As Cybersecurity Month Ends, Revisit Your Business IT Security Measures

Written by Joe Kozlowicz on Wednesday, October 28th 2015 — Categories: Security

securing your computerIf you missed it, President Obama designated October as National Cybersecurity Awareness Month. The move was designed to engage and educate the public to increase awareness about cybersecurity issues and increase the resiliency of the nation in the event of a cyber incident.

As Cybersecurity Awareness Month comes to a close, now would be the best time to evaluate your security measures to keep your information safe.

Small and medium businesses (SMBs) are increasingly becoming the main target for security hackers. According to the security company Symantec, cyber attacks on SMBs rose 300 percent in 2012 from the previous year. Additionally, a report from McAfee found almost ninety percent of SMBs in the US do not use data protection for company and customer information. These targets are attractive because they tend to have weaker online security.

Businesses are increasingly dependent on the internet for their daily operations. With vital information to protect, a regular assessment of your business’ security protocol should become habit. Consider what information your organization collects, how you store information internally, who has access to the information and what measures your organization takes to protect this data. Is it secure? Would your customers feel secure with your data storage techniques?

These three areas should be among the first on your list when evaluating your cybersecurity:

 

1) E-mail threats

Spam or unsolicited junk mail can cause harmful viruses to enter your company’s network. Alternatively, you could even be distributing spam mail without knowing it. To avoid sending spam, use clear, easy to understand subject headers, and provide all recipients with the option to opt off of your distribution list. Be sure you also include your valid physical postal address.

In addition to spam, you company could also experience phishing attacks, which can be detrimental to your company’s security. Phishing attacks can enter your network and gain access to email, monitor your keystrokes to learn passwords, and even hijack your website. Furthermore, viruses and spyware can enter your computer though email downloads and by clicking on suspicious links. In order to protect your company and customer’s secure information, be sure you use the latest security software, web browser versions, and operating systems, and that all programs are completing automatic software updates. If an email or link looks suspicious, delete the email and contact your technical support team.

 

2) Employee issues

In addition to keeping your technology safe, it is also important to train your employees to stay safe. Encouraging employees to follow good password policies, regularly back up work, and stay watchful will help your data stay secure.

Now that you know what threats you may encounter, it is important to have a cybersecurity plan in place.  Your cybersecurity plan should include action plans for prevention, resolution and restitution.

As part of this plan, your company needs to address security and privacy policies with employees. Does your company have a written privacy policy? In order to protect your customer’s data, all employees must exercise your privacy policy. Know what information you are keeping on your servers. If you don’t need it, delete it. Protect all information that your customers send you, whether through password protection or by eliminating the information from your network.

Stay safe by automating software updates, scanning all new devices, and using a firewall and spam filters. Implementing a commitment to security from the top level all the way throughout your organization will help keep your employees and customers information safe and secure.

Does your company allow employees to bring their own device? If so, this can create additional security issues. Read our blog post about how BYOD can affect your business.

 

3) Preventative software

The first line of defense in preventing network compromise and data breaches is through early recognition and investigation of potentially suspicious network activity. Early detection will help your company understand how your network is being used and whether any of that usage is malicious.

Antivirus or Antimalware software and monitoring should be utilized in addition to other safe network practices. Antivirus and antimalware regularly scans your company’s network for out-of-the ordinary occurrences. This provides you with an overview of current network activity and helps in detecting any suspicious activity. 

 

Knowing the security risks your company may face is important in protecting your company and customer’s data. Implementing security practices throughout your organization will instill a culture of safety and security. Use the above methods to protect yourself and your organization, and always be vigilant to avoid falling victim to a cyber attack.

Chat Now