Small Business IT Support: Cyber Security Do’s and Don’ts

Small to midsized businesses often suffer from the age-old process of weighing costs against benefits. Cyber security is rarely made a priority by SMBs, partly because it’s an intangible for business owners who are not technically astute. Often, until faced with a cyberattack, SMBs don’t consult IT professionals to secure their networks. By then, the costs of poor cyber security will dramatically outweigh any savings previously achieved by a do-it-yourself approach to protection from data breaches. However, even after you collaborate with IT experts to strengthen your cyber defenses, ongoing cyber security is a team effort; all employees must strictly follow security protocols.

SMB Data Security Do’s and Don’ts

Cyber security best practices should be embraced by all employees, at all levels, at all times.

Basic company-wide rules must include:

• Password Security – The days of using the same password for all online accounts are long gone. As cybercrime skyrockets, it is imperative to use different strong and unique passwords for different accounts. That way, if hackers breach one account, they will not have ready access to your other accounts. Also, if your passwords are easy to guess, you can bet that a hacker will find them even more accessible. A combination of upper and lowercase letters, special characters and numbers will strengthen your passwords. Also, to make the process of selecting and remembering difficult-to-guess passwords easier, there are password management applications that can generate random, strong passwords and store them securely for ongoing use. Finally, never share your passwords with anyone. Your private credentials are the first layer of protection against a cyberattack. Also, maintaining password confidentiality will help narrow the range of possible vulnerabilities.
• Protection of Private Data – Just as you wouldn’t be likely to print out hard copies of your personal data and post them on office bulletin boards, the same practice must apply to an online posting. Posting information such as your address, social security number and credit card information is an “invitation” to cybercriminals. Also, communicating such information via email presents cyber risks and should be done in a secure environment and only when absolutely necessary.
• Email Phishing Attacks – It is essential to understand the signs of phishing scams. Emails from unknown or untrusted sources, suspicious attachments or embedded links can be the delivery mechanism for a cyberattack. It is equally important to understand that one wrong click can open the door to a system-wide data breach. Think before you click and report any suspicious emails you receive to your IT support.
• Security Awareness – We would not let anyone look over our shoulder when withdrawing cash from an ATM or entering a password into a cashier’s keypad for a purchase in a store; the same awareness should apply to all online work. Whether printing something in your home office or working on your laptop while waiting at an airport, it is vital to be aware of your surroundings and people who could be watching your activities, waiting for opportunities to steal your confidential data.
• File Destruction – Care should always be taken when destroying files. Whether printed or digital, files can hold sensitive or private data that can be harvested by hackers or insider threats if not disposed of properly. To ensure proper data deletion or secure its proper storage, it is best to consult with IT professionals.
• Removable Media – The use of USB drives, flash memory cards and other removable media should be tightly controlled and treated as a privilege with restrictions based on user permissions and needs. Also, untrusted devices can be pre-loaded with malicious code, ready to launch an attack.
• Always Lock Computers and Mobile Devices When Not Using Them – It is an excellent practice always to lock your devices when you aren’t using them. Leaving a connected device open and logged on when you take a break or walk away from them opens another door for possible data theft.
• Do Not Use Public WiFi – Unsecured, public WiFi is an open door to hackers. Many cybercriminals spend all day in bus stations and airports waiting for unsuspecting users to log on so they can hack them in real time, sometimes sitting only a few seats away. Therefore, unless you deploy a Virtual Private Network (VPN), it is wise to avoid public WiFi.
• Report Suspicious Incidents – If you receive emails, attachments or texts that seem suspicious, have problems logging on to an account or you notice your device malfunctioning in an unusual way, you must immediately report such events. Continuing to work in a potentially unsecured network can allow a malware attack to spread deeply into your company’s system. If your company has no IT department, IT experts should be consulted immediately.

Comprehensive cyber risk management is vital to running a small to midsized business. Unfortunately, smaller companies have neither the time nor the budget for a full-time IT department. In addition, they also lack the expertise to take the necessary steps to assess and protect their cyber vulnerabilities. Therefore, it is essential to employ IT professionals to lock down your network, secure your endpoint devices and train your employees. They will assess your cyber risks and help you design the best layers of protection for your hard-earned business data, regardless of where the data is stored and who is accessing it. Cyber Security is now a 360-degree ecosystem requiring significant expertise to secure all possible access points.

DIGIGUARD Cyber Security Specializes in Protecting SMBs

DIGIGUARD is dedicated to preventing cyber threats of all kinds. They are the IT experts you need to secure your business network. Also, they have a wide array of solutions to protect against cybercrimes and ensure you have the best possible protection in place before a cyberattack. It works with small and midsized businesses to establish cyber security best practices to ensure confidential data is secure and all your devices have the specific protections they require, especially those used for remote-access work. For any business, cyberattacks can have devastating consequences. DIGIGUARD can assess your cyber risks and work with you to design the best protection solutions for your business.

Call DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) and visit www.DIGIGUARDsecurity.com to discuss how you can increase your company’s overall level of cyber security across your network before you fall victim to a cyberattack.