Data is the foundation of any business. Building a business without protecting your data is like building a home on wet sand, leaving the tide to sweep it away. With all the ways data is being stolen today, there are a few steps you should take to build a secure foundation for it.
Use strong passwords.
If you or your employees use simple, and easy-to-guess passwords, you could be leaving your business more vulnerable than you know. Develop strong passwords that use capital and lowercase letters, as well as numbers and symbols. And, change your passwords every two months.
In December 2017, SplashData created the list using over 5 million hijacked passwords in just one year’s time. Passwords such as “123123,” “Password,” “admin,” “monkey,” and “whatever” were the most popular among the infiltrated accounts. Ensure that you and your employees don’t use common passwords. Additionally, it’s important not to write down passwords but rather encourage your staff to memorize them. Lastly, don’t use the same password across multiple programs. If someone can figure out your e-mail password, they may try to get access to other programs with it.
Put up a strong firewall.
Firewalls control the internet traffic going to and from the computers on your network. They provide an important barrier between your business and the outside world. This is especially important if you have multiple computers connected to the same network. This same firewall protects the spread of a virus from one computer to another. In the off chance that a computer wasn’t protected and got infected, this would keep it from spreading the virus throughout your network.
Install antivirus protection.
While firewalls are an excellent source of protection from viruses, they can’t do everything. This is where antivirus protection comes in. An antivirus program constantly scans your computer to prevent viruses by detecting suspicious files. If it finds a suspicious file, the antivirus will work to isolate it and keep it from spreading until deleting the file and neutralizing the threat.
Update your programs regularly.
Updates always seem to come when we are at our busiest. You no sooner begin your workday, when a notification pops up reporting that there’s a new update ready to install. While it may be tempting to put off the update until your task is done, this isn’t recommended. Whenever there’s an opportunity to update, it’s important to do so. Updating is like having a secret security group constantly working to keep your business safe. Updates provide protective patches that safeguard your data from the latest cyber attacks, such as Meltdown or Spectre. Plus, they keep your computers and systems running at optimal performance.
Secure your laptops.
Laptops offer the portability to take work home with you. This comes with an entirely new risk to your company. Laptops can easily be lost or stolen, so you must secure them. A recent study, by Dell Company, shows that a laptop is stolen every 53 seconds.
Securing a laptop can be done in a few ways.
Secure your mobile phones.
Phones can be used to complete many of the same tasks that employees perform on their computers but without the same level of protection. It’s important to treat these like you do your laptops. Ensure all employees’ phones use encryption software, password protection, and remote wiping capabilities. For example, you can easily trace where your iPhone is by using the “Find My iPhone” app on a different device. If you can’t find your phone, you can protect your data by remotely locking and/or erasing the information on your phone.
With all the ways that your data can be compromised, it’s incredibly important to backup data regularly. This protects data that could be wiped out due to a virus or a lost or stolen laptop. Without regular backups, you run the risk of not only losing your data but having to spend valuable time and money to replace it.
Educate your employees about e-mail, IM and surfing the Web.
The 2017 Internet Security Threat Report (ISTR) reports that: “Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years.” This report shows the importance of training employees on e-mail and internet safety to secure your business’s data. The #1 reported security risk in 2017 was misaddressed e-mails. This can occur when an employee mistypes another employee’s name in the “To” line of an email. Criminals purposely create websites and e-mails that are similar to those for your business. They look legitimate and can easily trick an untrained employee. For example, your employee can get an e-mail that looks like it came from a person in HR asking for a copy of their contract. If the employee didn’t recognize the e-mail address as being incorrect, they could inadvertently release confidential information. Employees should be trained to remain vigilant and constantly look for e-mails that are phishing attempts or have red flags such as simple grammatical mistakes or excessive punctuation. Implement a policy to flag suspicious e-mails. And, train all your employees on the importance of not opening or clicking on any suspicious e-mails or links.
No one understands the importance of your business’s data more than you. These eight simple steps can ensure that the foundation of your business’s data is strong and secure, allowing you to focus on your success rather than threats.
403Tech is one of the Top 50 Managed IT services companies in Canada.