failure, you won’t lose everything.
- Passwords
Let’s be real, passwords can be a hassle. It’s hard to come up with a strong one and even harder to remember what is actually is. When you get a reminder to update your password, what do you normally do? Probably hit “ignore”. When it’s time to create a new password for yet another application, what do you normally do? Reuse an easy to remember one. If everyone does it, is it really that bad? Oh, yes. Verizon’s 2019 Data Breach Investigations Report found that 80% of all hacking-related breaches are the result of weak passwords. On top of that, 29% of all breaches, regardless of attack vector, involve the use of stolen credentials.
Passwords can be a simple and effective way to ward off cyber criminals. A good password is random, long (very important), complex, and frequently changed. Passphrases are also useful and sometimes easier to remember than a random string of letters/numbers/special characters. You can use a password manager to keep track of all your passwords. You can also check out our eBook, Passwords: Your Greatest Vulnerability for more password tips.
- Multi-Factor Authentication
Multi-factor authentication (MFA), or two-factor authentication, adds an extra layer of security to a standard password. MFA is a combination of two or more of the following:
- Something you have (such as a randomly-generated code sent to your mobile phone)
- Something you are (such as a fingerprint)
- Something you know (such as a password)
MFA decreases your risk of compromise. If a cyber criminal happens to know your password but you have MFA enabled, it’s unlikely that they’ll also have access to the code your mobile device received – effectively locking them out of your account.
- VPN
Public WiFi is risky and using a public network while accessing private business accounts puts your entire organization at risk. When you use public WiFI, everything you do is out in the open for anyone to see. A virtual private network (VPN) is a great tool when working outside your secure office network; and it allows you to safely transmit and receive data.
- Employee Security Training
If you’ve read any of our other blog posts, you’ll know by now that we’re a little obsessed with security training. It’s inexpensive and easy, but still comes with a huge pay-off. When it comes down to it, your first line of defense against cyber attacks is the people sitting in the cubicles right in front of you. Offer constant training and make sure each employee is aware of your cyber security policies & knows where to report suspicious activity. Teach them what not to click and you’re golden.