The Internet plays a huge role in just about every aspect of daily life, both at home and at the office. We rely on technology for almost everything, from staying connected through email and social media, to online banking. Our personal and professional information is out there in cyberspace, and despite our best efforts to keep this information private and safe, it’s often left extremely vulnerable.
Cybercriminals are constantly finding new ways to hack and scam their way past security measures, often relying on human error and cluelessness to help them hit their targets. October is National Cyber Security Awareness Month, an annual campaign created to provide information and education about these threats and tactics to the public. The more you know about the ways that cybercriminals operate, the better you’ll be able to protect your business.
There is no one solution to handle IT security as a whole, but there are things you can start doing today to step up your business’ defences:
- Make sure all systems, applications, accounts, and devices are password or pin code protected, taking advantage of 2FA (two-factor authentication) where possible. Two-factor authentication is more secure because it requires two forms of verification, for example, a password and a PIN.
- Use passwords that are eight characters or more in length, and that use a combination of numbers, lower case and upper case letters and even special characters (!,#,$) where possible. No matter how complex, passwords should be easy to remember so that they never have to be written down and potentially misplaced or stolen. Consider using a phrase (mynameisluis) that is easy to remember and then insert some level of complexity (myName1$Luis)
- Backup all important data and applications daily to a secure, off-site data storage system; cloud-based services or hosted servers are a good option as either your primary backup solution, or a secondary redundancy
- Develop and implement a Business Continuity/Disaster Recovery Plan. In the event of a hardware failure, cyber attack, or natural disaster, knowing exactly how your business will handle restoring data and operations will reduce downtime and make the entire process run smoother
- Use reliable antivirus and antimalware software on all of your systems, and make sure the latest available updates and patches are installed on a routine basis to close any potential weak points in the programs, and your network
- Monitor your network and systems at all times to catch any vulnerabilities or suspicious activity before either can cause a serious problem
- Train your employees to spot phishing scams and other cybercriminal tactics. Your staff should be an asset to your business’ security, not its biggest weakness
- Make sure any data or applications employees are accessing remotely are protected by both your cloud-based platform’s own security measures, and by securing each endpoint device against unauthorized use. In addition to passwords, pin codes, and 2FA technology, take full advantage of any options available to remotely erase data from a lost or stolen device
Taking a proactive approach to IT security is a better option than taking a reactive approach. Waiting until a cyber attack happens to take action against cyber threats puts your business in the unfortunate position of having to come back from data loss, downtime, lost profits, and a tarnished reputation. A feat that’s easier said than done.