When it comes to cyber-attacks, both small and large businesses are equally at risk. Many people are under the misconception that, cybercriminals only target large companies. But the reality is, all data has value. For this reason, cybercriminals are on the lookout for anything that they can get, and they aren’t slowing down. Even in these trying times, these individuals are looking for more creative ways to exploit the masses.
The primary purpose of this article is to provide the end user with actionable advice that can be used to both maintain and improve your cybersecurity situation. This will ensure you are better prepared against cyber-attacks. You should look at these things as more of an internal checklist, things that you should already know and be doing, if you want to be secure. If you are familiar with all the things listed here, then you should never rule out a cyber-health check, just to assess your level of risk.
1. Keep Everything Up-To-Date
When your operating system alerts you to a new update, or just any update alert in general, you don’t want to ignore it. You want to install it as soon as you can. Updates encompass many different things, not just new features. One of the most important things they fix, are vulnerabilities, found in apps or devices that cybercriminals will use to gain unauthorised access to your systems. If your operating system or device is no longer receiving updates, then it’s recommended that you update.
2. Choose Unique Passwords
If you’ve been online for any real length of time, then it’s likely you’ll have a whole host of passwords for all your different online accounts. Because of the sheer number of accounts, many people opt to use the same password or same two passwords for all their different accounts. The main problem with this is that if a cybercriminal were to gain access to one of your accounts, they would ultimately have access to all of your other accounts.
3. Don’t Leave Your Devices Unattended
A data breach is most likely to occur when a staff member or volunteer leaves a device unattended. This could be on a train, at home or in a vehicle. You want to take the necessary steps to ensure your personal data is safe, to do this, you will need to be vigilant, ensuring your data is always stored in a safe location.
4. Secure Wireless Networks
When it comes to wireless network security, you’ll want to separate guest and corporate wireless networks, regardless of the size of your company.
For larger companies and larger network systems, the implementation of certification-based authentication, will ensure that the identity of every user, is verified.
Captive portals are most suited for guest networks, as it ensures separation and accountability from visitors and staff.
For businesses, other things you should consider are secure communications, monitoring and logging, active directory security and other such things, as it will ensure long term security for your business.
One thing to keep in mind is that, when it comes to cyber security, it is a continuous process, one that you will have to constantly, upgrade and change to keep on track with the times.
5. Know Who Has Access to What
You want to restrict who has access to your buildings and who can access your IT systems. You don’t want any unaccompanied individuals having access to sensitive data, as this can leave you vulnerable. The less people you grant access to said data, the more secure it will be. Any visitor, should be very easily identifiable. Make sure, only those who work for you, actually have access to the IT systems of your business. If an employee leaves the company, or if they’re away for a considerable length of time, maybe due to an illness or holiday leave, then you may want to consider suspending their IT access, just for the time being.
6. Enable Two-Factor Authentication
One very effective way that you can protect your online accounts is by enabling two-factor authentication or 2FA, as it is known by. You have the option of choosing whether to have a code generated or sent to your device of choice, typically your mobile phone. This code is what you will use to authenticate yourself, every time you attempt to log back into your account. This way, even if someone is able to acquire your username and password, they will not be able to access your account, without the code, which will be sent to your phone, every time you attempt to log into your account.
7. Install an Antivirus Program
Antivirus programs are designed to detect and remove malicious software from your system, most especially viruses. If your system doesn’t have any antivirus software installed on it, then that’s probably the first thing you’ll want to invest money into. If you’re using at least Microsoft Windows 7, then it should come with a built-in antivirus tool called Windows Defender. This program is of course, free to use. You can use that, or you can invest money into one of several well-known and trusted antivirus programs. There are many places that you can go to, for advice on the best antivirus solutions. Most of the best solutions are paid services, the free version, are few and far between. You also want to be sure you’re actually downloading a real antivirus program and not a virus, as many viruses disguise themselves as antivirus programs, as ironic as that is.
8. Secure and Regular Backups
You want to ensure you are carrying out regular and secure backups of your most sensitive data. There are many backup solutions that you can use. If you’re on Microsoft Windows, then they have their own solution you could try. Again, it is also free of charge, making it a good starting point. Otherwise, you could use a cloud-based backup solution. These ones are paid. Once you have your preferred solution setup, the last part of the puzzle, will be to run a test backup. This way, you can be sure, in the event that you need to use your backups, that they are actually retrievable.
–AUTHOR INFO—
Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website https://www.compuchenna.co.uk.
