October is Cyber Security Awareness Month. According to IBM, businesses are attacked 16,856 times a day and there are over 1.5 million cyber-attacks annually. Despite this fact, your customers are still expecting their data to remain safe with you. Being proactive when it comes to cyber security is always better than being reactive. It costs a lot less in time and money as well. Here are ten suggested improvements for cyber security.
- Require strong passwords: All passwords created by you and your employees should be at least 12 characters long with at least one uppercase letter, one lowercase letter, one number and one symbol.
- Use different passwords for every account: About one-third of all people use the same password for all accounts. However, if one account is hacked, this leads to access to all other accounts. Stop this from happening by using different passwords.
- Require encryption on phones with company emails: iPhones can be encrypted by adding an alphanumeric password to the phone. Android phones have an easy encryption process as well. Protect work emails with encryption.
- Make sure that your computer is up to date: Ensuring that your computers have the latest updates and virus definitions is a first line of defense for security.
- Never turn off the firewall: Firewalls protect your computers from intruders. Make sure that it is always on.
- Implement a Security Policy: Create an office policy that covers the physical security of the office and the assets contained within in. For example, “When laptops are in the office, they should be attached to a large piece of furniture via a cable lock” or “The main door will be locked and always require an ID to enter”.
- Implement an Internet Usage Policy: Create an office policy that fully covers the guidelines for internet usage in the office. Most malware originates from social media, so you may want to consider disallowing Facebook and Twitter at work as well as personal email.
- Be wary of BYOD: Bring Your Own Device is becoming riskier for companies to allow because they cannot guarantee the employee is maintaining a company-standard security for the device.
- Do NOT connect to free wi-fi: Free wi-fi is never free as it is very easy for a hacker to retrieve information from. Instead, use a VPN to connect or use your phone as an internet access point.
- Enforce the Security Policies: Train your employees on your policies and make sure that they know the consequences of ignoring them. People are commonly the weakest link when it comes to cyber security.
By implementing these ten steps, you are well on your way to securing your customer data.
Post Courtesy of: Stacey Ivol, President, Integrity First Technology Solutions, Inc.