From prestigious law firms to mass retailers, businesses of all sizes and in all industries suffer cyber-attacks on a regular basis. Constant breaches take their toll. Hiscox Chief Executive Steve Langan claims that cyber-crime cost the global economy a staggering $450 billion in 2016.
Unfortunately, the 2017 Hiscox Cyber Readiness Report indicates that over half of today's businesses are ill-equipped to handle cyber security breaches. If you count yourself among the unprepared, there's good news: a few simple steps can dramatically improve your company's security.
Restrict Administration Rights
Restricting administration rights may seem inconvenient to employees, but this approach serves a clear purpose. The fewer people with access to sensitive information, the less likely somebody is to accidentally cause a cyber-attack. Furthermore, given the frequency with which insider attacks occur, it's worth protecting your data from potentially ill-inspired employees.
Implement a Better Password Strategy
Passwords often constitute your company's first and most effective line of defense. Insist that your employees select difficult-to-detect passwords including capital and lowercase letters, numbers and special characters. Additionally, your employees should change their work-based passwords on a regular basis — ideally once per quarter.
Passwords for administrative accounts should be even more difficult to access, and changed even more often. Implement consequences for employees and especially for administrators who fail to abide by your strict password requirements. Quality passwords will not prevent instances of cyber-crime and should not be used in lieu of other preventative strategies. They can, however, slow down even the most persistent hackers.
Employees regularly encounter cleverly-disguised spam emails containing harmful links. Train them to recognize and avoid problematic messages, social media posts, or other sources of malware. A few hours of cyber-crime prevention training could save your business a world of trouble.
Install or Update Your Firewalls
Firewalls provide the same protection for digital information that security guards offer your physical location. This critical network security device permits communication with outside entities, but restricts access from unauthorized parties. If your business uses a comprehensive network of servers and computers, invest in an advanced network firewall. This will safeguard your company's most sensitive information.
Invest in Intrusion Detection
Even the best prepared companies suffer cyber-attacks. Preventative efforts are important, but it's equally critical to develop a system for responding. An effective intrusion detection system (IDS) will immediately alert you to security breaches. Some IDS measures respond to malicious activity by blocking the source's IP address. Network-based IDS monitor traffic from strategic positions, ideally overseeing both inbound and outbound traffic.
Update Your Backup Plan
Ransomware attackers hold companies' most sensitive information hostage in hopes of achieving a generous ransom payment. If you develop a sophisticated contingency plan, you'll hold far more leverage in the event of a ransomware attack. Ideally, your data will be securely stored in multiple locations. At least one storage strategy should involve the cloud, which minimize the security risks of onsite physical hardware.
Address Mobile Device Security
Bring your own device (BYOD) and other mobile-oriented programs significantly increase the potential for security breaches. If your security strategy doesn't already address mobile risks, it's time for an update. Encrypt all mobile data and download security apps to limit information access on public networks.
Vigilance is essential given the regular breaches that today's most technologically up-to-date businesses suffer. Don't wait for hackers to attack; assume they will, and develop an effective strategy to limit their efficacy.
If you need any assistance implementing new policies or learning how to best inform and prepare your employees for potential cyber-attacks, call us today at 1.866.501.4942 or complete this submit form to explore how we can help.