October is National Cybersecurity Month
Tips on how to Own IT, secure IT, and Protect IT.
Typically when we hear a story about a cyber security malfunction, it’s on an epic scale, when a large corporation admits to having had a data breach or a government agency has a hack. While these are often the only types of incidents that we hear about on the news, the truth is, most cyber security invasions happen to small to mid-sized businesses. The good news is that proper data security is not beyond reach for small businesses if you act on these issues, and follow some tips from the experts at Cazarin Interactive. Here are a few tips to implement into your security strategy.
Improve Password Protection.
Using passwords to protect computer networks is pretty much a given at this point, but how you implement your password strategy is crucial. Hackers continue to invent expert viruses to hack simple password requirements and passwords that aren’t frequently changed. If you want to make the most of this security system,it’s important to observe stringent standards. Strong passwords are a must, as is the use of prompts to have your staff update passwords regularly, at least every thirty days is recommended. Implementing policies to deal with the sharing of passwords, even with coworkers, is also a good idea, and make sure your IT team sets up requirements for complex passwords, that include at a minimum eight characters of three different types (e.g., capital letters, lowercase letters and numbers). Making just these changes alone can go a long way in helping protect your small business from infiltration.
Limit Access. A layered, deeper approach to security can help keep even the most sensitive data safe even if your system does suffers a breach. Limit access to certain types of information and set protocols as to what permissions are given to which staff members, and adding levels of protection such as additional password requirements for more sensitive information, added encryption, etc.
Keep Your Software Up-to-Date. One of the best methods to protect against ransomware is making sure your IT team patches outdated software, both in the operating system and applications. This will help remove critical vulnerabilities that hackers use to access your devices. Here are a few quick tips to get you started:
- Turn on automatic system updates for your device
- Make sure your desktop web browser uses automatic security updates
- Keep your web browser plugins like Flash, Java, etc. updated
Use Anti-Virus Protection and Firewalls Whenever Possible. Anti-virus (AV) protection software has proven to be the most successful solution to fight off outside attacks. AV software helps to block malware and other malicious viruses from entering your devices and systems and compromising your data. Make sure you use anti-virus software from trusted vendors and only run one AV tool on your devices. Using a firewall is also important when defending your data against hackers. A firewall helps screen out hackers, viruses, and other malicious activity that occurs over the Internet and determines what traffic is allowed to enter your system. Your router should also have a firewall built in to prevent attacks on your network.
Keep Your Entire Staff Updated on the Latest Phising Scams. Phishing schemes happen when an attacker poses as someone or something they are not – often a superior in the company or trusted vendor- to trick the recipient into divulging credentials, clicking on a nefarious link, or opening an attachment that infects the user’s system with malware or trojan virus. This often leads to a ransomware attack, in which your system is literally held hostage unless you pay a certain amount. In fact, 90% of ransomware attacks originate from phishing attempts.
A few important cyber security tips to remember about phishing schemes include:
- Don’t open email from people you don’t know.
- Know which links are safe and which are not – hover over a link to discover where it directs to first before clicking on it
- Be suspicious of the emails sent to you in general – look and see where it came from and if there are grammatical errors or syntax errors. Most phising scams come from foreign countries, and are often written in broken or awkward English.
- Malicious links can come from friends who have been infected too, without their knowledge, so if you receive an odd email from what appear to be a friend, be extra careful, and contact them via a separate correspondence to verify it is accurate.
Another scam that has been hitting small businesses lately is an email that appears to be from a supervisor or CEO to an employee asking for credit card info, or requesting that they purchase gift cards using the corporate credit card, and then providing the codes for those gift cards to the sender posing as the boss. If you receive an email from a supervisor that asks you to spend money or proivde credit card information over email, make sure to check with the individual verbally prior to doing anything, and report the email to your IT department as soon as possible.
Hacking, phishing, and malware incidents are becoming the number one cause of security breaches today, and these hacking attempts are the result of human error in some way. Education and awareness are critically important in the fight against cybercriminal activity and preventing security breaches. If you need some advice on how to best set up your security protocols, let your team at Cazarin Interactive know! We can assist you in setting up a system that protects you and your team from a malicious attack and protects your business from a threat.
Contact us today for more information.