Is your company safeguarded against cyber-attacks?
In this day and age, new threats to your business’s security are being developed daily. Ransomware, phishing and data leaking are a constant danger, threatening to take money, steal employee details and damage your customer data.
To prevent damaged relationships between clients and other key stakeholders, you’ll want to ensure that your cyber-security is up to scratch. But, just how is this possible within an ever-evolving digital landscape?
We recommend the following five simple, but effective hacks:
It all starts with a simple email masked as a trusted source, which quickly – and unexpectedly – transforms into a simple way to gain vital, confidential information. Spear phishing has become a successful and popular tool for attackers to gain access to company files and details. With 91 percent of cyber-attacks beginning this way, it’s vital that you acknowledge the threat and generate awareness throughout your business, starting with each and every member of your team.
A key hack that prevents this from happening is keeping as many company emails off your website, opting instead for contact forms. Secondly, ensure employees never send sensitive information via email and educate them about the dangers of sharing company information outside of the workplace. While you may think this should be common knowledge, some staff members do and will overlook the potential consequences.
WiFi
Ever wondered about the dangers of WiFi hacking? Type a quick query into Google and thousands of results will be listed, advising you how to gain access to wireless internet and, more concerningly, how to reap plenty of ‘rewards’ by harvesting information.
The first step to protecting your network is enabling WiFi Protected Access, using encryption to lock all accessible routes. Then, change the SSID’s (wireless network names) in every office. Using the default name allows attackers to use prebuilt password crackers that are associated with common names, so the lengthier and more random the name, the better. This should be coupled with a strong password that will discourage and defence against potential hacks.
Update computers
Ensure that all device updates are implemented company-wide. You may remember the Equifax hack in 2017 where hackers gained access to the details of nearly 150 million people. The breach was caused by an application with vulnerabilities, ones which could have been fixed with a software update 2 months prior to the attack.
This highlights how important updates are. Hackers can easily find vulnerabilities in any software if they search long and hard enough, so in response, updates release new code that can patch up any holes and protect your company’s devices from malicious malware. Never overlook the value of software updates – they may appear annoying or inconvenient, but they serve a very valuable purpose.
Backup
If your company spans multiple offices, then you’ll likely be employing a cloud service so different departments have access to relevant files. Unfortunately, these digital filing cabinets are very susceptible to hacks. A fail safe method to guarantee protection is hard to come by, but there are simple measurements you and your staff can put in place.
A two-step authentication process should be introduced that requires your staff to confirm a code. The best way to do this is through the use of apps like Duo which constantly change and update the code required. Another option is through a key that can be plugged into a computer. It’s an extra-secure method that can be used with some of the most popular cloud storage options.
Employee education
Arguably the most effective thing you could do when developing your cyber-security strategy is educating your staff.
In accordance with the GDPR regulations, every member of staff should be aware of how to handle private and confidential information securely and safely, regardless of the department they work in. However, there is no harm in taking the time to set up full and comprehensive protocols for all aspects of cyber-security.
Introduce policies for how all information should be stored, provide password support that ensures no password is used twice and encourage the use of two factor authentication. Also, be sure to develop protocols should a data breach happen and only provide staff access to files that are required for their job roles. It’s recommended that regular training takes place in every office to keep staff up to date with the latest security changes.
These 5 tips may appear simplistic, but in the fast-paced environment associated with the modern businesses, it can be easy to opt for ease over safety. Make sure everything digitally hosted is fully protected from potential threats and consider what could be the biggest danger for your company to prepare for.
Tim Holman is CEO at 2|SEC Consulting, a cyber and information security consultancy
