Every year, business leaders find themselves faced with a dizzying array of new technology challenges, with security-related issues typically being at the forefront. Now that digital data is the world’s most valuable commodity, cybercrime is on the rise like never before, and small businesses remain the favorite target.
While the tide of spam email might be gradually abating, that doesn’t mean you can afford to worry any less about scams and malicious software. In fact, cybercriminals are getting smarter and using more effective methods of attack. With threats like targeted phishing scams and ransomware on the rise, there’s never been a better time to restructure an outdated cybersecurity strategy.
Here are some things you should being doing today to start 2019 on the right track:
Implement multifactor authentication
Passwords have always been central to digital security, and although that’s not likely to change anytime soon, the days of relying on them entirely are long gone. That’s really good news, considering how terrible most Americans are at managing their passwords. While you can enforce stronger passwords with your security policies and user-authentication systems, there’s another layer of security you should be thinking about.
Multifactor authentication (MFA) offers a more secure way to verify a user’s identity, especially when logging in from an unrecognized device or location. In addition to verifying a user has the right password, their identity will also be confirmed by SMS, mobile authentication apps, or fingerprints. MFA does away with over-reliance on passwords, thus significantly reducing your exposure to social engineering scammers.
Stop visiting unsecured websites
Most people don’t think twice about clicking on a link to an unknown website. In fact, many don’t even know how to tell a secure website from an unsecured one. For example, you should always look for the little padlock icon beside the address in your browser, followed by the prefix “https://”. This means the website is protected by a special security certificate, which encrypts all data sent through the site.
Websites that don’t use security certificates can’t protect information in things like online forms or instant messages, which can be easily intercepted by a third party. That’s why Google has practically made these certificates mandatory for websites, and you should avoid using unprotected sites even if you’re not planning to provide any information.
Reduce risky cyber behaviors
One of the biggest challenges facing IT security teams these days is that attack opportunities have increased exponentially in the typical business environment. Rather than having to worry only about protecting a handful of desktops, there are now countless other connected devices to think about, from employee-owned smartphones used for work to IoT devices. On top of that is the fact that many devices come with huge inventories of applications that staff never use.
Eliminating risky cyber behaviors requires a disciplined approach to the principle of least privilege. In other words, uninstall any apps and disconnect any devices that aren’t needed, and give your employees access only to the tools they need to do their jobs.
Stop oversharing online
Digital privacy and security might be the concerns of the generation, yet many people are still in the habit of oversharing on social media. When these habits extend to the workplace, you could end up witnessing a reputation meltdown or a severe breach of security and compliance protocols.
Even if social media and other platforms are critical for business operations, you should train your staff on how to use them responsibly. Furthermore, it’s critical that you implement a way to enforce your policies by monitoring every platform your company uses, so that you can learn of any potential breaches immediately. This way, there’s a better chance of mitigating the damage before it’s too late.
Cyber Shift Technologies provides technology expertise and managed services to companies in the areas of Akron, Canton, and Massillon. Call us today if you’re ready to shift your IT into high gear.