Read on to learn how you can protect your business from the most common cyber attacks. The 5 topics covered are easy to understand, and cost-effective to implement.
1. Back up your data
Take regular backups of your important data, and test they can be restored.
This will reduce the inconvenience of any data loss from theft, fire, other physical damage, or ransomware.
Identify what needs to be backed up. Normally this will comprise documents, photos, emails, contacts, and calendars, kept in a few common folders. Make backing up part of your everyday business.
Ensure the device containing your backup is not permanently connected to the device holding original copy, neither physically nor over a local network.
For best results, consider backing up to the cloud. This means your data is stored in a separate location (away from your offices/devices), and you’ll also be able to access it quickly, from anywhere. Check out our products catalog for enterprise-ready cloud backup servers.
2. Keep your mobile devices safe
Smartphones and tablets, which are used outside the safety of the office and home, need even more protection than desktop equipment.
Switch on PIN/password protection/fingerprint recognition for mobile devices.
Configure devices so that when lost or stolen they can be tracked, remotely wiped, or remotely locked.
Keep your devices and all installed apps up to date, using the ‘automatically update‘ option if available.
When sending sensitive data, don’t connect to public Wi-Fi hotspots – use 3G or 4G connections (including tethering and wireless dongles) or use VPNs. Check out our products catalog for enterprise-ready cloud VPN servers.
3. Prevent malware damage
You can protect your organization from the damage caused by ‘malware’ (malicious software, including viruses) by adopting some simple and low-cost techniques.
Use antivirus software on all computers and laptops. Only install approved software on tablets and smartphones, and prevent users from downloading third party apps from unknown sources.
Patch all software and firmware by promptly applying the latest software updates provided by manufacturers and vendors. Use the ‘automatically update‘ option where available.
Control access to removable media such as SD cards and USB sticks. Consider disabled ports, or limiting access to sanctioned media. Encourage staff to transfer files via email or cloud storage instead.
Switch on your firewall (included with most operating systems) to create a buffer zone between your network and the Internet. Check out our products catalog for enterprise-ready cloud firewall servers.
4. Avoid phishing attacks
In phishing attacks, scammers send fake emails asking for sensitive information such as bank details, or containing links to malicious websites.
95% of data breaches began with phishing attacks, the average employee receives 4.8 phishing emails per week, and the average phishing attack can cost your business $1.6 million USD.
Ensure staff don’t browse the web or check emails from an account with Administrator privileges. This will reduce the impact of successful phishing attacks.
Scan for malware and change passwords as soon as possible if you suspect a successful attack has occurred. Do not punish staff if they fall victim to a phishing attack. This will discourage future reporting from staff.
Instead, have your security staff conduct weekly, monthly, or quarterly phishing tests to focus user security awareness training efforts on those most vulnerable in your organization.
Check for obvious signs of phishing, like poor spelling and grammar, or low quality versions of recognizable logos. Does the sender’s email address look legitimate, or is it trying to mimic someone you know? Check out our products catalog for enterprise-ready phishing servers for user security awareness training.
5. Use passwords to protect your data
Passwords – when implemented correctly – are a free, easy, and effective way to prevent unauthorized people from accessing your devices and data.
Make sure all laptops and desktops use encryption products that require a password to boot. Switch on password/PIN protection or fingerprint recognition for mobile devices.
Use multi factor authentication (MFA) for important websites like banking and email, if you’re given the option.
Avoid using predictable passwords such as family and pet names. Avoid the most common passwords that criminals can guess (like passw0rd).
If you forget your password or you think someone else knows it, tell your IT department immediately.
Change the manufacturers’ default passwords that devices are issued with before they are distributed to staff.
Provide secure storage so staff can write down passwords and keep them safe separate from their device. Ensure staff can reset their own passwords easily.
Consider using a password manager. If you do use one, make sure that the ‘master’ password that provides access to all your other passwords is strong. Check out our products catalog for enterprise-ready cloud password manager servers.