For a small to mid-sized business, keeping your smartphones, tablets, PC’s and laptops safe from cyber-attacks can seem overwhelming. Security threats are getting more sophisticated and difficult to detect and thwart.
It’s not all doom and gloom, though. As many hackers are out there developing ways to steal your data, there are even more smart people working on ways to stop them. For instance, your mobile provider is a great place to start if you have questions about mobile security. They sell you the phone, they most certainly want to make sure your information is safe while using it.
You can also take some very simple steps on your own to protect your business and your employees from cyber threats. Let’s take a look at five easy things you can do today.
1. Protect your data
- Use Strong passwords. Complex passwords deter hackers.
Passwords should consist of at least 13 characters with a mix of numbers, symbols, and capital and lower case letters. And passwords should be changed every 30 to 100 days. Consider using a password manager app that makes remembering and entering passwords easier.
- Learn to identify “phishy” emails. Phishing is designed to trick an individual into giving away information (passwords, bank details, etc.). Never open an email from an address that looks questionable or from an untrusted source. Ninety-five percent of successful hacks and data breaches begin with a phishing scam.
- Add multi-factor authentication. Instead of one password,multi-factor authentication typically involves a two or more step validation process. Even if a hacker guesses the password, they are unlikely to ever guess the code, since a code is usually only valid for 30 or 60 seconds.
- Back up data once a week (minimum). Preferably in real time. With that type of backup, even if a hacker starts to mess with your company’s data, you have a clean copy available. That can also help you deal with a ransomware attack, in which a hacker locks up your data until you pay a specified ransom.
2. Create secure connections
If you have a Wi-Fi network, make sure it is highly secure and well hidden. You would be surprised at how many companies neglect this and end up infiltrated by a hacker sitting in their parking lot. And make sure that your wireless access point or router doesn’t broadcast its network name and that access is password protected.
Added security can also be provided by a virtual private network, or VPN. A VPN will encrypt all the network traffic, and make it nearly impossible for a hacker to do anything with your data even if he succeeds in breaking into the network. While a VPN is important to your overall network, it is absolutely vital for any employee who works remotely or who is highly mobile and uses public Wi-Fi networks, which are the most dangerous.
And always set up a firewall, both external and internal. Work with your IT department to determine the best option, and make sure that employees who work for you from home also use a firewall. These systems prevent unauthorized users from accessing your websites, email services, or other data sources.
3. Leverage your IT people
If you have IT staff, it’s a good idea to work closely with them on an ongoing basis and take full advantage of their expertise. That includes making sure that employees promptly report security warnings, anomalies, or anything suspicious to them to address.
If you don’t have an IT staff, look at bringing in a security consultant to ensure you are well protected. Or call your mobile provider. They have experts readily available and willing to talk to you for free about how best to secure your devices.
4. Secure mobile devices
The proliferation of mobile devices has made them a prime target for cyber criminals. Keeping hackers out of your smartphones, tablets and laptops calls for a combination of prevention and active threat monitoring.
Here are three basic mobile device security preventive strategies to consider:
- lock down apps and restrict them to authorized users;
- limit the online sites an employee can access as well as what files can be downloaded;
- manage mobile devices closely, so that if one is lost or stolen it can be immediately remotely locked and its data wiped clean.
Don’t be a victim of a cyber-attack. Read this post about the 7 Costly Mobile Security Mistakes to learn more about how hackers target businesses and how to protect your mobile devices.
By combining a mobile device management solution with a sophisticated artificial intelligence-based threat detection tool, you can detect malicious activity instantly and automatically. The system’s intelligence analyzes behavioral data and other indicators of possible risk. So even if a user clicks on a malicious link and triggers a malware infiltration, the system can detect the activity before it can do real damage and either recommend action or take action on its own.
5. Embrace education and training
Educating and training employees on your company’s security practices is essential. They need to know that protecting the network is paramount. The top priority is to teach them about the different ways cyber criminals can break into your devices and your network, which includes how to recognize the signs of a breach.
Regular training sessions can be used to address cyber security best practices, the changing nature of the threats, and to reinforce basics such as using strong passwords, identifying and reporting suspicious emails, leveraging multi-factor authentication, and avoiding potentially hazardous links or attachments.
It’s unfortunate that small and mid-sized business have to devote so much energy to cyber security, but that is today’s reality. By following a few key security-conscious guidelines, you can keep your business as safe as possible and ensure that you will keep on operating without disruption.