Hackers are more active and tenacious than ever, and with virtually ever aspect of business now connected to the internet, that poses a threat for everyone. While hackers primarily target larger, high-profile companies, it is never a bad idea for even the smallest business to bolster its cyber-security. Like any good defense, proactivity is key. Here are a few simple steps to protect your business from online attacks.
BACK IT UP
Plain and simple: back up your data regularly, so that even in a case of total data loss, you won’t really lose anything. Back up regularly and often—this is a simple vaccination against the agonizing possibility of losing crucial data. The industry-standard is to back up your entire server every week, with additional backups each night. Personal computers should be backed up every few days.
Cloud storage is one option, but that also exposes your data to hackers on another level. A more secure option is to back up your information on a portable storage device—a simple USB will do. Of course, backing it up will not do you much good if your backup device is lost or stolen. Once loaded, keep the device under lock and key.
ENCRYPT YOUR DATA
Encryption has been employed for nearly a century—it is a time-tested strategy to mitigate information loss. By converting information to a cypher or code, encryption complicates information theft, ideally rendering data unusable to unauthorized parties. Today, encryption software comes standard with many operating systems—use it!
Bear in mind that many of these programs are only engaged when a login is not in use, so for maximum effectiveness, make sure that every computer in your business is set to log out automatically after a few minutes of no activity.
BEEF UP YOUR PASSWORDS
This tip is simple to the point of being elementary, and yet it is still one of the most important lines of defense. Using your kid’s name and birthday may suit for your home computer, but when it comes to your business, you’ll want to have something more robust. Some simple tips to improve the strength of your password are:
- Use letters, numbers, symbols, and a combination of upper- and lower-case letters—the more complex, the better.
- The password should be 8-12 characters long—size matters.
- Avoid using personal information such as birthdays, family names, etc—this is where hackers will begin.
- Do not reuse passwords—as the saying goes, don’t put all your eggs in one basket!
There are various password checkers available to establish the strength of your password. Finally, regardless of their quality, be sure to change your passwords every 90 days or so—even more frequently if you are working with highly sensitive information.
SET UP A FIREWALL
A firewall is a simple yet indispensable form of protection that every business should use. Simply put, firewalls form a barrier between an internal, trusted network, and a suspect external network, filtering what goes in and out based on predetermined parameters. Basically, a firewall is a cybersecurity guard patrolling the perimeter of your network. This technology has been honed to near perfection, and any major brand should suffice.
UPDATE, UPDATE, UPDATE
No security application is 100% bullet-proof. The programmers themselves acknowledge this, and that is why a program or application is not considered entirely complete upon release. Developers are constantly working on updates to patch holes in their software, and in order to get the most use from your security software, you’d best take advantage of those fixes.
Keeping all of your security software up-to-date with the latest patches will ensure you the best defense. Keep an eye out for updates and install them as soon as they become available—they are often acknowledging an issue that has existed for some time. Not updating your software is like being content with an incomplete automobile.
PROMOTE A CULTURE OF AWARENESS
Your business’ online security is only as strong as your employees. Even stringent security measures can be easily undermined by a careless or ignorant worker. Explain your security concerns and goals to your workforce, and ensure that everyone is on the same page when it comes to online security.
Set simple ground rules, like restricting company WiFi to company devices—each device on your network is a potential liability. Similarly, make it clear that personal email should be avoided on organization networks, and that employees should not open anything that is not relevant to your business—unsolicited links are how the vast majority of viruses are introduced to computers, make sure that your employees know to avoid them! This is not to say that you should create an environment of paranoia, but simply educate your workforce on the risks of unbridled internet activity—these are things that many people simply would not think about.
LOCK IT DOWN
Hackers have so dominated media coverage in recent years that many businesses overlook the timeless threat of burglary. All of the software in the world cannot protect against a good ol’ smash-and-grab. Lock the doors that lead to sensitive technology. Consider investing in lock ports, simple devices that physically lock computers down. These physical locks are not entirely foolproof, but they just may slow a burglar long enough for security to arrive, or dissuade them from snatching your hardware in the first place.
HIRE A PROFESSIONAL
In the end, all of these measures work best when they are being monitored. Frankly, that can be a lot of work. If your information is highly sensitive, you may wish to consider hiring a security expert. Aside from simply monitoring security systems, a security expert has the training and knowledge to identify potential weaknesses before they are spotted by hackers. By responding to weaknesses and new threats as they arise, a security expert can actively work to keep your business optimally secure. This service can be an invaluable investment when you consider the cost of a data breach.
Hackers may seize any opportunity to steal or compromise information, and all you can do is expose your business is little as possible. Back up your data. Strengthen your passwords. Use security software and keep it up-to-date. Educate your employees. Ensure that everything is physically secure. Finally, hire an expert if you think the risk justifies the cost. Online security requires prudent foresight and preparation, and it’s best to get started now.