Skip to main content

5 things you can do to improve cybersecurity


As I mentioned last year, phishing attacks are on the increase. Recent studies have shown that many small businesses are seriously underprepared to deal with a security breach. With its employees being a small businesses most valuable asset, it is important to understand how you can protect them and your business from a cyber attack. Here are the top five things you and your employees need to know about cybersecurity:-

Cybersecurity knowledge

Many users believe that all IT security is the responsibility of the IT staff, or that some magical shield has been implemented like a technological Patronus Charm which will save them from the bad guys. Unfortunately, many small businesses can't afford top security experts so it is important that employees understand they play a critical role in protecting your organisation. Employee training is the first line of defence against cyber-criminals. Make sure that all employees are have been correctly onboarded into your organisation. Make sure that your organisation has an induction process which teaches all about IT and cyber security. It is also strongly recommended that this training is reviewed on a regular basis.

2-step verification

Most modern applications and email platforms support 2-step verification, so turn it on. An ideal time to configure 2-step verification is, guess then... during new employee induction. With 2-step verification even if the bad guys have stolen login IDs and passwords they will be unable to access your employees' accounts and data.

Strong passwords 

Now, did you know that the most popular password in use today is 123456, shocking I know and that this password is used multiple times on multiple devices and applications? Now for me, passwords have had their day and 2-step verification should be implemented on all your applications, but that's not always possible or practical. When application developers have made passwords your only form of security make sure you're using a strong one, I personally use a password manager and have no idea what any of my passwords actually are.

Phishing

The most common form of cyber-attack is a phishing email. Phishing emails try to get your employees to click on fake links in order to obtain log-in credentials. These phishing emails look authentic and appear to come from a credible source. A new trend, as reported last year in the article "All my files are stored in the cloud so I'm not at risk, right?", shows the increased usage of application emails such as Google Drive alerts to fool users into giving up their ID and passwords. Training users, as part of a security workshop, will help your employees identify fake emails, as well as what to do if they receive something suspicious.

Cloud Storage

There have been many reports of ransomware locking users and businesses out of critical data. So make sure your users are storing their files centrally, ideally in the cloud. These systems should then be backed up, yes even the ones in the cloud. Don't think that just because you're files are in the cloud they will not be a target. Ask yourself this simple question, "If my files are deleted or corrupted am I able to get them back?" If the answer is no then it's time to review your backup policy.





Comments

Popular posts from this blog

GDPR Compliance - The Sky Is Falling

Over the past few months, I've been speaking to more and more business owners about their concerns regarding GDPR (General Data Protection Regulation), which becomes law on 25th May 2018. The concerns appear to come from misinformation and fake news over GDPR. There are the scaremongers, reporting on the increase fines that an organisation could face. While it's true GDPR has increased the levels of fines to 2% of an organisation’s global turnover, and for more severe incidents €20 million or 4% of turnover, whichever is the larger, it's unlikely that fines will rocket. Elizabeth Denham, the information commissioner for the UK, stated in a recent blog , it’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm. Denham continued to say that; " The ICO’s commitment to guiding, advising and educating organisations about how to comply with the law will not change under the GD

What is the difference between Artificial Intelligence and Machine Learning

After my recent article in which I discussed the future of work , and how AI technology will be used to disrupt once safe traditional roles, I felt that an article explaining the difference between Artificial Intelligence (AI) and Machine Learning (ML) was needed. Unfortunately, I realise that many people in the tech industry often use these hot buzzwords interchangeably. So here is my understanding of these terms and I hope it helps. Artificial Intelligence. You've probably already seen AI being incorrectly referenced on social media and in the news. Then thinking about AI think of it as a broad set of different technologies in which a computer is able to answer a question without being programmed to do so. Machine Learning is an application of AI which uses a large set of data and advanced statistical analysis in order for machines to determine the answer from previous similar question and answers. The way I see it, AI is more of a vision, a direction of travel with only a
Related Posts Plugin for WordPress, Blogger...