October is national cybersecurity awareness month! This year’s theme, “Do your Part. #BeCyberSmart.”, encourages individuals and organizations to take proactive steps to enhance cybersecurity and protect their part of cyberspace.
Any small business that uses computers, mobile phones, or accepts credit cards is vulnerable to attack; regardless of its size, location, or type of business. To make cybersecurity a priority, a combination of prevention and insurance coverage is needed.
In this blog, I’ll share five ways businesses can do their part to protect their organizations from cyber attacks:
#1 Train Staff Regularly
Employees are your best protection against cybersecurity threats!
- Conduct training drills and exercises with everyday scenarios that test employees’ ability to detect scammers and fraudulent emails.
- Educate staff on the danger of clicking on unsolicited emails and links.
- Initiate a clean desk policy to ensure passwords and sensitive and private information is not visible at work stations and educate employees on how to manage sensitive business information at the office and at home.
- Establish guidelines for using company-provided laptops and mobile devices for business and personal purposes.
- Train staff on what to do if a cybersecurity event occurs.
#2 Install & Activate Software and Hardware Firewalls
Firewalls can thwart malicious hackers and stop employees from browsing inappropriate websites. Install and update firewall systems on every employee computer, smartphone, and networked device.
Include off-site employees, even if you use a cloud service provider (CSP) or a virtual private network (VPN). You may also want to install an intrusion detection/prevention system (IDPS) to provide a greater level of protection.
#3 Secure All Wireless Access Points & Networks
For secure wireless networking, use these router best practices:
- Change the administrative password on new devices.
- Set the wireless access point so that it does not broadcast its service set identifier (SSID).
- Set your router to use WiFi Protected Access 2 (WPA-2), with the Advanced Encryption Standard (AES) for encryption.
- Avoid using WEP (Wired-Equivalent Privacy).
If you provide wireless internet access to your customers or visitors, make sure it is separated from your business network.
#4 Engage the Right Partners and Platforms
- Ensure your website hosting company has staff that are constantly patching security vulnerabilities, so nothing can attack your website.
- Put a web application platform in place to protect your website.
- Make sure your e-commerce platform meets the Payment Card Industry-Data Security Standard to protect against digital security breaches across your entire payment network.
#5 Patch Your Operating Systems and Software
- Every new application can open the door to a cyber attack if you don’t update all software used by every employee on a regular basis.
- Always check updates when purchasing a new computer or installing a new software system.
- Don’t delay downloading operating system updates. They often include new or enhanced security features.
Not sure how to implement some of these initiatives? An IT consultant can help you determine if your company is following best practices to thwart cyberattacks and recommend solutions.
With a cybersecurity plan and cyber insurance in place, business owners will have the confidence that their business and their clients’ businesses are secure for the long haul.
Want to learn more about how cyber insurance can protect your organization from a costly cyber attack? Let’s Connect!
About the Author
John Kersey joined Healy Group in 2003 and has 30 years of experience designing risk management programs for commercial clients. As a risk management advisor, John strives to build strong relationships with his clients and business partners to understand their needs better and provide the best risk management strategies for their unique situations.