Ransomware attacks have calmed for a while, but hackers and other cybercriminals are always looking for new ways to access protected data. Even though we don’t hear about them on the news, small businesses are one of the top targets for restless cybercriminals. Here are 10 tips for success with cybersecurity that’ll help keep your SMB safe.
1. Keep Your Software Up to Date
The #1 best way to prevent a cyber attack is to keep your systems up to date. Most of the systems that are hacked contain outdated software or patches, so it makes sense that you can prevent most attacks by maintaining an up-to-date network at all your locations.
By the way, we also recommend that you stop using your old XP machine. Yes, it’s cheaper to use your old, “perfectly fine” computer that’s running XP, but are the cost savings worth risking your business?
2. Apply Patches Quickly
Hackers are hard at work every day trying to figure out how to steal more data, and top hackers have created a “malware marketplace” that provides small-time crooks with access to nefarious tools. Luckily, software companies are hard at work finding and “patching” security holes using code.
Even though it takes a lot of work to develop them, these patches are always free. However, you have to keep up with installing them and that can take up a lot of time.
3. Always Use Encryption
Encryption sounds scary and time consuming to use, but the only people who should be scared of encryption are cybercriminals. Businesses that protect sensitive client data using this method create an extra fortification wall that makes it harder for thieves to steal data – which also makes it less likely that they’ll take the trouble.
Typical file sharing between multi-locational offices can be slowed by encryption, but SD-WAN provides automatic encryption for all files.
4. Arm Your Employees with Knowledge
One of the most common methods for cybercriminals to gain access to your systems is through “phishing,” which is the practice of sending fake emails to you and your staff in order to collect private login information. While it sounds like it would be easy to avoid phishing, these attacks are actually extremely sophisticated, with super-realistic emails and landing pages.
Training your employees about these attacks will help your company avoid falling victim to them.
5. Prepare Your Response Strategy
A lot of IT companies make promises they can’t keep, but we’re here to be honest with you: no matter what service or system you use, you can’t always protect your business’s sensitive data. From natural disasters to unfortunate mistakes, sometimes your technology is destined to suffer a setback – but you don’t have to.
The best way to prepare for potential problems is to develop a clear and detailed worst-case scenario plan, often known in the IT world as a “business continuity plan.”
6. Make Responses Easy to Carry Out
Modern network setups can help you identify malicious attacks as they’re being carried out, and can also respond to the attacks automatically, using previously defined system rules and policies that you’ve set up. These responses could be things like:
• Shutting down a server that’s under attack and redirecting traffic
• Silently disabling the attack, but tracking it through the system
The most important thing to do when determining your response is to make sure your reactions are easy to accomplish. You can do this through automation or with easy-to-understand software alerts.
7. Back Up Your System Regularly
We don’t need to remind you that back ups are important… or perhaps we do. A study conducted last April found that a whopping 36% of enterprises don’t back up their data at all, and of those who do back up their data, even fewer actually test their backups.
Backups are your failsafe against disaster, helping you to restore or recover your system if you run into problems. We know that backups are important, which is why we’re here to help you with them.
8. Limit Tricky Integrations
Do you have a lot of integrations in your software, such as synced connections between your security system software, your accounting software and your PoS software? Newsflash: Every integration you have slightly weakens your system.
If your integrations have out-of-date software or patches, they can be used by cybercriminals to gain access to your main system. That means you have a lot more updates and patches you need to remember to do.
9. Stick to Your Password Policy
One of the better ways to secure your computers and software is to have hard-to-crack passwords, but very few companies have a strict password policy. Of those that do, very few companies enforce their policy – and even fewer require frequent password changes as part of the policy.
Don’t be the company with employees who all use “password” as their password. In fact, don’t be the company with a single employee who “password” as their password. Require number- and symbol-filled passwords that provide extra protection.
10. Consider Outsourcing Your IT Management
Does updating software and security patches sound like it’ll take too much time? Do your find it hard to remember regular backups and backup testing? Do you feel like you don’t know enough about phishing and encryption to teach your employees about it? Your business security is too important to wait until you know more.
If you hire an outsourced IT department (like this really awesome company we know of called Medlin!), you can trust that your system will have efficient, cost-effective protection from threats, and you’ll also have the freedom to get all-around systems management – without having to spend your own time on it.
At Medlin, we’re dedicated to providing easy-to-use, hassle-free IT help for all your systems—keycard entry, telephony, networking, surveillance, A/V equipment and more—and our top priority is to free you from IT worries so you can focus on your business.
That’s why we offer the Medlin Asset Protection plan, which provides ongoing, budget-friendly support that protects your IT systems from attack and helps you keep your system backed up. Contact us to learn how easy IT protection can be with Medlin.