No matter the size of your business, it could fall prey to cyber criminals. The simplest way to avoid this is to beef up your cyber security. Specifically, make sure you address the three main elements: your devices, your network, and your employees.
Reduce the risk of a cyber attack by protecting:
Your devices and files:
- Make passwords mandatory
ALL devices should have passwords. Phones, tablets, laptops and PCs. It is well-known that cyber security is a risk. Don’t leave the door open for potential cyber criminals. And don’t leave devices unlocked and unattended, especially in public spaces.
- Use multi-factor authentication
Use multi-factor authentication to access your network. This requires something more than logging in with a password, such as a code sent to a pre-registered mobile or email address.
- Back up your files
Make sure all crucial files have an off-network back up. Either in the cloud, on paper, on an external hard drive, etc. If you choose paper, make sure those documents are physically secure.
- Make sure your software is up to date
This includes anything connected to your network: apps, web browsers and operating systems, for example. You can even schedule automatic updates to take the burden away from day-to-day management.
- Use Encryption
Encrypt any devices that may contain sensitive or personal information, such as laptops, tablets, smart phones, flash or external drives and cloud storage solutions.
Your wireless network:
- Router set up
Secure the router by changing the default name and password, turning off remote management and logging out when you are finished.
- Look at router encryption
Use a router with WPA2 or WPA3 and – its easy to overlook – make sure it’s turned on. Encryption protects information sent over your network so it can’t be read by outsiders.
Raise awareness of cyber security issues and work as a team to protect your business:
- Make sure you use strong passwords
- This means more than 12 characters in length and a mix of upper and lowercase letters, numbers and symbols
- Never reuse passwords and NEVER share them
- Limit the number of unsuccessful log-in attempts. This prevents password-guessing attacks
- Create a culture of security by giving employees regular training. Update your employees as you find out about new risks and vulnerabilities. Consider making the training mandatory.
- Have a plan for saving/recovering data, business continuity and informing customers, should the worst happen. If you do experience a breach, the FTC’s Data Breach Response: A Guide for Business lays out the steps you can take.
Other things to consider:
- Making your team particularly aware of what to do in the event of:
- Suspicious emails that may contain ransomware or viruses
- Experiencing phishing schemes, email imposters or tech support scams
- The physical security of your data: paper files, hard drives, flash drives, laptops, etc.
- Using email authentication software
- Investing in a cyber insurance policy to protect your business from the financial impact of a potential data breach
- Speaking with your vendors about how they store and protect your information, and making this question part of your procurement process in future.
- Double-checking that your web hosting service is up to scratch.
- Making sure your remote access is secure by protecting your devices and training staff.
What to do next
Have you taken IT security as far as you can go? Need someone to check your system? Or are you in desperate need of a pair of safe hands to get your network security in shape? Speak with EBM’s friendly and straight-talking IT team. We conduct free-of-charge IT audits that give you a clear overview of where you stand.
Sound good? Get in touch!