Top 6 Cyber Security Basics for Small Businesses
Most small business executives agree that cyber security threats are real. From malware to phishing scams, many have gone through the pain of losing data, money, productivity, or all of the above. If you haven’t suffered a loss yet, you should count yourself among the lucky.
You know that your company data should be secured as much as possible, but cyber security is an expansive topic with many areas to cover, so where do you start?
Here are 6 basic cyber security minimums that every company should have in place for a fighting chance against security threats:
1. Complex Passwords or Pass-Phrases That Change on a Regular Basis
No matter how hard you try, passwords can be guessed or shared.
If they are complex or “strong,” it makes them harder for hackers to crack. And even if they do get ahold of the password, changing it regularly limits that amount of time that unauthorized access continues.
In many cases, your IT team can set your system up to require passwords have a certain level of complexity, and that they be changed in whatever interval you want. In others, it can be as simple as a written policy.
Consider setting them to change every 45 to 90 days.
2. Current Anti-Virus and Anti-Malware Protection
Software companies are fixing vulnerabilities in their software all the time. Make sure that all devices used in your business have the latest versions of software and operating system installed.
Also, make sure to use a professional grade anti-virus and anti-malware software package on all of your systems.
3. Spam Filtering
There’s no way to prevent all spam, but spam filters do a great job at keeping 99% of spam and phishing emails from making it to your inbox. This protects your business, and provides a better experience for your users.
4. Business-Class Firewall
Your Internet Service Provider (ISP) may have installed a router or another piece of equipment for Internet access, and that’s fine, but you need another layer of protection.
A firewall manages the traffic you allow into your network. It can also provide web content filtering, meaning you’ll be able to control which websites employees can visit on your network. This protects your employees from accidentally visiting compromised websites, and may provide productivity benefits as well.
5. Selective Wi-Fi Permissions
From payroll and accounting information to proprietary client lists, even the smallest of businesses store lots of sensitive data on their networks. Wireless Internet access should be granted on a limited basis.
Permissions should be set up on your Wi-Fi to make sure only authorized users can do certain activities on your network.
If you regularly have guests, like vendors, contractors, and friends visiting your office, you should set up a separate “guest” Wi-Fi network. This allows them the benefit of connectivity at your facility, while keeping confidential information out of their hands.
6. Patch Management
Patches are the updates that software manufacturers release on a regular basis to fix known system issues and protect against security vulnerabilities.
Patch management refers to the process of making sure patches are tested, rolled out, installed, and up-to-date on the technologies that need them.
It’s important to keep your devices up-to-date so hackers can’t exploit known security weaknesses. Servers, desktop computers, laptops, firewalls, spam filters, and anything else connected to your network should be kept up-to-date.
As software ages, the developers stop releasing patches for it. Windows Server 2003 and Windows XP are examples of software that isn’t supported by the manufacturer anymore. Just one machine without the latest patches creates an easy target for bad guys and may put your entire network at risk. These machines should be updated as quickly as possible.
Bonus Tip: Restorable Backups
Even if you take all of the necessary precautions, sometimes bad things still happen. This is why it is important that you have a good, restorable backup solution in place. If a virus or other infection makes it to your systems, you’ll still have all your data – and you’ll be back up and running quickly.
If you’re unsure if your company’s network is as secure as it should be, talk to a trusted IT consultant. They’ll be able to assess your situation and provide recommendations to mitigate the risk of security threats.
About Courtney Casey
In an industry dominated by men, Courtney Casey, Director of Marketing for Accent Computer Solutions, Inc., is making her mark on the world of information technology. Courtney has been immersed in the IT field most of her life and has been molded into the tech savvy expert she is today. She began working for Accent while earning her Bachelor's degree from California State University, Long Beach. Known in the Inland Empire as the "Tech Girl," Courtney is a regular columnist for the region's newspaper of record, The Press-Enterprise. Her columns address topical news trends, new technology products, and offer advice on how to embrace technology or avoid common IT pitfalls.