Cybersecurity, no matter the size of your business or how many employees you have, is a vital part of today’s business. Everyone in your organization needs to be up to date on how to spot a cyber threat and what to do about it.
There are some fundamental things that you should be doing to help protect your business from cyber threats. As hackers find new and innovative ways to come at your data, you need to be a few steps ahead of them. Let’s discuss a few areas in which you can “seal the breach” from hackers:
- Educate your staff on social engineering attacks
Social engineering attacks trick people into giving up sensitive information usually by posing as someone within the company or a vendor. Educate your staff on what to look for and how to protect themselves and the company from these malicious attacks. Phishing is one of these social engineering attacks that disguise a virus within the email. Once the attachment is opened, the virus goes to work attacking data and sending information back to the hacker. Make sure your employees are questioning anything that seems odd or out of place.
- Use up-to-date anti-virus software and firewalls
You should be checking for updates periodically and installing them automatically. Cyber criminals will happily exploit any unsecured system for a one-time breach or even an ongoing theft.
- Establish company policies for handling and storing sensitive data
Not every person in your organization needs to have access to sensitive data. Restrict who has access and make sure they are changing their passwords every ninety days at least. Also, don’t keep more data on a client than you need, and don’t hold it any longer than you have to. The less data you have on hand, the less you lose during a breach.
- Establish guidelines for company wide computer use
Your employees should not be using company computers or devices for use with family or for personal use. This prevents them from inadvertently sending out sensitive data. This goes the other way too. Employees should not be allowed to use their own personal devices to download business data to. This should include items such as thumb drives, tablets and phones.
- Institute a mobile device policy
Set up a protocol so that employees may access data from a secure location on their phone, but without having to download the data. Enable access codes, encryption and remote wipe software on all company devices, then keep a log of all issued and approved devices and who they went to.
- Stay up-to-date on software patches
Make sure you are installing every hardware and software an operating system update. This keeps hackers from being able to take advantage of vulnerabilities. Be sure that these updates take place across the board. Have every computer in your organization update and make sure it gets done to avoid any breaches.
- Use passwords
Use the built-in password functions of the laptops and other devices. Don’t allow employees to store passwords on their work computers or devices. And make sure they are using a combination of letters, numbers and symbols in their passwords to make strong passwords. You also want them to change it at least every three months.
- Encrypt sensitive files
You want to keep out unsavory types and those meddling hackers, so encrypting your files is a must. This way, even if they get ahold of your data, they can’t view it or alter it. Encrypting data that is being sent over the internet or to the cloud for storage is also a good idea. So even if the data or files get intercepted mid-stream, they are still unable to be read or changed.
- Dispose of old files and devices properly
Simply deleting a file on your hard drive does not mean that it is gone forever. Deleting only tells the hard drive that the space if freed up and can be used. The data can still be retrieved. The only way to insure that hackers or anyone else can get at the deleted files is to destroy the physical drive. When you upgrade equipment, such as computers, remember to destroy the old drives. But computers aren’t the only drives that you should worry about. The copier has a hard drive as well. Think about what else in the office might have data on it and secure it.
- Back up your files
Keep copies of your data separate from your original files. Whether online in the cloud or offline at separate site from the original, always backup your data. It is best to have it backed up on the cloud and offline in another location. This way, if you are hacked or data gets lost, you will have a much better idea of what is missing and be able to get it back.
Cyber security is a big deal, and a big job. But it is never foolproof. You have to stay vigilant and uncompromising in your security measures. Don’t let hackers take what you’ve worked so hard to build. With ransomware and other cyber-attacks happening more frequently than ever before in 2017, you want to start 2018 off on the right foot.
Give Imagis a call at 888-526-4283 and let one of our consultants show you how to build a better security framework