Negosentro | 5 Ways Your Business Can Get Serious About Cybersecurity | The threat to the business community from cybercrime has never been greater. A report from McAfee put the global cost of online attacks at $6 trillion in 2021 alone. Companies that make online safety a priority are less likely to suffer a devastating cybersecurity attack, but many entrepreneurs don’t put their best foot forward in this area because they have no idea where to start. Here are five fundamental strategies for making your business more secure in the coming year.
1. Teach Computer Literacy
There’s a huge difference between knowing how to use a computer and how to use it wisely. Jargon is part of the issue. Laypeople who research computer science often find themselves asking, “What is SSH?” or “What does SQL injection mean?” Start with the basics. Learn why your systems work the way they do and what specific threats are emerging now that might put them at risk.
It’s especially important to be on the lookout for scams. Research by Tessian a few years ago showed that 43% of employees admitted to making mistakes at work that compromised cybersecurity. That’s why it’s important to not just be a learner but also a teacher. Train employees regularly in proper security standards and show them how to spot threats before they strike.
2. Store Vital Data Offline
Hitting the save button on your work is always a good idea, but storing important information on devices connected to the internet leaves that data vulnerable to a breach. Cloud security is quite advanced, but that kind of decentralized information storage still carries risks. The optimum solution is probably using an encrypted disc that is placed in a safe at the end of the day. Simply storing data on a flash drive is a good start, especially since many drives come with inexpensive security add-ons like biometric recognition. It’s a good idea to stagger these storage protocols, keeping the less critical information on your devices but moving your own personal data and that of your customers to one of these more secure locations. Most important of all, make sure you trust the keyholders completely.
3. Secure All Endpoints
Endpoint security is the phrase used to describe a new kind of modern security protocol. In endpoint security, emphasis is placed on upgrading and standardizing defenses (like antivirus and firewall systems) across an entire network in addition to carefully controlling user access. Having a common standard of protection is especially important given the prevalence of remote work since employees are likely to use a diverse array of devices. Consider limiting user privileges to the minimum needed for a task. In other words, assume that a stranger brings danger. This idea is called zero-trust security and is becoming an unfortunate necessity in our networked age.
4. Keep Software Updated
A surprising number of high-profile attacks have happened because someone neglected to update their software. Indeed, 66% of non-experts either wait to update or don’t update at all. This is understandable given that updating a system can often either cause bugs or require some downtime, but these updates typically contain patches for recently-discovered vulnerabilities. When an update becomes available, at least consider hitting the download button.
5. Destroy Before You Dispose
There’s a time-honored tradition among cybercriminals known as “dumpster diving.” It’s exactly what it sounds like. Hackers search through trash to find useful personal information that was carelessly discarded. Throwing away banking information, order invoices and medical records can provide a wealth of information about a company.
Passwords, however, make an especially attractive target. It’s all too easy to scribble down a password in a day planner or on a sticky note and then throw it away. Make sure that anything important that’s written down is destroyed by fully shredding it before it’s disposed of. Be certain that all of your employees are following these rules. This way you can prevent credential stuffing attacks. If you have a security system, keep it trained on the waste disposal area in addition to entrances and exits.
When it comes to online threats, the best countermeasure is always knowledge. Take these tips as a starting point as you research the next steps to take to keep your company safe.
Infographic created by Donnelley Financial Solutions, a data room provider