One in every ten small businesses have suffered a cyberattack or security breach in recent times. At least that’s what most studies and reports say. 2020 has been a year of disruption for businesses around the world. Many have been forced to shut shop because of the pandemic, while others have shifted a considerable part of the workforce to homes. When your employees are scattered, social distancing must be ensured at office, and everyone is accessing company resources from different devices and networks, you must be a tad more cautious about cybersecurity. Addressing security vulnerabilities and improving cyber defences is not a choice.
In this post, we are sharing more on how to boost cybersecurity in 2020.
Focus on updates
Software, firmware, apps, and operating systems – everything should be updated to the latest version as soon as a new patch is available. Hackers thrive on existing vulnerabilities and make the most of these small gaps to cause damage or steal data. With updated versions, you are assured that your devices, especially networked devices are safe.
Password Protection is critical
Default passwords are easy to hack, and even a novice hacker can do that in no time. You have to consider password protection on priority. Ensure that no employee is using the same password for different accounts, and old passwords shouldn’t be reused. At the same time, it is necessary to create strong passwords – at least 12 characters long, use of uppercase, lowercase letters and numbers, special characters. If your employees are not using a password manager yet, recommend them one.
Train employees on Phishing attacks
As more employees and managers work from home, or use personal devices for work purposes, you must be careful with concerns like phishing. Phishing emails are still very common, and sometimes, it could be so hard to detect, especially when an innocent employee knows nothing about these concerns. Make sure that you train your people on social engineering techniques that hackers use and let them know how to practice safe browsing.
Finally, create an incident response plan. Sometimes, despite all the good effort, things may go wrong, and it is wise to do damage control as early as possible. An incident response plan basically gives an outline of how to handle a security breach, or data theft incident, to minimize damage and restore operations. If needed, authorities must be informed about the same.