CYBER SECURITY | 4.5 MIN READ
The start of a new decade gives businesses a fresh start to strive towards achieving long-term goals. Businesses always think to set New Year's resolutions covering topics such as sales growth and business expansion. However, some businesses might not think to review their cyber security infrastructure and set goals for improving its performance. What should a business' cyber security New Year's resolutions be? Read more to find out.
Not enough time? Jump to:
Scan Your Network for Security Flaws
The first step to improve your cyber security infrastructure is to identify which areas of your network have security gaps. Network scanning tools are a great way to uncover security gaps such as open ports on your devices and office machines.
Make a carefully detailed checklist of what gaps you find to make closing those gaps a breeze.
Upgrade Your Firewall
Simply put, firewalls keep would-be intruders where they should be – outside your network. By putting up a virtual “wall” against inbound and outbound traffic, firewalls choose whether to allow or block certain traffic through. Firewalls and anti-virus software both serve as a good basis for building your network security.
While installing firewalls and anti-virus software are both great methods for securing your network, many people forget or push off updating them. While we know this process can be a nuisance, every day that you wait to update your cyber security infrastructure after new versions emerge leaves you more vulnerable to ransomware attacks.
If you are able to, enable auto-updates on your security software and schedule any updates for late at night when you're not using your computer.
Update and Protect Your Passwords
This is a common concern of employers and employees of their devices. Keeping passwords secure becomes infinitely trickier when you and your employees have to keep up with passwords across multiple accounts and devices, and the result is often the use of the same password for every account.
A simple way to protect passwords is to ensure that you and your employees are using unique passwords that are changed every three months.
Additionally, encourage everyone to not use the same password they use for their personal accounts (like their personal email password). If anyone uses personal account passwords, that creates a door that hackers can come in through if they hack into any personal accounts.
Though this is the hardest rule to follow, encourage employees to not write down any company passwords anywhere, whether that be on a sticky note or in the Notes app on their phone. Writing down passwords leaves documentation that hackers can find and then use to gain access to your network.
To create a strong, unique password, include, capital and lowercase letters, use at least 8-10 characters, and include a number and symbol. A pro tip is to think of a phrase that you can remember, preferably not a personalized phrase, and turn that into a password with a string of randomly selected words.
For instance, your passphrase could be "Green bear 152 Computer glass". With this tip, you have non-personalized, hard-to-hack phrases that you can still easily remember!
Automate Your Data Backups
Whether you decide to use a cloud-based system, server, or external hard-drive to store backed-up files, backing up files ensures that in the event of a cyber-attack or power failure, workflow disruption is minimized, and important files aren’t lost.
The best method for backing up files is to install a software that regularly backs up all data on company computers. At a minimum, data should be backed-up weekly, but if possible, schedule for your technology to back-up automatically.
Data that’s critical to your business includes electronic spreadsheets, databases, financial files, human resource files, and accounts receivable/payable files. Being proactive about data backups leaves your company and its sensitive files at an advantage in the event of a power failure.
Educate Employees About Cyber Security
You could have the most secure network in the world and your employees could still render it ineffective with poor Internet practices. The employees of your company are its greatest asset and, unfortunately, its greatest liability.
Cyber security training that highlights best practices for keeping your data safe online is increasingly becoming an important aspect of employee instruction, especially for employees that aren’t tech-savvy. It is one of the most important factors in establishing and maintaining a secure company network.
Having cyber security training for your company can educate everybody on Internet best practices, from how to detect spam emails to tips on creating secure passwords. Good cyber security training minimizes the risk of your other network security protocols being rendered ineffective.
Additionally, it decreases the likelihood that your employees will fall victim to cyber-attacks by opening spam or going to malware-infected websites. Establishing basic cyber security practices and policies helps make everybody aware of how to behave online.
Protect Your Copiers and Printers
Copier and printer security is a commonly overlooked aspect of a cyber security plan. While companies always think to secure devices such as work phones and laptops, many don't realize the potential security gaps that exist on their office machines.
Taking the proper steps to close these potential security gaps can help you better leverage your cyber security infrastructure.
Upgrade to a Newer Machine
Newer copiers can have features like Transport Layer Security (TLS) that encrypt scanned files sent to your email encryption as well as newer versions of Server Message Block (SMB), which securely scan documents to a folder instead of your email.
If you cannot afford to upgrade your machines, use a network scanning tool to ensure that there aren't any open ports on your copiers and printers.
Enable Data Encryption Kits
Some newer models created within the last 5-6 years have data security kits that you can enable. These kits can have data encryption functions, which scramble the data stored on your copiers and printers, rendering the information useless to a hacker.
Additionally, on some newer models of brands like Canon and Sharp, data security kits might also have features that, when a document is scanned, copied, or printed, erase those documents from the hard drive sometimes as many as 28 times.
Consider Managed IT Services
As a business, you might not have the time to institute all these changes. Managed IT services can help put all of the above suggestions and more into action. Managed IT services layers your cyber security infrastructure and then employs a team of IT experts to address any threats or issues that pop up.
A managed services provider can install layers of cyber security hardware and software, such as firewalls, anti-virus software, and anti-ransomware software. To take the burden of updating software off of you, a managed services provider can update all cyber security software for you and install necessary security patches.
They can conduct phishing tests to find employees who fall for phishing traps, and then educate those employees on how to recognize and avoid phishing attacks.
Managed IT services can help you create a password policy and role-based security plan that works for your business too. In the event that a ransomware attack happens or your network goes down, they can reduce downtime by quickly recovering data due to their use of frequent and secure backups.
Don't wait until you're the victim of a ransomware attack to improve your cyber security.
Posted by Erica Kastner
Erica Kastner is a lead Marketing Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their network infrastructure.