9 Cybersecurity Dos and Don’ts for Your Business

9 Cybersecurity Dos and Don’ts for Your Business

Make sure you’re taking every step you can to protect your company from cyberthreats.  Here are 9 cybersecurity dos and don’ts to help. 

Cybersecurity Dos 

Take a multi-layered approach with tech tools.  Just anti-virus and anti-malware isn’t enough.  Consider two-factor authentication, encryption, and IP blockers to improve security.

Educate all employees about cyberthreats.  The weakest link in any security approach is a user making an errant click that exposes your business.  Everyone who touches a computer that’s connected to the internet should receive cybersecurity training, especially email safety.

Establish security policies and hold employees accountable.  Create policies and practices that make the most sense for your business and communicate those to your employees.

Require employees to use strong passwords and change them often.  Stay away from passwords that are easily identified with you like the names of pets or family members.  Use a different password for every account.  Consider using a password manager to help keep everything straight.

Have a reliable backup and conduct regular test restores.   A backup is only useful if it can be confidently restored.  There are many backup options, including onsite, cloud, and hybrid.  The investment you make in a reliable backup solution will more than pay for itself when you need to restore.  

Know when you need help.  The threat landscape changes every day.  If you don’t believe your IT team is up to the task, look for options.

Cybersecurity Don’ts 

Believe email is private.  As the saying goes, “Dance like no one is watching, email like it may one day be read aloud in a deposition”.  When you write an email, think like you’re writing a postcard.  The possibility exists that anyone could see it.  That’s why you should never include personal data like a social security number, health information, or credit card information in an email.

Wait to remove access to a former employee.  Even under positive circumstances, make sure all access to your network is disabled immediately when someone leaves your employ.  This can include changing passwords, forwarding email accounts, removing VPN access, and more.

Take comfort that your company is too small to be a victim.  Remember, the Target breach originated through the systems of their HVAC contractor.  Plus, smaller organizations are often easier to hack because they take fewer security measures.

If you need to improve the cybersecurity in your company, contact CRU Solutions.