With the rapidly increasing threat of ransomware, it is more important than ever before to protect your business information. Small to medium businesses are especially affected because they do not normally have the massive security infrastructure that an enterprise company would have.
Causes of Security Breaches
- Unintended Disclosure: Someone in your company unintentionally posts something private about your business on the internet.
- Hacking or Malware: Cyber criminals access your business information and steal data.
- Card Fraud: Your company card gets swiped or cloned. This is normally done with the point of service card machines.
- Vindictive Employees: A staff member with a bad taste in their mouth intentionally leaks private business information.
- Lost, discarded or stolen business documents
- Lost or stolen technical devices such as cell phones, laptops, computers, and servers.
How to protect your business information against security breaches
Having the right tech in your business will only get you so far, you need to hire the right people, have a security policy and train your staff in picking up malicious content.
- Identify what business information you have, what it’s used for and where it lives. Make an inventory of your sensitive business information and document which server/ computer it is stored on.
- Separate sensitive business information. Try to keep private information on one server or a small number of computers and separate it from other information on your network. The fewer copies you have, the easier you can protect it.
- Encrypt sensitive business information. Encryption is even more important if your information gets sent over email or is stored on something like a laptop. There are many options to encrypt your business information such as Office 365 and ESET anti-virus. This adds an additional layer of security where the hacker can’t access your business information even if they get into your network.
- When purchasing online make sure you are using a website with an SSL. This means the website is secure. You can tell if a website is secure by looking at the URL. Secure websites normally start with “https” instead of “http” and have a lock symbol next to them.
- Perform background checks on new employees.
- Get a firewall and secure your wireless connection.
- Keep your software up to date. Most businesses have anti-virus software in place and keep it up to date but they sometimes forget about other software such as Pastel or Office. Keep all software up to date as most updates come with security against the latest criminal software.
- Protect business information with strong passwords. It is also best practice to change these once every 3 months. Set up all computers and laptops to return to the login screen after 5 minutes of inactivity.
- Monitor application downloads. Your staff should get permission from your IT expert before downloading any applications as some contain malicious software.
- Lock filing and server rooms that house sensitive business information. You should only give this key to very trusted employees who need access to this room.
- Use the shredder! One way criminals get hold of business information is trash cans.
- If you outsource, make sure that vendor is secure. Ask them what security policies they have in place.
- Consider outsourcing an IT company. An IT company like Turrito or Dial a Nerd have experts in these fields and will protect your business information.