Are You Ready for a Cyber Security Attack?
You need to understand the risks of a cyber attack on your business, learn how to minimize risk and recover in the aftermath of an attack. Attacks come in many forms, such as viruses, malware, cyber extortion and data theft. Cyber extortionists hold your information or system hostage in return for payment. Data thieves will steal client information for use in identity theft rings or other criminal activity. Leaving client data unprotected is particularly bad for business. While losing a customer’s data would likely mean losing their business, depending on the nature of the loss, the client may also seek damages from you in court. Protect your business by preparing for a cyber attack. Here is where to start:· Eliminate Common Vulnerabilities – Cyber criminals will generally seek the path of least resistance. These often include weak passwords, unchanged default settings and untrained users. It is important to require the use of strong passwords throughout your business. Never leave default security settings on devices or share common passwords throughout your business. Limit access to critical systems and client data to employees who truly need access.· Install Updates – You should complete software updates in a timely manner. Hackers are constantly looking for software vulnerabilities. Software developers create updates to fix known flaws. Failing to update your software is like leaving your door wide open to cyber criminals.· Utilize Security Tools and Settings – Protect your network with a firewall, which will block any unauthorized access. Use a virtual private network (VPN) to secure your network. Use encryption software to protect data traveling outside of your network. Install antivirus programs on all computers and update them frequently to prevent the latest viruses and malware.· Back up Your Data – It is vital that you back up your data. Having an offsite backup service will help shorten recovery time from a cyber attack or other IT disaster. Consult a trusted IT professional about the best options for your business. There are now a number of cloud-based backup services that can sync your data on a daily basis. This will speed up the recovery process if your data is damaged or corrupted as a result of an attack.· Protect Your Smartphones – For many small business owners and employees, the smartphone is a vital piece of workplace equipment. It is important to treat security on your smartphone as you would on a desktop at work. Use encryption software, follow password policies, install updates and backup your data.· Cyber Security Policy – A cyber security plan should set clear and concise ground rules for your employees and managers. The FCC offers a helpful online tool that allows you to develop a customized cyber security plan for your small business. You can access the FCC Small Biz Cyber Planner 2.0 at www.fcc.gov/cyberplanner.· Train Employees – Once you have a plan in place you must pass that knowledge on to your employees. Provide them with a copy of your cyber security policy and have them sign an acknowledgement that they received, read and understood the policy. Make sure employees feel comfortable reporting potential vulnerabilities and asking questions. · Consider Cyber Security Insurance - Not everyone needs cyber security insurance but it may be worth investigating depending on your business. Does your business store confidential or personal data on your network? Do you or your employees have access to confidential data via vendors or in the cloud? Cyber insurance may help mitigate some of the liability and recovery costs related to an attack. Review our previous article on cyber security insurance to learn more.