Here are 8 steps that small and mid-sized businesses can take to prevent data theft:
- Updates matter
Unpatched computers, routers, servers, and other internet-connected devices are easy targets for cybercriminals.
No program or system is ever perfect – but hardware and software get progressively better with updates and patches. Limit exposure by making sure that every device is up-to-date.
- Turn on security
Every year tech companies roll out new security measures – facial recognition, thumbprint scans, multi-factor authentication, etc. The problem? Many people opt out completely.
If technology has a security feature, turn it on! The extra time is worth it to protect sensitive data.
- Check the firewall
It’s vitally important to block external users from gaining unauthorized access. It’s also crucial to stop employees from visiting dangerous or inappropriate sites at work.
Firewalls handle both of those needs. They monitor and restrict inbound and outbound internet traffic based on a set of configurable rules.
Confirm that your firewall is working correctly, verify that the rule set makes sense, and download the latest firmware.
- Encrypt data
If someone stole a workstation or work phone from your company, how hard would it be for them to get personal information?
Encryption renders data unreadable until a user types in the correct password. It’s an extra layer of security that businesses find indispensable.
- Avoid public wi-fi
Let’s say you’re traveling for business and you check into a hotel. You turn on your laptop and you’re presented with several open networks. Which one should you connect to? Ideally? None of them.
By connecting to a public wi-fi network, you’re potentially giving away access to your computer (and in turn infecting every other system back home).
When traveling, use a Virtual Private Network (VPN). It’s like a private tunnel through the internet, shielding your inbound and outbound traffic.
- Wipe old devices clean
When computing devices reach their end of life they need to be wiped clean. Whether the old device is getting donated or junked, leaving data behind where it can be stolen is a horrible idea.
- Better passwords and 2FA
The shorter and simpler that a password is, the easier it is to crack. Hackers use software that iterates over combinations of dictionary words, special characters, and numbers.
To improve password security:
- Use at least eight-digit passwords and keep them as random as possible.
- Never re-use passwords elsewhere to limit your exposure.
- Instead of a password, use a passphrase and substitute letters for special characters or numbers. For example, the passphrase WeDr!nkC0ffee (with an exclamation mark and a zero) is more secure than WeDrinkCoffee and definitely more secure than just the word coffee.
- Turn on Two-Factor Authentication (often abbreviated 2FA). Providing the right password triggers the second step, commonly a text message with an authorization code. If a hacker doesn’t have access to your smartphone, the password alone won’t grant them entry.
- Watch your email
A cybercriminal sends an email, pretending to be someone trustworthy like FedEx. In the email they’ll encourage you to click on a link or open an attachment, which secretly grants them access or installs malicious code.
Be careful whenever you handle an unexpected email. The best thing to do is to delete it without clicking anything and follow it up with a conversation.
Check out our blog post on social engineering red flags for more information.
These eight suggestions are a great place to start. If you don’t feel tech savvy enough to manage all your software updates, configure security features, install and optimize a firewall, set up a VPN, or encrypt data, we’re here to help!
Contact us today and we’ll leverage more than 30 years of experience to bolster your cybersecurity.