Business owners and managers have enough to worry about without the added anxiety of whether or not their online data and transactions are safe. Unfortunately, this anxiety is well founded. Almost every day there are new reports about data breaches or ransomware demands. While it’s impossible to provide 100 percent protection for commercial online networks, there are a number of strategies that greatly reduce the risk of unauthorized access to sensitive company and customer or client data.
Some of the most effective cybersecurity strategies are both inexpensive and relatively easy to implement, including installing firewall and antivirus and anti-malware software. Email providers should offer encryption and spam filtering. Operating systems should be updated regularly, along with any browsers used for surfing the web. The company’s WiFi network should use WiFi Protected Access (WPA2) encryption versus the much weaker Wireless Encryption Protocol (WEP). Finally, employees should be instructed against clicking links within messages from unfamiliar senders — or opening suspicious messages at all.
Reducing Unauthorized Access
It may seem obvious, but limiting access to your company’s network greatly reduces the risk of breaches from hackers and ransomware demands. Reset default passwords and usernames. In addition, performing a vulnerability scan could reveal unauthorized users accessing the system as well as connections from obsolete devices. Disabling universal plug and play (UPnP) will not only conserve precious resources but reduce the risk of exposure to unauthorized users. Likewise, programming your network’s firewall to block open telnet ports into Internet of Things (IoT devices) reduces the risk of malware infection.
Protection against Ransomware
Ransomware demands are increasingly common, with attacks against large companies, municipalities and individuals. Experts warn against paying ransomware. There is no guarantee that the encrypted data will actually be released — or that released data won’t be infected with malware. Nonetheless, many desperate victims pay up anyway. The only foolproof protection against ransomware is maintaining backups of crucial data either on a local machine not connected to the network or in the cloud. With a secure backup in place, ransomware victims can safely ignore demands. Instead, they can direct their efforts to cleaning their computers and networks from malware and getting operations back up and running as quickly as possible.
An extremely common but highly unsafe practice is using the same password across many sites or applications. It’s easy to understand why, especially when it’s for something you often use like email or WiFi. Resetting passwords through the “forgot WiFi password” function is tedious, especially with an app that is installed across multiple devices. Employers should require workers to use strong, unique passwords of at least 10 characters including a mix of letters, numbers and special characters for every application and device. Password managers maintain passwords in a secure cache either locally or in the cloud, requiring users to remember only a single master password.
Keeping Your Business Safe Online
Keeping your company safe online is an ongoing process. Employees should receive regular updates on emerging online threats and instruction on safe online practices, including information on creating safe passwords. Workers who fail to attend training sessions or who ignore best practices for online safety should have their internet access blocked until they become compliant with company policy. Repeat offenders should risk losing their jobs. Getting everyone on the same page concerning online safety makes the task of protecting crucial personnel and client data much more manageable and helps to ensure that operations are maintained with minimal disruption from unauthorized access.