If you’re a business owner then you know that your company data is your biggest vulnerability. Here’s the hard truth: it doesn’t matter how small your business may be, you still are at risk of being targeted by a cyber criminal. Which is why in the New Year, your biggest focus should be getting a handle on cyber security. After all, technology will continue to adapt and become more influential in a business’ day-to-day operations.
You already rely on information technology for various tasks, ranging from transactions to processing to employee emails. It’s 2020 and it’s time to get cyber serious in your business.
But how can we go about it? However, don’t be afraid of how much work you may need to do or the technical jargon that comes with it. NorthEast is here with a few pointers and explanations to get you started.
Start from the inside out. Major security breaches have involved employee actions that helped hackers gain access. So educate your staff on security protocols and network security. Some examples are:
- Appropriate Internet use guidelines
- How to handle and protect customer information
- Requiring strong passwords
Consider changing passwords every 3 months or implementing multi-factor authentication. Help your employees become your human firewall.
Since most people have a smartphone these days, it’s no surprise that a lot of employees use their mobile device for work. This can create a major security and management challenge if they have access to the corporate network.
- Require users to have a password on their phones
- Encrypt their mobile data
- Install a security app to protect information while on public networks
Speaking of Wi-Fi, one of the most essential cyber security tools is a firewall for your company’s private network. A firewall is a program that prevents outsiders from accessing your data. For employees who work from home, ensure their home networks are firewall protected as well. After all a network unprotected is like leaving the front door open to a home intruder.
Further protection might include:
- Only allowing authorized devices to connect to the network
- Setting up network security monitoring to detect suspicious activities or traffic
Update, Update, Update:
One of the simplest mistakes could be the biggest one. Ensure that all security programs, browsers, and operating systems are up to date. The best thing to do is turn on auto-updates, so you won’t have to worry about adding another task to your to-do list.
Operating systems are frequently updated with security patches as more vulnerabilities are discovered. Viruses, malware, and other threats are evolving just as quickly as the technology itself so it’s important to get the most up to date and secure processes that you can.
Third Party Risks:
Every company uses a 3rd party service provider to help their business run. Whether it’s a payroll or payment system, you want to make sure your data and your customers’ data is safe. Work with banks or processors to make sure you’re using trusted tools. Look into what anti-fraud programs are available as well!
- Properly engage with third parties
- Identify the types and amount of risk the third party poses to your organization
- Determine what digital channels your third parties have access to
- Monitor online activities by third parties as needed
Back It Up:
Regularly backup data on all computers. This includes but is not limited to word documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files.
It’s incredibly valuable for your cyber security program to limit access or use of business computers by unauthorized individuals. Laptops or tablets, in particular, are easy targets for theft, so never leave them unattended. Each employee should also have their own user account, secured with strong passwords.
Finally, limit an employee’s control over their own computer. Avoiding the installation of unnecessary software can prevent raising your cyber risk. Employees should only have access to specific data systems they need for their jobs.
Here are some resources to learn more about protecting your company:
- National Institute of Standards and Technology have a Small Business Cyber Resource Center
- Security Awareness series by Adobe, National Cyber Security Alliance, and Speechless
Cyber Liability Insurance can help protect your business against damage to electronic data, virus or malware attack, liability to third parties, and also help recover the cost of:
- Restoring and recreating data to your system
- Restoring systems to pre-attack levels
- Lost business and unforeseen expenses
- Public relations services, to communicate with outside parties concerning a computer attack and your public response
One stolen laptop, one careless employee, a virus or even paper records that fall into the wrong hands, can create a financial and reputational consequence affecting your business for years to come. If you’d like to speak more on Cyber Liability Insurance for your business, contact us at (732) 972-1771 or email us at firstname.lastname@example.org!