Mitigating cybersecurity threats takes more than a single anti-virus upgrade. It requires being vigilant and protecting your systems at all times, but it doesn’t have to be complicated.
Here are nine detailed ways for you to ensure that your business’ computer systems and networks are safe:
1. Limit access to your user data & information
Limiting access to your valuable user data and information reduces the chance for human error, which is one of the biggest causes of information security threats.
If an employee leaves your company or transfers to a different branch, take protective action immediately by updating passwords and accounts of all the systems and ensuring that company ID badges and entry keys are properly collected. These are important preventive measures to take, especially if you may be dealing with a disgruntled ex-employee.
2. Install surge protectors & uninterruptible power supplies
Surge protectors can protect your devices from voltage spikes while uninterruptible power supplies (UPS) can give you enough battery life and time to save your data in the event of a power disruption. Having these two handy protect your networks even if there are electrical or power interruptions.
It is recommended that every computer and networked device you have be plugged into a UPS. For less-sensitive electronics and non-networked equipment, standard surge protectors should suffice. Other things to remember is to (1) make sure you check that the UPS type and size meets your standards and requirements and (2) test and replace each UPS and surge protector as recommended by the manufacturer.
3. Patch your operating systems & software regularly
Every new app or software installed opens your door to a cyber attack if you don’t regularly patch and update it on every company computer — including company gadgets and devices used by your employees.
So when purchasing a new computer or installing a new software system, for example, you must always check for updates. This is because software vendors are not required to provide security updates for unsupported products. Moreover, don’t delay downloading operating system updates. As soon as they are available, get them running since updates often include new or enhanced security features.
4. Install & activate firewalls for your software and hardware
Firewalls are a layer of protection from malicious hackers and a great way to stop employees from browsing inappropriate or dangerous websites.
Install and update firewall systems on every computer, smartphone, and networked device used by employees, including employees that are off-site. Even if you use a cloud service provider (CSP) or a virtual private network (VPN), take the extra precaution by making sure there are firewalls in place. You may also want to install an intrusion detection/prevention system (IDPS) to provide a greater level of protection.
5. Secure all wireless access points & networks
These are some best practices to use on your router for ensuring secure wireless networking:
- Change a new device’s administrative password
- Set the wireless access point so that it does not broadcast its Service Set Identifier (SSID)
- Set your router to use WiFi Protected Access 2 (WPA-2) with the Advanced Encryption Standard (AES) for encryption
- Avoid using Wired-Equivalent Privacy (WEP)
If guests will be given WiFi access, use a separate network from your business account.
6. Set up web & email filters
Use email and web browser filters to deter hackers and prevent spam from clogging employee inboxes. You can also download “blacklist” services to block users from browsing risky websites that pose malware risks.
Warn your employees against visiting sites that are frequently associated with cybersecurity threats, such as pornographic or social media websites. This may seem like a no-brainer, but it only takes one employee to visit the wrong website to accidentally download malware that can negatively affect your cybersecurity.
7. Use encryption for sensitive business information
Use full-disk encryption to protect all your computers, smartphones, and other devices. Plus, save a copy of your encryption password or key in a secure location that is separate from your stored backups.
Email recipients typically need the same encryption capability to decrypt, but never send the password or key in the same email as the encrypted document. Give it to them via phone call or some other method.
8. Dispose of old computers & media safely
Before donating or trashing old computers, you need to wipe out all valuable hard drive information. When disposing CDs, flash drives, or other media containing business-related information, delete any sensitive business or personal data in it. After doing so, destroy these items or take them to a company that will properly dispose of them for you. For papers containing sensitive information, load them in a crosscut shredder or an incinerator before disposal.
9. Train Your Employees
Cyber-vigilant employees are your best protection against information security threats. All current and new employees should be properly trained to protect your company’s valuable data. Each of them must also sign your company’s information policy to ensure that they are aware of how to handle business information and their responsibilities. You can also make use of newsletters and/or regular training to reinforce a culture of practicing good cybersecurity.
Take note that every employee should know the following:
- The limits of business and personal use for emails
- How to manage business information at the office or home
- What to do if a cybersecurity incident occurs
After you follow these nine cybersecurity protection measures, it’s best if you get cybersecurity insurance for a more secure business that is insured against cybersecurity threats. We at CIII Insurance Services can provide this to you.
Our company offers a broad range of commercial, cybersecurity, employee benefits, and management liability products. We even have some of the most trusted carriers to deliver these products to you.