3 Cybersecurity Steps Your Small-to-Medium-Sized Business Needs to Take-Right about Now
Cybersecurity is no joke. So why do businesses fail at it? Because they usually have an “it can’t be us” or a “there’s not much to steal” mentality, that is blown up in their faces right when the hackers leave with their precious data, probably thanking them for their lack of security.
The cost of a single hack? An average of $1.8 million. That includes the cost of disruption to normal operations, and the amount companies have to spend because of the theft of, or damage to, their assets. So, what can companies do to make their company a safer place to do business in? We’re discussing the basic measures that every company can take with minimal cost.
Wear the Seatbelt BEFORE the Accident—Enforce and Encourage Basic Cybersecurity Measures
Here are the X basic measures that you can implement in your company.
1. Multifactor Authentication
Oh just do it. Really.
Multifactor authentication gives an extra layer of protection to your security, making it harder for hackers to get through. Now, instead of just the password, they will require the code, that is usually sent to a phone—and likely something that a hacker may not have.
Have your entire workforce incorporate a two-factor verification for their emails. It’s easy to set up, and adds another door between your assets and malicious users.
Oh, and if you ever need to remind yourself (or others) the importance of multifactor authentication, just mention that the Deloitte attack was caused because they used single factor authentication.
They also used a single password for everything.
Just so you know.
2. Protect Your Passwords with a Password Manager
Let’s see this realistically—you can’t expect all your employees to implement different passwords and remember them all. Someone is bound to go “Ah, what the hell” and use one password without letting anyone know about it. Or use different passwords, all based on patterns that are extremely easy to predict (song lyrics, website names, etc.).
What you can do is offer your employees a tool to make their life easier. Have a password manager installed in all the systems. It would generate a different, random password for every site, and remember them as well. Some good examples are Dashline, LastPass and 1Password.
3. Have a Plan to Tie Up Loose Ends
Once an employee leaves the company, make sure they leave with their system access terminated. Make it a policy if you have to. With many companies enforcing bring your device to work policies, employees who leave the company can be security loose-ends. Make sure you have policies to tie up the loose ends before they come back to bite you.
Security is Everyone’s Responsibility—Educate Your Employees
Oh, you noticed this is another section.
It is because it deserves to be given special attention.
Businesses often forget that technology is not the only thing that would protect them when hackers come around to pounce. Unless they have their human factor on their side, no number of your multifactor authentications, firewalls or security tools can help.
When it comes to cyber security, everyone needs to be involved. The workers, the managers, the officers. Everyone.
You can’t just enforce security measures for a select number of people expecting that would be enough. A barrier isn’t a barrier if it has holes.
Make security a part of the job. Educate your employees and make sure each one of them understands their role and what security measures they need to take while they go about their daily tasks.
Here are some free posters that you might want to install in your office to reinforce the message. Or get a cybersecurity training program tailored for your employees with iCyberWise’s fun, interactive cybersecurity training program.