6 best practices to secure your business online
You can’t go too long without seeing another headline about a cyber-security breach impacting a high-profile company. In recent years, cyber criminals have gotten their hands on millions of social security numbers, passwords, company trade secrets, and more. Security breaches have increased 67% over the past five years and companies of all sizes can be impacted.
In a world where most of our lives are being spent online, cyber-security is now more important than ever before. Are you at risk for a cyber-attack? What can you do to fight against the growing threat? In honor of Cyber-Security Month here are 6 best practices to secure your business online.
1. Keep software up-to-date
Outdated software is a hacker’s best friend and if you’re trying to save money or time by using older systems, you could be putting your data at risk. Major software vendors regularly release updates and patches to close up security holes. By ignoring these updates, you’re leaving the door open to trouble. One great (or not so great) example of this is the Equifax data breach in 2017. This mega-breach, which put the personal information of more than 143 million Americans at risk, was due to a software vulnerability that had a patch available a whole two months before the attack. Had Equifax acted sooner, the whole event could have been avoided.
Push the latest updates and patches to your operating system, applications, or other assets as soon as they’re released. Consider putting a software update policy in place at your company as a reminder.
2. Use an advanced firewall
A firewall is a barrier or shield that prevents unauthorized access to and from a private network and it can be the first line of defense against threats on the internet. Firewalls inspect all the data passing in and out of the network to ensure that the traffic is legitimate. They have the ability to block malicious threats while still allowing normal access for authorized users. Install firewalls not only on your servers, but on all office computers, laptops, and mobile devices as well. While a firewall can’t block everything, they are an essential first step to getting secure.
3. Install anti-virus software
Computer viruses are constantly evolving and they can wreak havoc on vulnerable computers. Even if you browse carefully and use common sense, viruses can still get through. Your computer could be infected by simply visiting a website and even the most legitimate websites you trust can be compromised by sophisticated cybercriminals. Antivirus software can give you one additional layer of protection to catch and quarantine viruses before they do any major damage.
4. Educate yourself (and your employees) on phishing attacks
Phishing is a very costly cyber-security threat and it’s one of the most common types of cyber-attacks used against businesses. With phishing, hackers gain access to sensitive data from the source itself – you and your employees. With this practice, ‘phishers’ typically send fake correspondence (usually emails) that entice users to enter secure information like email addresses or passwords. While many phishing attacks are easy to snuff out when you know what to look for, cybercriminals are getting more and more advanced with their approaches. Anyone in your company can easily fall victim to an email that looks like it’s coming from a legitimate source and all it takes is one click for a breach to occur.
If you have a wide range of employees that have access to your company’s network, it’s important to implement regular training on these types of attacks. This training can involve ways to identify phishing emails and processes for how your employees should respond. You should also consider periodic phishing simulations to test your employees’ skills.
5. Create secure passwords
One of the easiest ways for hackers to break into a computer is by guessing a password and this happens more often than you may think. A recent report found that 81% of company data breaches were due to weak or stolen passwords and over 70% of employees reuse passwords at work. Common passwords such as “12345” or “password1” should be avoided at all costs in addition to celebrity names or birthdates. Long, complex strings of upper-case and lower-case characters, numbers, and symbols can help keep hackers at bay. Employees in your company should also be reminded to never write down passwords and to change them often.
6. Find a secure hosting service
Having a secure web hosting service can help when trying to fend off cyber-attacks, but with so many companies out there, it can be hard to know what your best option is. When evaluating hosting providers, it’s important to look for one that provides sophisticated intrusion detection systems to catch malicious activity fast and even physical security staff that monitor servers and data centers 24/7/365. Some providers, like Americaneagle.com, also provide Level 1 PCI compliant hosting. For companies that accept online credit card payments, PCI, or Payment Card Industry, compliant hosting is a must. Hosting providers that reach level 1 status undergo stringent yearly audits and on-site reviews to ensure they’re able to secure millions of customers’ credit card information.
When it comes to protecting your business from cyber-attacks, it’s important to stay vigilant. Don’t ever think it won’t happen to you. By taking an all-encompassing approach to cyber-security, you can stay ahead of the bad actors out there and keep a secure online presence that your customers can trust.