A few thoughts worth sharing
October is Cybersecurity Awareness Month, and protecting your small or midsize business from hackers and malware has never been more important. Whether or not your enterprise is cyber smart, this is a great time to review the protocols you have in place and refresh your team on cybersecurity best practices.
Cybersecurity Best Practices for SMBs
We’ve already talked about how hackers exploit human error to get access to your network. However, people are also your company’s best line of defense. Employees’ day-to-day decisions can go a long way toward protecting your business.
Use Secure Passwords and Keep Them Confidential
A weak password can be broken in minutes or seconds, sometimes with just one good guess. A strong password can defy hackers for years, long enough for them to give up and go after a different, more vulnerable target. A few tips to keep this critical line of defense secure are: Use strong passwords with at least ten characters, including upper and lowercase letters, numbers, and symbols. Don’t update a password by adding a number or the year to the end of the old one.
Never write passwords down on paper, and certainly not on a digital file. Look for a good password manager tool.
Operate Devices Securely
To curb cybercriminals’ ability to access company devices, use them in a secure way. This can include encrypting data when it’s transmitted, logging out of computers before you leave the room, and disabling services that aren’t being used on that device. Keep your company laptop or phone with you. If it’s lost or stolen, report it immediately.
Treat Email Surprises with Care
Phishing is a popular way for hackers to get access to computer systems. They will send legitimate-looking emails and try to get the target to click on a link or download an attachment. This gives hidden malware a chance to enter the computer system. Doublecheck incoming communication. If something’s suspicious, don’t click anything but do tell IT.
Resources To Get You Started
Lost on where to get started? Here are a few places to find resources about smart cybersecurity protocols:
Cyberexperts.com has information and resources for Cybersecurity Awareness month. For instance, you can read up on the Top 20 Cybersecurity Practices That Employees Need to Adopt. Still confused? Refer to their Cybersecurity Encyclopedia of terms and acronyms.
Finally, this site hosts guides on several topics, including:
• The 12 Types of Cybersecurity
• Network Security Policy
• Incident Response
• Multi-Factor Authentication (MFA)
Cybersecurity & Infrastructure Security Agency
The Federal Cybersecurity & Infrastructure Security Agency has created a variety of printer-friendly cybersecurity resources optimized to share with employees and post in shared workspaces. These include:
• Mobile Security Tip Card
• Cybersecurity While Traveling
• FCC Small Business Tip Sheet
CISA also offers links to other agencies’ cybersecurity information, such as the National Cyber Security Alliance.
U.S. Small Business Administration
The Small Business Administration’s cybersecurity page touches on Common Threats and Cybersecurity Best Practices. You can also access a variety of assessment and planning tools like:
• Department of Homeland Security’s Cyber Resilience Review
• FCC Planning Tool
• Supply Chain Risk Management Toolkit
The SBA provides information on attending upcoming cybersecurity events through the National Cybersecurity Alliance. There are virtual and in-person attendance options.
Federal Trade Commission
The Federal Trade Commission has a hub of information dedicated to small business data security. Start with Cybersecurity Basics and then dive deeper with guides like:
• Physical Security
• Business Email Imposters
• Vendor Security
These guides are optimized to be used as training resources. They include downloadable PDFs, online quizzes, and supplemental videos.
National Institute of Standards and Technology
You can find a comprehensive, step-by-step plan to develop a cybersecurity protocol through NIST’s Information Technology Laboratory. After an orientation on Cybersecurity Basics, explore:
• Planning Tools & Workbooks
• NIST Cybersecurity Framework
• Responding to a Cyber Incident
• Training resources
These resources include a webinar, IT and C-suite leadership modules, and registration for free SMB cybersecurity training from nonprofit companies.
Cybercriminals may target everyone in your business as they try to access your data. Defeating these attacks takes a team effort. A robust security protocol, coupled with cybersecurity best practices like strong passwords, can help your company withstand digital attacks.
Do you want to learn more about how to implement smart cybersecurity protocols in your St Joseph business? Contact ProServ Business Systems today to talk to one of our specialists.