October is Cybersecurity Awareness Month. We know you are busy running a small business and cybersecurity can be complex and overwhelming. Here are some counter-action items you can take to make sure your business is more secure:
- Use two-factor authentication when logging into accounts (i.e. online banking, social media, etc.):
Two-factor authentication, or multi-factor authentication is a security feature that protects an account in addition to a password. This electronic authentication method grants access to an account, website, or application after successfully presenting two (or more) pieces of evidence.
- One piece of evidence can be the password to the account.
- The second piece of evidence could be entering a code from a text message or authenticator app.
- Beware of malware:
Malware is a file or program and that may harm the computer user, and cause a breach of data security. Some types of malwares are: ransomware, spyware, command and control, virus, worms and trojan horse.
How to prevent a malware attack:
- Regularly update systems, software, and applications.
- Encrypt your data.
- Educate employees through security awareness training.
- Regularly backup data.
- Control physical access to your computers and create user accounts for each employee.
- Limit employee access to data and information, limit authority to install software.
- Prepare for an insider threat.
An insider threat is an individual from within the business such as a current/former employee, contractor, or partner that poses a security risk. These threats keep rising despite improvements and developments of cybersecurity tools.
Some ways to protect your business against insider threats:
- Limit employee access to data that is absolutely necessary to perform their job functions.
- Control offboarding process to prevent a disgruntled employee from acting maliciously.
- Provide security awareness training.
- Regularly back up data in a worst-case scenario.
This content was originally published here.