How To Safeguard Your Company Data

StrategyDriven Risk Management Article | How To Safeguard Your Company DataIt doesn’t matter what kind of business you run, you will need to take steps to safeguard your company data, and that of your customers, from cybercrime and data loss. Losing important business information or having it stolen by a hacker could easily spell the end of your enterprise altogether, and it will certainly have a negative impact on your reputation. Therefore, it makes sense to put in safeguarding measures to protect the information and yourself. Here are some ways to do it.

Back Up

Backing up your information is simple and effective. Although it won’t protect against an attack by a cybercriminal by itself, it will allow you to restore the potentially missing or corrupt information left in the hacker’s wake, or as a result of a system failure.

If you can restore the information then you can continue working, even if there are other problems that still need to be dealt with. Without a backup of your work, you may well lose everything and have no way of continuing your business at all.

The most important thing to remember about making backups is that you will need to use a reliable external source to do it. There is no point in backing up your information to another computer on the same system; this is not going to keep it safe. Ideally you should use the cloud as not only will the information be protected but you can access it from anywhere – this is perfect if you are unable to get to your office or if there was a fire, for example, that destroyed your computing equipment.

Use A Firewall

A firewall will give you an extra line of defence against cyberattack. It works as a barrier against any malicious software that you may have inadvertently downloaded. This barrier, when correctly installed, will ensure that the virus cannot reach the more vulnerable and important parts of your computing system, blocking it completely.

The idea is a simple one, but there are many different types of firewall and it can become confusing and even overwhelming when you start to look more deeply into it. Because of this, it is best to have IT services Birmingham find the right firewall for you and install it – that way you know you are protected.

Password Protection

It is possible to set passwords on some programs such as Adobe Acrobat and the Microsoft Office suite. This adds an extra layer of security so that only those who have the password are able to open the document.

You can even password protect entire folders and networks if you want to and feel that this would be a useful protective measure that will safeguard your company data. When you are choosing a password, it must be something unique that cannot be guessed easily; never use phone numbers or birthdates or names. For the best password, you should use a combination of letters, numbers, and symbols. Although this will be harder to remember, it will also be harder to guess, so your information will be much safer.

Protecting Your Business From The Threat Of Cybercrime

StrategyDriven Risk Management and Managing Your Business Article |Cybercrime|Protecting Your Business From The Threat Of CybercrimeThere are many threats to each and every business the whole world over. You might look at your company and think that just because you are only a small operation, then you won’t be at risk. But there is one thing that is a fact, cybercriminals do not discriminate.

Whether your business is worth billions, or you are a sole-trader, you are likely to come under attack. You might currently be facing several attempts each day. Although, depending on the type of business that you operate, this could be considerably more.

What Effects Will A Cyber Attack Have On Your Business?

In the event of an attack, and the very least, cybercrime will cause your websites and services to suffer from downtime which will have a financial knock-on. The outcome will generally be much worse.

You might end up losing customer data, which will result in mass-identity theft. You may face fines from the government if the breach could have been prevented, and you might face legal proceedings from affected customers.

All in all, you are likely to lose a lot of money and face severe damage to your reputation. It might all result in you going out of business completely.

How Can You Protect Your Business?

There are many ways that you can protect yourself. Firstly, you should make sure that you are following the best practice guides for data protection in your specific industry. If you are handling customer or client information, you have a duty to ensure stringent measures are in place to protect the data. Where you are working with data that is particularly sensitive, for example, financial information or even medical records, you may have additional regulations to adhere to because of the increased risk that you face.

One of the best ways that you can ensure that you are fully protected is to use the services of an IT specialist or a Managed Service Provider. You can learn more about the various services that an IT support team will be able to provide in order to help your business to protect itself.

What Measures Can You Take In House?

Keeping your business safe from cyberattacks is something that everyone in your business should be doing. It is so important that you should create policies and procedures around the threat, and implement a whole raft of training measures to ensure your team understand the risks and know how to take measures to keep your business safe.

Change passwords often. If your team are all changing their password every month to something that is new and unique, you will be able to minimize the risk of front-door access to your systems via stolen passwords.

Train your staff on phishing emails. Your team need to know not to click on links in emails, even if they look legitimate.

Use multifactor logins. By including a biometric element or a personal question as a secondary stage of any login, you can minimize the risk of anyone but the correct user logging in.

Never share passwords. Every employee needs their own unique login. If people share logins, it increases the risk dramatically.

Protecting Your Company from Cyber Attacks

StrategyDriven Managing Your Business Risk Management Article |Cyber Attacks|Protecting Your Company from Cyber AttacksHow well are you protecting your company, client and staff data? Holding any kind of data will mean you need to be employing security measures to make sure all information you collate for whatever reason is secure.

