If the majority of your business wasn’t conducted online prior to the pandemic, I can almost guarantee that now, in some form or another a key part of your business can be found online and that’s why it’s important to protect it.
Unsurprisingly the need for correct cybersecurity personnel and practices has only increased during the pandemic, despite the efforts to increase cyber security amid growing reports of data breaches.
Humans seem to be the weakest link in the security chain with infosecurity magazine reporting that 90% of all data breaches were down to human error.
At Purple, one of our core values is “with great data, comes great responsibility” and that’s something our company takes very seriously, hence why I’m compiling this list to help you keep your business protected online.
Use a password manager
Passwords are like the magical key to most of our business and unfortunately The majority of people use very weak passwords and reuse them on different websites.
How are you supposed to use strong, unique passwords on all the websites you use? The solution is a password manager.
Password managers store your login information for all the websites you use and help you log into them automatically. They encrypt your password database with a master password – the master password is the only one you have to remember.
Password managers are not only useful for keeping your passwords in a convenient place for you to recall at any time, they also boast a feature that generates passwords for you.
These generate a longer password, which is more secure and harder to crack, and the passwords generated by password managers are combinations of random numbers and letters that are very secure.
In addition the benefit of using a password manager to create unique passwords is, if one is compromised, others aren’t.
This is particularly useful to prevent credential stuffing attacks, which are common among cyber criminals.
Credential stuffing is where attackers use lists of compromised user credentials (usernames and passwords) to breach into a system.
The attack uses bots for automation and scale and is based on the assumption that many users reuse usernames and passwords across multiple services.
Create and set policies – no matter your company size
Small businesses and other SMEs tend not to have strict policies in place and business size is really irrelevant when it comes to online crime and fraud, with companies smaller in size being easier targets due to limited or no in-house IT support.
Rather than creating policies from scratch, you should use a well known and respected security policy framework like ISO 27001 which is an easy signifier to external companies of a certain baseline level of security within your organization.
Protect your accounts with two-factor authentication
Two factor authentication 2fa is an extra verification on top of your username and password.
A username being something you are, a password something you know and your personal mobile with a code is something you have.” for it to be 2fa you need all three.
Once you enter your password (the first authentication) the second form of authentication will commonly come in the form of a code in an sms message, much like a PIN number.
Unlike a PIN code a 2FA code can only be used each time you log into your account, users will receive a new code upon each login.
Alternatively, there are dedicated apps, such as Google Authenticator, out there that can receive codes instead of having them text to you each time.
Backup your accounts and data
In its simplest form, a data backup is just a copy of your files from your computer or device, stored elsewhere.
One of the easiest ways to create backups of business data is to store copies of important files on hard drives or other storage devices connected to your systems or network.
Having a copy of these files locally on a hard drive or flash storage device are great for quick accessibility but due to physical risks (loss, damage, theft) it shouldn’t be the only way that your business is backing up its data.
Cloud backups are also a great form of secure, accessible storage.
Cloud storage is a model of data storage in which the data can be accessed, managed, and stored in a remote cloud server via the Internet.
This is also a great way to simplify costs as the majority of these services are on a pay as you go basis.
In addition to this, as the services are accessed by the internet, providing you have a connection, you can minimize downtime by instantly accessing programs and files.
Keep out malware
Malware, short for “malicious software,” is an umbrella term for dangerous programs that cybercriminals use to target their victims.
Malware can steal important information from your system or network, log keystrokes, steal credentials, slow down your Internet connection, run dangerous executables and so much more.
The most common way hackers inject malware into systems and software is through unpatched holes in software, so it’s important to regularly update your systems, software and applications or even better, if you aren’t using them, uninstall them.
When it comes to keeping out malware, the importance of network security cannot be stressed enough. Having a firewall in place to safeguard and monitor access to your network is vital.
Without any form of protection your data and network are vulnerable to unauthorized usage and access which could lead to malware entering your system undetected.
In order to truly protect your business from malware attacks, you need multiple layers of security.
Antivirus, anti-malware, and anti-ransomware software should be vital to your online operations and hopefully already installed.