Cyber criminals are targeting our business’ every day. Cybercrime is a growth industry with every large and small business vulnerable to data loss, extortion, and lost revenue. By taking a few steps your business greatly reduces the odds you won’t become the next cyber victim.
The “It Won’t Happen To Me” mindset
Yes – it will. If you haven’t been a victim, it’s just a matter of time; unless you take proactive steps to ward off threats. Even a one person, one computer business needs to take the same precautions as larger corporations. You might think your PC and its contents are of no, or little value, but it is. Cyber criminals will rent the use of your highjacked computer to other criminals. In turn they’ll use your computer as a means of spamming, phishing, or as a soldier in a denial of service attack. Perhaps they’ll use your computer to attack another business.
I’m Off The Radar Of Cybercriminals
No – you’re not. Cybercrime is an organized crime ring. They are run like very large businesses with HR departments and R&D, vacation time and paid holidays. Cyber criminals automate attacks targeting tens of thousands of computers at once. They might not be looking for “you”, but they are looking to steal from you. It’s not one guy attacking one computer from his parents basement.
Can You Guarantee I Won’t Get Hacked?
No, of course not. No one can, and if someone does your internal radar alert should go up as a warning. There are no absolute guarantees. However, you can make your business very undesirable to an attack so that the criminals move on to the next guy who is much easier to penetrate.
But I Have A Firewall And Antivirus.
Firewalls and antivirus were fine when you were going to “party like its 1999”. Both are good to have today, but alone they wont prevent a hacker form compromising your business.
So, How Do They Get In Then?
Honestly, there are many ways cyber criminals get in. What you have to do to protect your business from cybercrime is to build a moat of protection around your technology. Think of King Arthur and his castle with multiple layers of defense. Work from the outside in to build multiple barriers.
What Do I Have To Do To Protect Myself From Cyber Threats?
There is a fair amount to be done. Taking the approach of doing a little bit often softens the impact and makes it reasonable. You’ll have to assign one person to be accountable for cyber protection. Usually businesses outsource that responsibility to an outsourced IT service company.
- Employee Cyber Security Training – Like it or not, people are the weakest link when it comes to a cyber breach. Once an employee clicks on an email link, or unwittingly provides usernames and passwords, its game over. Employee education is the smartest investment you can make to thwart cyber threats. Our approach is one of small, frequent intervals with the occasional “test”.
- Antivirus – Legacy antivirus depended on downloading signature files to detect a virus. It the virus wasn’t identified in the signature list, it simply wasn’t caught. Newer antivirus applications are cloud based providing more resources to detect threats in real time.
- Firewall – Legacy firewalls didn’t do much more than follow rules that it was programmed with to allow or disallow traffic in or out of your business. Newer firewalls integrate content filtering, spam filtering, virus detection, and other techniques to identify and contain threats. Firewalls require periodic software updates to remain current.
- Software Updates – security patches close up known weaknesses which a hacker will try to exploit. Procrastinating just a little bit can leave you vulnerable. Operating systems, business and applications,
- Passwords and Two Factor Authentication – If you have weak passwords, well, you get what you deserve. There’s really no reason these days for weak passwords particularly when a password manager is used such as Dashlane or PassPortal. Two Factor Authentication enhances your passwords with a random number generator. Even if they hackers are logging your key strokes to capture your password, they wont get very far if you have two-factor authentication in place.
- Encryption – we’re in the day and age where file encryption will become the norm. If hackers only have access to encrypted gibberish, we minimize the opportunity for harm. Encrypt server hard drives, cloud storage, laptops and tablets.
- Data backup - This can foil the most aggressive (and new) ransomware attacks, where a hacker locks up your files and holds them ransom until you pay a fee. If your files are backed up, you don’t have to pay a crook to get them back. A good backup will also protect you against an employee accidentally (or intentionally!) deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-erasing disasters. Again, your backups should be automated, monitored and tested. The worst time to test your backup is when you desperately need it to work!
- Internet Content Filtering – When employees browse the web, or a virus calls home to the mother ship, content filtering can block harmful web sites. Content filters can also restrict employees from viewing gambling, adult content, racist, sexist, or other content deemed inappropriate for the work environment.
- Spam Filtering – one spam filter is good, sometimes having two spam filters is better. Depending how old your domain name is, spam might be a serious problem. We have one client that receives 80% of their email as spam. Knowing that one spam filter cant catch it all, we pass their email through a second spam filter. The result is we capture nearly all spam and avoid many harmful web links and minimize employee distractions.
- Computer and Smartphone policy – having a corporate policy on computer and smartphone use is a good business practice. Employees need to understand what is or isn’t appropriate in the workplace. Business owners also need to protect themselves from potential liability.
- Through 999. – Being an IT company we could come up with a list of a thousand things to protect yourself from cyberthreats. We think these top 10 are a good start for the majority of businesses.
Want help implementing these 10 Cyber Security Essentials?
If you are concerned about employees and the dangers of cybercriminals gaining access to your network, then call us about how we can implement a managed security plan for your business.
At no cost or obligation, we’ll conduct a free Security And Backup Assessment of your company’s overall network health to review and validate as many as 18 different data-loss and security loopholes. We’ll also look for common places where security and backup get overlooked, such as mobile devices, laptops, tablets and home PCs.
- Is your network really and truly secured against the most devious cybercriminals? And if not, what do you need to do (at a minimum) to protect yourself now?
- Is your data backup TRULY backing up ALL the important files and data you would never want to lose? We’ll also reveal exactly how long it would take to restore your files (most people are shocked to learn it will take much longer than they anticipated).
- Are your employees freely using the Internet to access gambling sites and porn, to look for other jobs and waste time shopping, or to check personal e-mail and social media sites? You know some of this is going on right now, but do you know to what extent?
- Are you accidentally violating any PCI, HIPAA or other data-privacy laws? New laws are being put in place frequently and it’s easy to violate one without even being aware; however, you’d still have to suffer the bad PR and fines.
- Is your firewall and antivirus properly configured and up-to-date?
- Are your employees storing confidential and important information on unprotected cloud apps like Dropbox that are OUTSIDE of your backup?
I know it’s natural to want to think, “We’ve got it covered.” Even if you have a trusted IT person or company who put your current network in place, it never hurts to get a 3rd party to validate that nothing was overlooked.
Call 508-790-4171 to schedule your Cyber Security Assessment or go online now and sign up at iMediaTech.com/DontBeADuck
You’ve spent a lifetime working hard to get where you are. You earned every penny and every client. Why risk losing it all? Get the facts and be certain your business, your reputation and your data are protected.