5 Cyber Security Basics Every Business Needs to Know

On March 2nd, 2016, posted in: Security Threats by Comments Off on 5 Cyber Security Basics Every Business Needs to Know

Cyber security for businesses

In 2016, cyber security is topping the list of priorities for many businesses.

Larger businesses in particular are increasing their IT budgets to tighten up network security and maintain compliance.

60% of small businesses don't encrypt wireless networksBut according to the National Small Business Cyber Security Study, most small businesses aren’t doing enough to protect their businesses from cyber security threats. These surprising statistics support this fact:

  • 60% of small businesses don’t use any encryption on their wireless networks
  • Two-thirds of these businesses don’t have a security plan in place.
  • Nearly one-fifth of small businesses don’t use or have antivirus software.

With larger businesses buttoning up their security, cyber criminals are turning their attention to small businesses. It is more important now, than ever, to implement these 5 cyber security basics in your Milwaukee area business – no matter how large or small.

1) Implement Layered Security

What is layered security? A multi-layered defense strategy protects your network from a broad range of attacks through multiple levels of security. These layers may involve security measures at a system level, network level, application level or at the transmission level where security efforts are focused on data in use rather than at rest.

Layered Security - swiss cheese analogySwiss Cheese Analogy

To put it simply, think of layered security as multiple slices of Swiss cheese stacked side-by-side.

If a threat passed through one layer of defense, it must pass through several others – one security measure layered behind one another to prevent a single point of weakness.

A layered security approach ensures the highest level of security for your business.

2) Establish a BYOD Policy

Mobile devices are susceptible to malware, malicious attacks and theft, particularly once they are outside the safety of your corporate network. If your staff uses personal devices in the workplace, it is important to have the appropriate level of mobile device management controls in place to protect your business against malicious attacks and security breaches.

While BYOD can reduce costs and increase employee productivity, it is equally critical to ensure these devices are secure, and to educate employees about how to best protect their devices in accordance with your BYOD policy.

3) Educate Staff

Educate staff about cyber securityMany businesses believe their greatest asset is their people. When it comes to IT, this asset also becomes their greatest risk. Typically, businesses address security from a technology perspective, but it’s important to not overlook the human factor.

Look up any study conducted on the causes of security breaches. What you’ll find is a common thread – when internal risks are identified, they are often the result of human negligence, malice or curiosity.

If you want to secure your business – large or small – the first step is defining a layered security approach. The next steps involve establishing clear security policies, educating staff and enforcing those policies. Let’s look at these one-by-one.

Set Clear Policies: Define which employees have access to which systems – and in what context. Best practice is to only allow users access to those resources they need to do their work.

Additionally, be sure to block websites and applications that aren’t appropriate for the workplace. Your policy should cover what to do with suspicious emails (or text messages) and what steps to take if an employee suspects they opened an infected document or website.

Educate Employees: CompTIA revealed in a 2015 study that only 54% of companies offer cybersecurity training. Just a single click on a malicious email link is enough to unleash a virus that wreaks havoc on your entire network – resulting in expensive losses and extensive downtime.

When educating employees, discuss unsafe practices such as leaving computers unlocked and unattended in the office, sharing passwords, carrying sensitive information on mobile devices and failing to log out of secure websites.

Enforce Policies: Finally, you may want to require employees to sign a mandatory document that states they understand company security policies and their responsibilities.

Without enforcement, employees have no incentive to comply with company security policies. For the sake of security within the business, staff needs to be aware of the consequences of failing to comply with security protocols.

4) E-mail Protection and Education – Is the email real or fake? Take the test!

arrowSome phishing emails are easy to detect, while others might be a bit more difficult to decipher. One of the best ways to learn is through failure – and what better way to learn how to recognize malicious emails than through a Phishing IQ test?

Test your ability to recognize a phishing email from a legitimate email through SonicWALL’s free 10-question IQ test.

Then send this link to others around you and see how your results stack up against your co-workers. Once you complete the quiz, you’ll get a score and an explanation as to why a question was legitimate or a phishing email. This simple quiz is a highly educational (and fun) way to bring awareness to the importance of email security.

5) WiFi (Wireless) Security

At the most basic level of wireless security, you’ll want to ensure your business WiFi is using WPA2 encryption. This may sound obvious, but you’ll also want to change your WiFi passwords (many businesses don’t).

If you want only legitimate users to access your network, combine this with EAP-TLS authentication, which is more suitable for a business environment because it uses certificates to validate users rather than just a password.

Finally, be sure to turn off WPS, a feature that makes connecting to your wireless network very easy using a short PIN or a click of a button. This presents a huge vulnerability – even if you are using WPA2.

IMPORTANT: Your WiFi should be protected from the rest of your network through a firewall. If it’s not, contact us immediately because WiFi gives users access to your entire network – including your servers and confidential data.

Additional Cyber Security Measures

These 5 steps are by no means a comprehensive list of the security measures your Milwaukee area business needs to take in order to remain secure. There are additional areas of security to consider:

  • Ensure you have network security equipment in place such as firewalls, intrusion prevention systems, virtual private networks and network access controllers.
  • Keep all software up-to-date and remove inactive user accounts.
  • Maintain backups of critical files and software – and regularly test your backups to ensure they work.
  • Limit access to confidential, sensitive data.
  • And more – contact us for a Free Network Discovery and our technician will evaluate your network and identify potential vulnerabilities and loopholes.
Want to Bulletproof Your Business
Network Against Hackers?
Sign Up for a No-Fee, 100% Free Network Discovery

To see if Ontech Systems is a good fit for your organization, take advantage of our FREE Network Discovery, where we will identify high risk vulnerabilities within the business and make recommendations to strengthen the security your network – from data backup, to firewalls, server security and more.

 
NO obligation. NO commitment. Put us to the test!
 
Just enter your name and email address below to get started!
 We respect your privacy. We will NEVER sell, rent or share your email address.
Read previous post:
bonjour
Fall in Love with the Coolest Tech Gadgets of 2016

1. Sensorwake Alarm: An Alarm Clock for Your Nose What if you could wake up to the smell of a...

Close