With so many highly publicized data breaches over the last several months let’s talk about some of the best ways to minimize🔍 a compromise. It is important to remember that while these suggestions can help minimize a compromise, they will not completely minimize the chances of a data breach or unauthorized access. Just like in winter, wearing multiple layers of clothing is needed to stay warm, cybersecurity requires multiple solutions in place along with policies to stay protected.
Protecting accounts
This is a critical step in preventing a compromise. When a cybercriminal has access to your passwords, you are opening the front door for them to come rob you. Having a password policy that encourages strong passwords that are unique and not used on multiple accounts is one of the best ways to to prevent or minimize a compromise. Keep the following in mind:
- Consider using a passphrase as longer passwords are typically more secure
- Make your passwords complex by including upper and lower case letters, numbers, and special characters
- Each account you have should have its own unique password
- Minimize shared accounts and shared passwords
- Use password managers
Data backups
Data backups play a crucial role in minimizing a compromise, especially if you are a victim of ransomware. Having up to date data backups that you can quickly and efficiently restore from can get your business up and running much sooner than if you have no backup policy. Having these backups in place should also minimize the need to pay any ransom for your data. It is important to verify your backups are working correctly and to practice restoring from them to ensure usability.
Device updates
Updating your software or your smartphone apps can get annoying, but these are a must do. These updates can fix security vulnerabilities, provide a better user experience, implement useful new features, allow for better customization and oftentimes provide better battery power, quicker processing power, or better connectivity.
Not only does your software need to be updated, sometimes your hardware does too. Commonly forgotten hardware that receives updates are: printers, WiFi routers, internet modems, smart devices, security cameras,
Knowing your network
Understanding your network is important in protecting it. This means you know what data you have, if that data is confidential and sensitive, who is supposed to have access to the data, what devices are on your network, etc. One of the most important things you can do is to scan your network, both internally and externally. These scans can provide great insight into your network, allowing you to see your network as a hacker would. This lets you then fix any of the vulnerabilities you have found. You may also even find an unauthorized user on your network!
Phishing emails
By now, many people are aware of what phishing emails are and what they look like. They are a form of social engineering, tricking us into letting the hacker get access to our data. Phishing is also usually the first interaction we have with the cybercriminals. According to SecurityMagazine.com, over 3 billion fake emails are sent every day! Because of this it is important to stay diligent, but also to leverage cybersecurity tools to help prevent these emails from ever getting to you.
Raising awareness
Lastly, it is just as important to raise awareness with your employees about the threats they face from cybercriminals. Include short conversations in meetings, send email notifications and reminders, and challenge them to practice smart cyber actions. Make cybersecurity be part of your business culture!
For more information on cybersecurity check out Small Business, Big Threat!