Technology has reached a level we never thought possible 20 years ago, and companies are now engaged in a constant war against cybercriminals to protect data and finances. It’s not something that can be ignored, either; just about every organization must now have an online presence of some kind, from individual freelancers right up to the corporate giants. Today we’re offering some common sense advice to stay safe.
Secure Your Hardware
While a lot of companies are focused on the big headline issues of malware and ransomware, protecting your hardware can sometimes get overlooked. Always start with the basics and remember that devices like laptops, mobiles, and tablets should have protections like enforced password protocols, ‘find my device’ software in case of theft or loss, and software that allows you to remote wipe your employees’ hardware.
Remember, a lot of data breaches occur as a result of lost or stolen kit. These controls above are all relatively simple to implement, and there are a number of cybersecurity companies out there that can provide good hardware coverage at reasonable prices.
Keep Your Systems Up to Date With Security Patches
We can’t stress enough just how important this is. All of the biggest cyber hacks of recent years have come through attackers exploiting vulnerabilities in older versions of software or through infiltrating unpatched devices. Make sure you’ve enabled automatic updates on all your company kit and set them up so that security patches and updates are enforced.
Your staff might grumble that they lose productive time while the patching process takes place, but it’s worth it to have devices and software protected against all of the latest malware.
Make Sure You Have Robust Firewalls and Antivirus
These tools will form your first and second lines of defense and are absolute must-haves. While small companies and freelancers might be able to get away with free versions, you’re going to need to pay for the best levels of security. The more you pay, the more benefits you get, including dashboard management and control of those files as well as programs you’ll allow past your defenses.
The type of antivirus and firewall will largely depend on your own company’s needs, but you’ll find a huge variety of vendors out there ready to help.
Consider Using a VPN
A Virtual Private Network (VPN) is one of the most useful tools for protection against surveillance and hacking. Vendors are now offering cloud-based solutions that encrypt all of your network traffic, allow for private remote access for your staff, and let you manage all network activity.
They make sure that no malicious parties are looking over your shoulder, and provide an added layer of protection to ensure that your company data and information is safe
Educate Your Staff
It’s vital that you embed the importance of cybersecurity in the culture of your organization. You can have all the best defenses and most up to date kit there is, but if there’s a breach at the user level, this will have been for nothing. The vast majority of cyber-attacks and data breaches actually come from human error. Things like a staff member inadvertently clicking on a malicious link, or somebody losing their mobile devices.
Your staff needs regular training on how to spot phishing emails and how to spot suspicious content, scanning attachments from new contacts before opening them, and remembering to password protect any data that leaves the company.
You should do this from day one as part of the induction process, but don’t forget to carry out follow up exercises throughout the year.
Backup your data
As we’ve seen from high profile ransomware attacks in recent years, organizations can be saved by keeping regular backups of all data. If you don’t have a backup solution and you suffered a major malware incident, it could spell the end for your business.
Even if you suffer a catastrophic malware incident and find all of your devices locked and compromised, if you’ve prepared with a backup solution, it’s a simple case of switching over and getting on with your work. There are of course costs involved in procuring new devices and cleaning up the mess, but importantly, the company will survive.
Have a Business Continuity Plan
This point is related to keeping the comprehensive data backups we talked about above. Just how will you continue to operate if you come under a cyber attack? Document your critical systems, and those business areas that need the most protection, and write out a step by step plan on how you intend to get up and running again if you are hacked. Make sure to regularly test your plan to make sure your staff are ready and won’t get flustered if the real thing comes along.