Install security and antivirus software against malware or malicious software which can access a computer system without the owner’s consent for a variety of uses, including theft of information. Also, use a firewall program to prevent unauthorized access. Protection options vary so it’s important you find the one that is the right fit for your company size and the complexity of your business.
Ensure that employees and other users connecting to your network use strong user IDs and passwords for computers, mobile devices, and online accounts by using combinations of upper and lowercase letters, numbers, and symbols that are hard to guess. It’s also important the passwords are changed regularly. Consider implementing multifactor authentication that requires additional information beyond a password to gain access. Check with vendors who handle sensitive data to see if they offer multifactor authentication to access systems or accounts
Take measures to limit access or use of business computers to authorized individuals. Lock up laptops when not in use as they can easily be lost or stolen. Require your employees to each have their own username and password and prohibit employees to share information.
Only give employees access to the specific data systems they need to do their jobs, and don’t let them install additional software without permission from those that are specialized in the realm of security.
Establish security practices for employees, such as appropriate Internet usage guidelines, and set expectations and consequences for policy violations. It’s important to review this information with your employees routinely and ensure that all employees know how to identify and report potential security incidents.
Employees and third parties should only connect to your networks using a trusted and secure connection. Public locations and free Wi-Fi connections are not always secure, making it easy for cyber criminals to intercept the Internet traffic.
Employees need to be suspicious of unsolicited emails asking them to click on a link, open an attachment, or provide account information. It’s easy for cyber criminals to copy a reputable company’s logo to create a replica website or phishing email. The safest strategy is to ignore unsolicited requests or download unexpected attachments, no matter how legitimate they appear.
Software vendors regularly provide patches or updates to their products to correct security flaws and improve functionality. Download and install software updates as soon as they are available or configure these updates to happen automatically.
Regularly backup the data from computers used by your business. Remember to apply the same security measures, such as encryption, to your backup data that you would apply to the original. In addition to automated backups, regularly backup sensitive business data to a storage device at a secondary location that is secure.
Review your account statements and activity via Online Banking regularly. Keep an eye out for any suspicious transactions and make sure you report any activity immediately.
If your employees connect their devices to your business network, require them to password-protect their devices, encrypt their data, and install security apps to prevent criminals from accessing the device while it is connected to public networks. Be sure to develop and enforce reporting procedures for lost or stolen equipment.
Scams can range from payments with a worthless check or fake credit or debit card to fraudulent returns of merchandise. Keep an eye out for any suspicious transactions and make sure you report any activity immediately.
It’s always important to educate yourself in the world of cybersecurity. Stay up to date on the latest scams and make sure you know what to do if, or when, the time comes and you need to report fraud.