Read Time

4 – 5 minutes

TL;DR

• The downside to the digital revolution is that regulations for governing this growth haven’t caught up.
• Business computers need antivirus software and antispyware that are updated regularly.
• Safeguard internet connections with a firewall and information encryption — Wi-Fi networks should also be hidden and secure.
• Establish policies regarding how employees handle sensitive data.
• Educate employees about online threats and how to protect business data.
• Consider implementing multifactor authentication that requires additional information beyond a password to gain entry.
• Work with bank or card processors to ensure the most trusted and validated tools and anti-fraud measures are in place.
• Regularly backup data on all computers.
• Use of business computers by unauthorized individuals should always be prevented.
• Require mobile users to password-protect devices, encrypt data and install security apps to prevent criminals from stealing information while the phone is on public networks.

In recent years, technological advancements are actually moving faster than IT can keep up, which ultimately increases potential vulnerabilities. The costs of breaches are steadily rising, and as new legislation and compliance mandates are put into place, the penalties for noncompliance are increasing as well.

Some Initial Thoughts

The IT landscape is evolving before our very eyes as a direct result of a full-on digital economy. Big data, the cloud, social media and mobile have all accelerated the pace of business like many have never experienced. We see the Internet of Things (IoT) exploding and expanding at a prolific pace, with the market expected to reach $1.7 trillion by 2020 — with advanced robotics, automation and artificial intelligence (AI) quickly adding to this rich mix.

The downside to all this evolution? Regulations for governing all this growth haven’t really caught up. The C-suite is on edge and the discussions in the boardroom have turned to questioning IT practices and policies for everything from encryption to data security, network security and endpoint protection. The bottom line is that it’s critical to remain vigilant as data breaches become a daily threat.

Though not 100 percent fail-proof, the following data security tips boast the ability to reduce vulnerabilities, increase data protection and improve the ability to respond and recover should your business’ operations become the victim of cybercrime.

Protect Against Viruses, Spyware and Other Malicious Code

Each of a business’ computers should be equipped with antivirus software, antispyware and updated regularly. Software vendors regularly provide patches and updates to their releases to correct security problems and improve functionality.

Secure Networks

Internet connections should be safeguarded via the use of a firewall and information encryption — your Wi-Fi network should also be hidden and secure. To hide a Wi-Fi network, a wireless access point or router should be set up so it does not broadcast the network name, otherwise known as the Service Set Identifier (SSID).

Establish Security Practices and Policies to Protect Sensitive Information

Establishing policies regarding how employees should handle and protect personally identifiable information and other sensitive data is a good practice, as is clearly outlining the consequences of violating the business’ cybersecurity policies.

Educate Employees About Cyber-Threats (and Hold Them Accountable)

It’s important to educate employees about online threats and how to protect business data — including safe use of social networking sites — and they should be held accountable for the business’ Internet security policies and procedures.

Depending on the nature of a business, employees might be divulging sensitive details about the company’s internal business to a competitor. For this reason alone, employees should be made aware of how to post online in a way that does not expose any trade secrets to the public or to competing organizations.

Require Employees to Use Strong Passwords and to Change Them Often

While myriad ways to break into systems exist, stolen passwords still present one of the biggest threats.

Your company should consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Further, policies should mandate changes to hard-coded and default passwords that pose a great risk, especially with IoT devices.

Employ Best Practices on Payment Cards

If your business uses a card payment system for most customer transactions, this can unfortunately represent a virtual portal into cybercrime. Your company should work with its bank or card processors to ensure the most trusted and validated tools and anti-fraud measures are in place.

Your company may also have additional security obligations related to agreements with a bank or processor. Good practices include isolating payment systems from other less secure programs and not using the same computer to process payments and surf the internet.

Make Backup Copies of Important Business Data and Information

Companies should always regularly backup data on all computers, with critical data including all of the following:

• Word processing documents
• Electronic spreadsheets
• Databases
• Financial files
• Human Resource files
• Accounts Receivable/Payable files

Data should be backed-up automatically, if possible, or at least on a weekly basis, and copies should be stored either off-site or in the cloud.

Control Physical Access to Computers and Network Components

Access or use of business computers by unauthorized individuals should always be prevented, with laptops being particular targets for theft or loss (so it’s best to lock them up when not in use).

It’s also a good idea to create a separate user account for each employee — all of which require strong passwords. Administrative privileges should only be trusted to IT staff and key personnel.

Create a Mobile Device Action Plan

Mobile devices can create significant security and management challenges, especially if they possess confidential information or can access the corporate network.

For this reason, it’s important to require users to password-protect their devices, encrypt their data and install security apps to prevent criminals from stealing information while the phone is on public networks.

Because all of the aforementioned security tips can be difficult to manage alone, we offer the option to handle a company’s cybersecurity tactics through a comprehensive set of services that deliver real results.

We assist businesses of all industries and sizes with:

• Technicians available on a 24-hour basis to help when you need it the most.
• Network administration protocols that ensure your network is updated to the latest industry standard.
• Proactive monitoring and management to stay a step ahead of any issues.
• Powerful anti-virus protection to block against new viruses coming out every day.
• Monitoring of offsite data and managed machines backup so information remains intact in the event of a catastrophic failure.

Call us today to learn more about our steadfast commitment to powerful data security in an increasingly insecure world.