STEPS FOR BETTER CYBER SECURITY
Steps To Better Cyber Security
“I already have anti-virus software – isn’t that enough?” a client asked us recently. Let’s think about this in the perspective of your home. Is having one lock on your door enough? Would you feel safe with just one lock? If you have three doors that access your home, but only one has a lock, is that enough? Or would you want a lock for each door? What about a deadbolt? Or passcode protection on your garage door? A fire alarm in case of a fire?
This isn’t any different from your cyber security. We have provided our top 6 tips to keep your business safe on the internet. Feel free to contact us so we can help implement these security measures into your business!
1. Keep software up-to-date
Software companies typically provide software updates for 3 reasons: to add new features, fix known bugs, and upgrade security.
Always update to the latest version of your software to protect yourself from new or existing security vulnerabilities.
While operating system updates are among the most important updates it does not stop there! keeping other programs such as Outlook, Office 365, Quickbooks, and Malware/Anti-virus software can greatly decrease your chances of having data stolen hacked, or leaked.
We can Help! Click here to learn more
2. Avoid opening suspicious emails
Do NOT open suspicious-looking Emails! if an Email looks odd then it probably is. According to the FTC (Federal Trade Cpmmission) “Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may
say they’ve noticed some suspicious activity or log-in attempts
claim there’s a problem with your account or your payment information
say you must confirm some personal information
include a fake invoice
want you to click on a link to make a payment
say you’re eligible to register for a government refund
offer a coupon for free stuff”
One way to avoid falling into a Phishing Scam is not to click any links in the suspicious Email. rather go to the website portal you know directly in your browser.
Sometimes phishing emails will use very similar-sounding names or misspelled names of other companies such as “Amozon.com” or an Email address like “Billing@Amozon.com” if not careful it could look a lot like Amazon.com.
One other trick used by scammers is to make an email look like it’s coming directly from within your organization or from an organization you trust! Always check to make sure you know who you are communicating with before sharing any confidential information.
3. Keep hardware up-to-date
Keeping your hardware up to date can be just as important as keeping your software updated. Depending on the hardware manufacturer your device is only supported for so many years to receive software updates. This means that once your device is “unsupported” you are vulnerable to hackers and malware.
Hardware does not just include your computer. Your Networking Hardware and Server Hardware also play a large role in keeping your organization safe!
Keeping your Hardware up to date ensures that you have access to the most up-to-date software, offers uniformity across your organization, and can greatly speed up your workflow!
4. Use Two-Factor or Multi-Factor Authentication & a Password Manager
Two Factor Authentication (Commonly referred to as “Multi-Factor Authentication” or “2FA“) is a great option to implement into your business. 2FA offers security and safety to your organization. With 2FA you need TWO different Factors to log in to different systems, typically a password and a key generated on a separate platform or device. Often times this process can be automated to simply send
2FA can help you meet compliance for organizations like HIPAA
2FA takes away password risks
You may find interesting the following facts from a study done by Google in 2019.
59% of U.S adults have incorporated their birthday, or a pet’s name, or their own name into their passwords.
24% of Americans have used abc123, Password, 123456, 111111, Qwerty, or Admin as their passwords.
27% of those surveyed attempted to guess someone’s password and of those 17% have gotten the password correct
4 in 10 Americans Say their personal information has been compromised online
47% of those compromised have lost money
A Password Manager can generate and store a unique password for each account you have, additionally many of these use 2FA to access these passwords. according to the same study done by Google, 66% use the same password for more than one account. This means that if someone gains access to one account they may start trying other accounts with the same password.
A good way to check to see if you have had any passwords leaked is to visit https://haveibeenpwned.com a free resource that can see if your E-mail address were in any major Data breaches when a major company gets hacked.
5. Back up your data
Data backups should be a regular part of your business! The best part is if it is set up properly you don’t even need to think about it, as much of the process can run automatically every day. You should always have at least 2 copies of your data. Many companies follow the “3-2-1 Rule”
* 3 Copies of Data
* on 2 Different media
* With 1 Copy being off-site
One BIG mistake many small businesses make is keeping their only backup on-site. If this is the only copy you are stuck without data if there is a disaster or break-in.
Cloud-backups are a great way to backup your data every day without you even needing to think about it. With your data being backed up to the cloud there is no need to panic if your computer gets lost, stolen, or damaged!
according to the National Archives & Records Administration in Washington “93% of companies that lost their data for 10 days or more filed for bankruptcy within one year of the disaster, and 50% filed for bankruptcy immediately”
Let us Help!
6. Use Secure Wi-Fi Networks
The ease of connecting your work computer to a local Coffee shop or airport Wi-Fi may seem convenient, but the inconvenience of having data stolen or being hacked far outweighs the convenience!
Many people just don’t realize just how dangerous connecting to an unencrypted open Wi-Fi can be!
If you are sending and receiving information an open Wi-Fi then other “bad actors” can intercept that data This can include: login credentials, financial information, and personal data.
Being on an open Wi-Fi doesn’t just mean that someone can take data OFF of your computer, they can also put things ON your computer including Viruses, Trojans, Worms, and Ransomware!
What Can You Do?
If you have to use a Public or open Wi-Fi don’t share anything Private. Avoid checking email, or logging into your personal accounts. Connect and get the information you need, then disconnect.
Use a VPN (Virtual Private Network) to secure your connection. a VPN re-routes your connection to a private secure connection. This means that anyone trying to access your data on that network gets encrypted unreadable data.