Cyber Security on a Budget

on Saturday, 03 June 2017.

Cyber security is no longer seen as a business risk, but as a business-critical financial risk. You may think that you and your employees are careful to take precautions against hacking, but in truth, you should be preaching the importance of cyber security each day. However, cyber security does not come cheap. Not to worry, with a small budget and a huge dose of vigilance, you can protect your business. Check out our 10 tips below to keep your business safe.

Train Employees

You need to be regularly speaking to your employees about cyber security. Discuss the potential impact that a cyber incident may have on the company, and on the employee's jobs. Explain to them that while you are making the greatest effort to secure the company's infrastructure, a system is only as secure as its weakest link.

Train employees to recognize an attack, and have a plan in place before a problem occurs. These trainings such include things such as rules for electronic mail, Web surfing, mobile phone usage, and social networks. Include these three basics in each training:

  1. Unplug computer.
  2. Notify administrator of anything suspicious.
  3. If you can't find the emergency information technology department's number in less than 20 seconds, start memorizing.

Lock down Sensitive Information

Sensitive information is one of the things that hacker like to exploit the most. Sensitive information includes personal identity information for employees, customers, and patients, as well as financial data, business trade secrets, and other company confidential information. You should limit employee's access to this type of information on a need to know basis. For paper files of this kind, you should lock them in drawer, cabinet, safe, or some other secure location.

Get Rid of Sensitive Data the Right Way

Never just throw away papers that contain sensitive data. You should always shred these documents, and then recycle. When you are disposing of electronic devices, make sure to wipe all the data from them. Electronic devices include desktops, laptops, tablets, smartphones, and storage hardware.

Strong Password Protection

Hackers are constantly trying to get passwords, and they utilize several different tactics to get them. Password protect all company owned electronics, as well as your network and accounts. Require employees to change passwords every 90 days, and set a strong, not too easy to guess password, with a variety of characters.

Protect Against Malware

Malicious software, otherwise known as malware, are usually in the form of viruses and spyware, and they target sensitive information or cause damage to the electronic device. It is easy to install malware as it could be on a malware-laden USB that an unsuspecting employee plugs into their device, or associated with a link in an email or website. To avoid attack by malware, make sure company electronics are installed with the latest and up to date antivirus and anti-spyware programs available.

Control Physical Access to Computers

To prevent unauthorized users from utilizing your company electronics, make each employee a user account that they must sign in with. Anyone without an account will not be able to access the electronic. As laptops, tablets, and smartphones are easy to carry off, lock them in place when they are not being used and perhaps consider placing tracking chips on these devices.

Encrypt Data

Encryption is very important in the business world. Encryption, which is encoded information, can only be accessed by the person who holds the key or code to unlock it. Your operating system or antivirus usually comes with an encryption program, and all you will have to is activate the program. There are also encryption programs available that are made specifically for the type of business you are running.

Make Sure Software and Operating Systems are Up to Date

Malware is always growing, getting bigger and stronger, and attacking with more vigor than the day before. Making sure that your business's software and operating systems are up to date is just another small step to making sure that you are protected from hackers. These systems are your first line of defense against malware.

Lock down Your Network

Enabling your operating system's firewall or purchasing and installing a firewall software will prevent hackers and outsiders from gaining access to sensitive information on your network. For employees that work remotely, you will need to set up a Virtual Private Network (VPN), so that they will be secure working away from the office. If you have wireless internet in the building, make sure that it is password protected and that your Service Set Identifier is hidden, so that the public can try to access it.

Verify Security Controls of Third Parties

Payroll, credit card processing, and security management are all sometimes completed by third-party companies. Before you hire a third-party to complete services for your company, you need to do a thorough background and security check on them. Things that you should look for in a third-party vendor are as follows:

  • strong security policies and procedures
  • frequently back up their data on a hard drive and the cloud
  • complete routine internal security checks
  • perform background checks on employees with access to your company's data
  • require employees to complete data security training
  • have a plan in place in case of a cyber security attack occurs

After you have looked in the third-party vendor and deemed them acceptable for use, you want to put a service level agreement in place that discusses security expectations and gives you the right to complete routine checks on the vendor.

If you implement these 10 tips into your business's cyber security plan, you will be well on your way to being protected from hackers. However, it's important to remember that the world of technology is constantly changing, so regular upkeep will be required to keep you protected.

Marketing Services

In addition to business credit checks we provide a wide range of business services including business to business data cleansing and a wide range of other business services.