Cybercrime is at epidemic proportions. Businesses like Sony, JP Morgan, Home Depot, even NASDAQ have been devastated by hacking attacks that have left them scrambling to recover. These are giants in the business world that were once thought indestructible. It may have been this thought that contributed to their downfall since, despite the fact that the warning signs are everywhere, many organizations do nothing to protect themselves.
With our dependence on interconnected devices to conduct business and with 87% of companies using social media to communicate with customers and clients as well as employees, we can’t afford to slack in our vigilance against cybercrime as every point of connection is a possible point of entry for hackers. It’s important to note that the vast majority of breaches are made possible through employee mistakes.
Here are some things you can do to protect your business online. This list is by no means exhaustive, but following this list will make you more of a nightmare for hackers:
Having A Strong Password
You’d think this would be a no-brainer, but the number one password in the world is “123456” for like the 15th year in a row. Stopping hackers is going to take more than that. Also if you have 5 different accounts you need 5 different passwords, so that in the event of a breach, criminals don’t have access to everything. According to Microsoft, a strong password:
- Is at least eight characters long.
- Does not contain your username, real name, or company name.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Contains characters from each of the following four categories: Capitals, lowercase, numbers, and symbols.
You can even test your password by running it through a password strength checker. If that’s not enough protection for you, there are various password alternatives that you can explore, such as biometric devices that allow you to use your unique heart rate as a password, or 2 Factor Authentication which requires a user to enter a code sent to them in a text or email in addition to the password to gain access.
Put Up a Good Firewall
A firewall protects your network by monitoring and controlling traffic coming into and flowing out of your business over the internet. There are 2 types of firewalls; client and appliance firewalls. Client firewalls are installed on the computer itself and monitor all of the network traffic on that computer. All the incoming and outgoing information gets screened for possible breaches. An appliance firewall is a device like a router that has a firewall installed and is between the Internet and your computer. If you’re using a router, make sure it has a firewall.
Stay Up to Date
At this year’s Pwn2Own a white hat hacking contest held by Hewlett Packard and Google, every major browser (Chrome, Safari, Internet Explorer, Firefox, and others) was destroyed as hackers found vulnerabilities for each. These vulnerabilities were later patched by their vendors, but the people who haven’t updated their browsers for whatever reason, are still vulnerable to the exploits that the hackers found at the competition. Outdated, unpatched programs and systems account for 80% of attacks. In fact, the Home Depot hack that resulted in the loss of 56 million records was due to a system that was a decade out of date. Most programs have an auto-update feature that may need to be turned on. Keeping current will go a long way to making your systems secure.
Be Careful With Email
Over the years, viruses and malware have been sent over email since almost its conception. While you may be updated and have your guard up, many others don’t and can pass their viruses and malware on to you. Be careful of email with suspicious text, as it may even come from people you trust. Sometimes an unsuspecting employee clicks on a link or downloads an attachment that they believe is harmless that turns out to have a virus or software that steals sensitive information. Malicious links are the most common way computers get infected. Never click on a link that you weren’t expecting or you don’t know the origin of in an email or IM.
Install An Antivirus Program
A last line of defence for when all other safeguards have failed, the antivirus program is meant to clean your computer of viruses and scan incoming files for malware and viruses. Like with everything else, it is essential that antivirus is kept updated so that you’ll be protected from all the known exploits.
Secure Your Laptops and Mobiles
Because they connect to your network wirelessly and are portable, laptops and mobile phones are a favourite for cybercriminals to target. Because of this, extra care must be taken to secure them. Invest in encryption software for your laptops and phones, as it makes it impossible to be read without the decryption key. Apple phones come with their own encryption built in, but Androids require the installation of encryption software. Never leave your laptop in your car for the same reason you don’t leave any valuables in your car in full view of thieves. If you must lock it in your trunk.
Today’s smartphones are almost like computers that you put in your pocket. They are just as sensitive as laptops, yet so much easier to steal or lose. Always have password protection enabled with a specific timeout that locks the phone. Another good idea is to have remote wiping enabled so that in the event your phone is stolen or lost, you can send a code to your phone that wipes the phone of sensitive information, making it useless to hackers.
Teach Your Employees
One of the biggest sources of breaches as mentioned before, employees need to be made aware of what to do and what not to do to ensure that they are proactively preventing breaches. Proper education requires alerting them to the dangers as well as the reason for the precautions. This will take quite a bit of the burden off of IT security staff so they’re not constantly reacting to end-user mistakes.
Again these are not completely exhaustive, but they are good guidelines to follow when setting up or enhancing your security policies. Take a lesson from the missteps of other companies and protect yourself as best you can from Cybercrime.
About the Author
Mordecai Hunter is a writer with aspirations to start his own consulting firm. He has travelled the globe and speaks 4 languages. In his spare time, he plays and repairs guitars and loves video games. You can bug him on Twitter.