Many small and medium businesses think competition from industry rivals is the biggest threat to their livelihood. While that notion holds for some, many companies fail to factor in that cybersecurity threats are also responsible for the disruptions and end of businesses.
Whether it’s taking advantage of poor password habits, the lack of cybersecurity infrastructure or human error, threats from cyberattacks should never be underestimated. 60% of small companies go out of business within six months of falling victim to a cybersecurity attack or data breach. Once a cyber attack happens, businesses suffer from the loss of customer and shareholder trust and might be charged hefty fines for the lack of robust cybersecurity measures.
Here are some things you can do if you’re a small or medium-sized business looking to protect your enterprise from a possible cyberattack.
1. Install anti virus software
Installing anti virus or anti malware software could protect your devices from ransomware attacks and even prevent them completely. When you’ve established your preferred anti malware software, it’s essential you familiarise yourself with the software you’ve chosen and optimise it to protect your privacy and security. The most popular anti virus software has apps you can download and install onto your smartphones or tablets, protecting you on multiple devices.
Small businesses are big targets for ransomware as small businesses are unlikely to employ robust cybersecurity software. A study found that 82% of cyber attacks in 2021 impacted companies with fewer than 1,000 employees.
2. Create strong passwords
When creating passwords, avoid using predictable words or phrases. Always opt for passwords with a minimum of 12 characters and use a mix of uppercase and lowercase letters, symbols, and numbers.
Alternatively, create a passphrase instead of a password. To do this, think of a memorable phrase. Perhaps your phrase can be, “A cat named Sandy.” Turn this into a passphrase like this: @[email protected]@[email protected]
Passphrases are easy to remember because they’re unique to you and are a lot harder for hackers to decipher.
If you struggle to manage passwords or generate ones that are unique and difficult to crack, consider signing up for a password manager. Most password managers come with a password generator feature and sharing functionalities that ensure employees’ login credentials are always secure.
3. Use a VPN
A VPN or virtual private network helps you and your company stay private online. When you use a VPN, your internet connection, data, and other valuable information will go through an encrypted tunnel, preventing hackers and malicious threat actors from accessing them. A VPN will allow you to be a little more anonymous online.
Using a VPN could also help prevent hackers from snooping on your online activity and stealing your data when using public Wi-Fi connections or working remotely with an unknown Wi-Fi network.
4. Enable multi-factor authentication
Multi-factor authentication, or MFAs, as they’re also known, are additional authentication measures. Most MFAs require users to log into their account with a password and a different identifier like fingerprint or facial scans, a QR code, or a unique pin.
MFAs provide an extra layer of security for accounts that hold sensitive information. By enabling MFAs, businesses can drastically reduce the risk of identity theft, compromised accounts, and phishing attacks.
5. Always clear your cache
If employees in your organisation regularly share devices, it’s important to remind them to clear their cache once they’re done. By clearing the cache, anybody using the device afterward won’t be able to view browser histories or access saved passwords in the browser. Using public Wi-Fi networks without clearing a browser cache can also increase hackers' chances of quickly accessing stored information. Domain Name System (DNS) caches can also be vulnerable to cybersecurity attacks like DNS spoofing.
Constantly remind employees not to log into personal accounts on work devices either.
6. Mandate separate personal and work accounts
By requiring employees to separate their personal and work accounts, you’re reducing the likelihood of privacy and security breaches. It’s also essential to avoid reusing passwords from personal accounts with business accounts just in case an account does get compromised. With some social engineering, hackers can quickly identify linked accounts and attempt to access them.
Small businesses aren’t the only enterprises that need to following the guidance to use separate accounts. In 2017, the police investigated several White House advisers for reportedly using their private email accounts to speak to White House officials.
7. Limit access to authorised employees only.
One of the best ways to protect your company and its sensitive data is to limit access to certain types of software, data, and cloud services to authorised employees only.
By controlling access to specific parts of the business, you’re reducing the chances of social engineering attacks and keeping data safe from remote access attacks.
Always remember that cybersecurity is an ongoing effort that requires consistent vigilance. Stay updated with the latest news and learn about threats that could affect your business.
Copyright 2022. Article was made possible by Jacey Celestine.