The day begins winding down and it’s closing time at your business. You count the cash at the register. You check the store for missing inventory. You pack up your things, punch in the code to activate the alarm system, and leave the store, locking the front door on your way it. It’s common sense for you. A ritualistic process to deter theft and keep your business safe. Not doing any one of these things would leave you in unrest that the security of your livelihood could be at stake, and yet they are such simple tasks.
With the technological “Big Bang” our world has only grown more connected, and with that, your business can reach out to more people than ever; but just like being able to let everybody in town come visit your brick and mortar shop, there are people out there trying to acquire your goods or services in less honest ways than others. Going digital can lead to tapping into the exponential growth this world has opened, but with that comes the added threats that have been created just as rapidly. Staying safe and diligent in this new environment doesn’t have to be difficult though. Here are some things to lock down your online presence that are as easy as turning a key.
Watch what you click in emails
You and the rest of your employees receive thousands of emails every day. They vary in importance from a funny chain of quirky videos circulating around for a good laugh to major client letters about key company components. Then there’s even the overwhelming amount of spam. Typically this gets tossed into a separate folder by your email provider’s filter system, but a couple can always get through into your main inbox. Over 90% of all malware attacks come from emails. This is how the trending ransomware, a malware attack that locks up entire computer systems until a certain amount of money is paid, gets in from. Once it’s taken over, there is no easy way to clean your servers up from it.
The only effective way to protect yourself is to keep it from happening altogether. The best way to do this, is by paying careful attention to what you’re clicking on in an email. Make sure to keep yourself diligent and train your team to properly vet emails for any signs of suspicious activity. If an email has a link to a website, and it is marked as an “urgent survey” or anything pertaining to the company, make sure this is policy. You work in the same office as everyone else typically, so just double check with your coworkers around you. If you work remotely, call someone up or send a quick email. If all else, Google the sender and the content of the email. These are messages are mass sent to a large list of company emails in order to get as many opens as possible, so chances are it has been posted online as a discussion group or even a warning from companies who have been hit.
Dedicate your IT
Your IT department might be one person or a couple dozen, but you know their responsibilities are continuing to stack up as technology rolls out something new every week. An overwhelmed staff is like taking the staff manager of a company and then putting them on security duty in a store as well. This causes gaps in both management and security, and getting a resource for each job can lead to budget problems, but what is the cost of security in your business?
Hiring a dedicated in-house security IT member can greatly decrease your risk of a breach. You’ll have a watchdog guarding your data without any distractions of responsibilities outside of the task at hand. The downside to this is direct hire can become a more expensive use of company budget and it lacks efficient scalability. The other more effective solution for a developing or already sizable company is contracting a dedicated team of cyber security professionals from a company that specializes in the field. Sporting events regularly contract private organizations to provide expert security services for large scale events, there’s no reason this can’t be an effective way to make sure your website and data is secure. Not to mention it can be around the clock monitoring.
Systems inherently contain small gaps in security. The iPhone famously had a loophole to unlock a phone without using the pin. Mind you it was a long step process that included asking Siri a specific question, adding a new time, creating a new contact, and adding a photo to said contact before getting in, but it was a method that was discovered all the same. It has since been patched in an update, but it won’t be on an iPhone that has not been updated. This goes the same for any other major computer system or application. Despite thorough testing, there are always strange loopholes that are missed and then discovered later on.
Just like regular doctor’s visits to make sure you’re living a healthy lifestyle, continuous, regular updates to your system will keep you running faster and detecting and preventing any threats. This includes the anomalies in the program that weren’t detected right away because they had such a long step process.
Everyone in your business systems needs an account, and every one of them needs to input their own passwords to get in their profile. This large number of passwords for the same access can become dangerous with people losing their slips of paper they’ve written their unique code on or having a simple password for someone to write.
Making sure to teach them about proper password security practices will keep the wrong eyes from any sensitive data. They don’t have to be experts, but they need to know the dangers of sharing their password as well as what they can do to prevent it. For another measure of added security, many banks use two-step verification where sometimes, for the more sensitive information, a single passcode entry isn’t enough. Picture it like creating a scaled down version of all the action movies you’ve seen where the character must input a code, scan their retina and palm, and then speak into a voice recognition computer. Your business is just as important to you as what’s in that vault.
Secure your Servers
Maintaining your own in-house servers can be an incredible burden on staff, a massive cost, and a waste of space; but it isn’t something you can simply avoid or ignore. You need to put that data somewhere.
Finding a custom, dedicated managed hosting service that makes private clouds for each client’s data is the more cost-effective way to assure your information and programs are secure. With a separate location for managed hosting, you have the potential for around the clock services, a team of on-call professionals in security, hosting, and data migration without having to pay the upfront cost of hiring an entire team, and you’ll have multiple server locations for backups so even if mother nature wipes out the entire East Coast, you’ll have a back up of all your data sitting in the sunny West Coast.