Did you know that October is Cybersecurity Awareness Month? This month is a great reminder that there’s never a wrong time to evaluate the cybersecurity standards you have at your organization and make adjustments or updates if needed. Now more than ever, cyber-attacks have become more prevalent due to pandemic-related scams and more folks utilizing their remote networks from home.
The price tag to falling victim to a cyber-attack can be in the millions and often detrimental to small businesses. According to a recent study, it is estimated that 2,200 cyber breaches occur each day—that’s about one attack every 39 seconds! Don’t let the numbers scare you, with the right security protocols in place, most attacks are preventable. Here are five protocols you should consider implementing at your organization if you aren’t already.
1. Ensure passwords are updated on a frequent basis. It’s recommended that your staff update their system passwords at least once a quarter. Password policies should be robust and require several factors such as special characters, numbers, and lower- and upper-case letters. Repeat passwords should never be used. Two-factor authorization is also a great method in addition to robust passwords for keeping your data out of the hands of hackers. It adds an extra layer of security by requiring a numerical code sent either by text, phone call, or email in addition to entering the correct password. Many companies require two-factor authorization when accessing their company resources remotely by VPN so that data is securely protected and only accessed by the correct personnel.
2. Allocate budget toward a decent spam filter. A solid spam filter for your email can block things like phishing emails where someone takes on the identity of a key employee such as a prominent manager and sends emails internally asking for things like wire transfers of money. A great filter will recognize this email as coming from an external source and prevent it from hitting a team member’s inbox in the first place.
3. Endpoint security. Due to the surge of remote work, more and more employees are accessing their corporate networks from their personal wireless mobile devices, like cell phones and tablets. Each device with a remote connection to your network creates a potential entry point for security threats. Having the appropriate endpoint security in place will help you ensure these devices follow an appropriate level of compliance standards.
4. Develop human firewalls. It’s crucial to take a holistic approach to training your staff on the multitude of cybersecurity risks out there so that your team members are prepared to encounter anything. Don’t just focus on one tactic such as detecting phony emails, but instead educate them on social engineering attacks as well that may target them on social media or physically in the office. Training should be continuous to take into account the evolving landscape of technology and fraud techniques. Check out this blog for more information on more recent phishing tactics to be aware of.
5. Consider conducting a security assessment. Many times, business owners or IT leaders are hesitant to have someone come in and evaluate their systems and would rather take care of things themselves. Try not to fall into this mindset and consider getting an assessment sooner rather than later so that you can get the roadmap you need to establish robust security procedures within your organization. BerganKDV offers a free mini-assessment that will help you get an idea of where your organization is related to the health of your information security.
October may be designated to bring awareness to the importance of cybersecurity, but the above practices should be prioritized every month of the year. By regularly drawing attention to the risks of cyber-attacks and equipping your team members with the tools, training and resources they need to prevent attacks, you can rest assured that you are doing your best to defend your organization from criminals. If you have additional questions regarding cybersecurity best practices and training techniques, BerganKDV can help. Contact one of our team members today to learn more about what security solutions we offer and how we can best assist you with your technology needs.