Protecting your company from serious cyber threats is something you should be taking seriously within your business. How secure you need to be depends on the type of company you are running. Different sectors need different types of security measures to protect the company and also staff and customers details including personal information and banking details along with credit card numbers.

Use a Firewall

This should be something you use as standard. A firewall is your first one of defence against a security attack. And unfortunately, small businesses tend to be targeted more often than larger companies due to the level of security that is employed.

Consider an internal firewall along with an external one too for added protection against threats and potential hacks.

Educate Employees

Again, this is something most people are aware of. However, staff training on the use of technology and online habits and practises is never a waste of time. Especially as online security threats are changing and evolving all the time.

Draw up company guidelines for personal and work use and educate them on the many ways they could cause a breach in security unintentionally – such as opening links in unfamiliar emails. Make sure everyone understands and signs a document to agree to the security measures they have been trained on.

Limit Sensitive Information

Allowing certain employees access to sensitive information is another way you can reduce the risk of your staff creating a security breach. By giving different staff members limited access, the less the chance of that information getting into the wrong hands. And if it does, then you will know exactly who caused the breach and deal with it swiftly.

Regularly Back-Up Data

Making sure you have backups will help you get up and running again in the event of a security breach. Prevention is always the best option but you want to make sure that should the worst happen, you can still access everything you need to.

It is recommended that you back up to a cloud. The GCC High Cloud is now available for more companies to offer you another level of security.

Have your backups processed on a regular basis to ensure minimum disruption in the event of a security breach.

Install Anti Malware

A 2016 data breach investigation identified that 30% of employees opened phishing emails. You may presume that all employees know not to open phishing emails, some will still open them.

Phishing scams involve malware being placed on a computer when a link is clicked. installing anti-malware can help remove and/or block this before it gets any information or causes any damage. Include this as part of your training and make sure your anti-malware is running on all devices and internal and external networks.

Keep Your Workplace From Going Viral

StrategyDriven Risk Management Article | Keep Your Workplace From Going ViralWith the recent virus outbreak many people have become concerned with sanitizing their workplace to prevent the spread of the virus and germs. As a cleaning professional with over 25-years of experience, I have some good insights on how to handle this process. We at Cleaning Group Inc. have developed a protocol for disinfection and preventing infection in offices, gyms, medical facilities, restaurants, and other venues where the public meets with your staff.

The first piece of advice I can give you is don’t panic. Panic prevents rational thought and hinders the ability to make informed decisions. The first thing to do is assess the actual exposure. This is determined by how many people visit your facility on a regular basis and the probability that those people may be infected. Medical offices that treat patients or perform procedures in-office are at higher risk of infection than an office that only has a few employees and rarely receive visitors. The next thing to consider is where germs can be transferred. The most common places transfer takes place are telephones, door handles, light switches and restrooms. Air quality is another consideration as germs may become airborne and spread through ventilation systems.

Whether your workplace has a high or low risk, you should consider consulting a professional to assess what needs to be done in your facility. A professional cleaner will determine exactly what your individual needs are. There are safeguards that everyone can take. Start by informing employees, coworkers, clients and visitors of the risk factor. If you are a medical office treating infected patients or if you have employees who have been exposed, you need to inform everyone who enters your facility to take precautions. If you are hosting a meeting or conference, designate areas where visitors will be and properly clean and disinfect those areas before and after the meeting. Put hand sanitizing stations at entrances and lobby areas. Most people will use it if it is available. I recommend a touch free dispenser. When several people touch a soap dispenser before actually using the soap, they are leaving germs on the dispenser. Designate a phone that your visitors may use and place disinfecting wipes next to it with a sign asking people to wipe the phone before and after using it. Any keypads or touch screens that are heavily used should be treated the same way.

Signs should be placed in all restrooms asking everyone to please wash their hands. Touch free soap and towel dispensers are a great idea. Touch free faucets are beneficial. Electric hand dryers are better than paper towels. The restroom fixtures should be disinfected at a frequency that coincides with their use. A cleaning professional will be able to determine the proper frequency. Using the proper chemicals is key. For example, bleach evaporates much quicker than most other water-based disinfectants. In order for a disinfectant to work properly it must remain on the surface for several minutes. All surfaces should be wiped with a disinfectant daily.

Treating the air can be the trickiest. I recommend changing filters weekly using a high-quality filter that traps the most amount of allergens. Hepa filters work best. Having ducts professionally cleaned will help prevent germs from collecting in the ventilation system. Disinfectant fogging is the best way to treat the air and kill airborne virus. This process must be done by a professional. The fogger atomizes the disinfectant and sprays it into the air. This will treat areas that are hard to reach and may normally get overlooked.

