When it comes to stealing information, cybercriminals are not all that particular. While significant data breaches and ransomware attacks on large companies make headlines, smaller businesses and individuals are also targeted.
In fact, 61% of all data breaches impact small companies. These crises cause a ripple effect beyond just disruption; this sort of theft can cripple operations.
Think about it: over 77 terabytes of internet traffic happen every second. When it comes to cybercriminals, this level of internet traffic is akin to letting a kid loose in a candy store. It’s no surprise that they will go after prizes of all sizes unless the owner is one step ahead of them.
1: BACK UP AND ENCRYPT YOUR DATA
Backing up and encrypting data as protective measures are nothing new, yet almost 70% of small businesses do not have backup plans geared for disaster recovery. The more time it takes to restore lost or stolen data, the more money that your company will lose. The cloud is a viable option for data backup since the information isn’t stored on local devices. If hardware is compromised, the data can be accessed through the cloud.
Data encryption is the science and practice of coding information to render it unreadable by other parties. Scrambling readable text in this manner is one of the most effective methods of protecting confidential data. The only people who can read the information are the ones with the decryption key.
Although this used to be technically complicated, modern tools make it easier for individuals and businesses to protect their files. For example, Apple operating systems has its FileVault program; other options include TrueCyrpt and AxCrypt.
2: GET INTO THE PASSWORD HABIT
If a thief accesses your email provider and gets this login information, they can try it on online stores, banking sites and elsewhere. Hackers make a habit of seeking batches of username/password combinations from single sources. They then try those on other sites.
This is a huge risk for your company and underscores the importance of unique, strong passwords for every online account that you or your employees use. Even when passwords are optional for accounts, you still need to use them. If you don’t, your data will be extremely vulnerable. In addition, when two-factor authentication is an option, you should always opt in.
Tracking passwords is no easy task, especially since you should update all of your passwords from time to time. Writing them down or keeping them in a spreadsheet can be unreliable, and using a password manager may be better. There are a variety of free password managers that you can try, like LogMe Once and Myki. These all use one master username and password, but this too needs to be routinely updated. Organizations should have defined documented password policies for all their employees.
3: OPERATING SYSTEM UPDATES
Like password managers, operating system updates are necessary for digital security. No one likes to see a message about needing a software update on their phone or computer. After all, these processes take time away from other daily tasks. Ignoring these updates is unwise, however; they include vital security patches to protect your information from new security threats.
Make things easy at work and set your system to update automatically. In most cases, you can schedule these to take place during your off-hours. Encourage or require your employees to do the same. Managed Service Providers generally take care of critical updates and typically can automate the process. Ask yours or call TAG Solutions for help.
Another way to safeguard your network is to take a periodic inventory of your confidential data and eliminate old information from your main servers. This data can then be stored elsewhere and removed from the network. Be sure to close down any outdated social media accounts, unused online services, software connected to external devices and streaming platforms. Doing so will effectively narrow your digital footprint and make your data less vulnerable to threats.
4: VERIFYING WITH TWO-FACTOR AUTHENTICATION
Two-factor authentication also takes time, but it won’t feel like such a chore once the habit is established. Once set up, two-factor authentication shouldn’t require longer than a minute. Once you enter your user name or password, a second verification will need to be entered.
You can decide if you want to use a code sent in a text to your cellphone, facial recognition or a fingerprint. Microsoft and Google have announced that they are working on physical Security Key two-factor authentication, which you may be hearing about soon. Require your workforce to use two-factor methods for all of their company logins.
5: USE A VIRTUAL PRIVATE NETWORK
Using a unique, strong password for your home or business Wi-Fi network is essential, but what about when you connect to a free Wi-Fi network somewhere else, like a client’s office or coffee shop? Unlike when you’re on your company network, you won’t be familiar with that connection’s security. Cybercriminals are out there, always, trying to breach these networks.
Unfortunately, these thieves can access hotspots and steal mobile device and laptop data. Virtual private networks (VPNs) are an excellent way to mitigate your risk. VPNs are routed through servers owned by outside companies and designed to keep your data safe when you use other Wi-Fi networks.
OTHER DATA SAFETY TIPS
Another essential habit to get into is remembering to power off your work computer every night. Not doing this can be compared to leaving your front door unlocked at night; it gives criminals 24/7 access to your property.
To further protect yourself, stay safe at home. If you use a home wireless network connected to multiple devices and share files between them, you do not have to make those files publicly available. You should only share these on your home network, so you can think about disabling media and file sharing. This is even more important if you are doing work at home.
Avoid logging into a computer using administrator rights (called “Power User” in Windows) unless it is vital. These privileges should be reserved for things like reformatting hard drives, creating new user accounts with administrative access, and deleting all of your files.
It is also a good idea to clear your cache (browsing history) once a day at minimum, since saved Web histories, searches, and cookies can also provide inroads to your data. When logged in as an administrator, using the internet opens up another door for scammers.
THREATS ARE EVERYWHERE
The most important takeaways for keeping your data safe are understanding that threats can come from anywhere and never letting your guard down. Unfortunately, if you aren’t paying attention, a cyberthief could steal or compromise your data. It requires time and effort to put these and other security measures in place, but compared to what your business can lose in a major data breach, it is well worth it. Be sure stay on top of security updates, as well.
Not sure how to stay up-to-date on the latest cyber risk mitigation strategies for your business? Contact a trusted managed service provider like TAG Solutions. We are experts in the field and always stay current on the protocol you need to follow to stay safe online and in the digital workplace.
If you’d like a free cybersecurity vulnerability assessment to see where your company stands, we can help with that, too!