April 6, 2020,
Enforcing the proper cybersecurity practices will help you minimize the risk of exposure to attacks and make your business more cyber resilient. Protecting your business and network is super important. Incident and recovery plans are equally as important for you to implement. Information contained in this article will help you toward developing a contingency plan for cybersecurity.
No matter what size your business is, you never want to assume it’s not at risk. Smaller businesses often think that hackers have no interest in their data. However, smaller to medium-sized businesses are very attractive to hackers because they don’t have the same level of defense that larger companies do. Any company that has data or money is a target, regardless of its size. Passwords, sensitive email threads, client information, etc are valuable data that hackers look for. There is no room for complacency.
Passwords should be long, strong, and random, with various character types. These include uppercase letters, lowercase letters, and special characters. This will drastically reduce the chance of a password being guessed. Never use the same password on multiple sites or accounts even if it is complex. Of course, a password should never be shared with anyone.
There are great password management systems available such as LastPass. It is best to use a password manager instead of writing passwords in your notepad or on a post-it. Two-factor authentication is best whenever possible. This is especially the case for internet-facing systems.
Recognizing attempts at email phishing is a must. An understanding of safe links and online sites is paramount. Encourage employees to practice safe browsing, and advise them to never click the link inside of questionable emails. Harmful links cannot only appear in emails but also as pop-ups or unexpected attachments. Employees should never be allowed to download software to their work computers. They must be properly educated and informed of safe email practices.
Staff members should only have access to networks and data that are required for job performance. Access should always require two-factor authentication. Be sure to remove access when there is staff turn-over. The best rule of thumb is to minimize privileges. It is better to give staff members the minimum access needed rather than the maximum.
Overall, always be prepared. Your plan should include updates and ongoing evaluation. In the event of an incident, your business should have a contingency response plan that is ready to execute at a moment’s notice.