Lunchrooms and kitchens are another area where disinfecting is important. Utensils and cups should be washed, dried and put away in a cabinet. Everyone should clean cups and utensils before and after each use. Water cooler handles should be disinfected as well. Make sure you replace kitchen sponges frequently and use an antibacterial dish soap. Wipe counters with disinfectant before and after each use also.

The best defense against germ and virus transfer is a good plan. Work with a cleaning professional and consult your local health department to assess risk factors and determine the level of reported infections in your area. These and other tips are available in more detail in our guidelines for disinfection. I realize that some of these things may seem extreme or expensive. Most business owners are reluctant to increase the cleaning budget. I can assure you that the money is well spent. Keeping your customers, clients and employees healthy is as equally healthy for your bottom line.

About the Author

StrategyDriven Expert Contributor | Glenn GreeleyGlenn Greeley is founder of CGI Cleaning Group Inc. headquartered on Long Island. For more information visit, call 631-669-6033, or email [email protected] for a free disinfecting guideline.

What your employees can do to reduce cybersecurity risk

StrategyDriven Risk Management Article | Cybersecurity | Cyber security | What your employees can do to reduce cybersecurity riskNo longer just the responsibility of the IT department, cybersecurity is something that all employees have a vital role in. From making smarter decisions in the workplace to understanding how to spot common attacks, employees can do much to combat cybercrime in all of its forms. Here we take a look at the things that your employees can do to help keep your business secure.

Install regular software updates

It is unfortunately the case that many employees leave their computer turned on at all times – even when they’re out of the office. The convenience of having all windows and browsers tabs open when they return to work is offset by one a major cybersecurity weakness – computers with out-of-date operating systems and applications.

When an employee does not regularly turn off a computer it can leave the system without critical updates that are only installed when it is shut down. These updates fix vulnerabilities and weaknesses that could be exploited by cybercriminals. This is why it is vital that employees shut down their computers regularly.

Understand the dangers of phishing attacks

Phishing is still a major problem. We have all seen a phishing email; sent from a fake account and designed to look like a legitimate sender. The email will attempt to trick you into clicking a link and being sent to a duplicate version of a genuine site, with the exception that when you enter your login details, these will be harvested by criminals.

You might think you know how to spot a phishing scam – but phishing is becoming more sophisticated in 2020. A rise in deepfake voice phishing could see employees tricked into sending money to scammers or revealing sensitive information after getting voice messages and calls that sound like they are from senior executives.

It is important to understand these risks in order to be able to combat them.

Broaden their cybersecurity awareness

It is important for your employees to stay up to date with the latest tactics and techniques being used by cybercriminals. Providing employees with regularly updated training can be hugely valuable in boosting their knowledge and understanding. Employees with good cybersecurity skills and knowledge make a valuable line of defence against cybercrime.

One way that you can assess the cyber maturity of your employees is by engaging a cyber security company to carry out a pentest of the organisation. For example, this could take the form of a simulated phishing attack to see if any of your employees give out their log-in credentials.

Work closely with the IT department

It is important that employees should avoid any instances of “shadow IT”. Shadow IT is the term for any application or software that is installed on an employee’s computer without the knowledge and consent of the IT team.

Going through the process of having a piece of software signed off and approved can be frustrating and time consuming, but failing to do so can lead an employee to download software containing a vulnerability which can be exploited by hackers. Or which isn’t updated in the future by the IT team when known issues are identified in the software.

Set strong passwords

Experts disagree as to whether employees should change their passwords on a regular basis. On one hand, changing passwords can be an important way to limit the risk of stolen passwords being used to access accounts. But on the other hand, employees being forced to remember too many different passwords will often result in them instead using unsafe workarounds.

It can be agreed, however, that the use of weak and commonly-used passwords is to be avoided. According to cybersecurity specialists, businesses can prevent staff from setting common passwords by enforcing rules and complexity such as the use of special characters.

Follow good cybersecurity practice away from the office

It is important if an employee works from home or remotely, that they should follow good cybersecurity practice when they do so. Any time that an employee accesses company data they should do so in an environment that is as secure as the environment in their workplace. Their remote computer should have cybersecurity measures just as powerful as those in the office – otherwise they are making themselves an easy target. For example, using public Wi-Fi is a major security concern.

Backup data regularly

Ransomware is still a problem, and losing access to business-critical data can be a major problem for any company. That is why it is vital that employees should use their company’s corporate network where possible as this is likely to be backed up regularly by the IT team. However, if staff do store data locally then they need to back up their data on a regular basis – ensuring that it is saved somewhere that would not be compromised in the event of a criminal attack.

Final thoughts

It is important that employees understand cybersecurity best practice so that they can act in accordance with it. Informed staff can be a powerful line of defence against cybercriminals.