Practical, effective, and inexpensive ways your small business can reduce risks associated with cyber threats.
1) Implement two-factor authentication
You’re already familiar with one-factor authentication: your password. As the name implies, two-factor authentication (2FA) uses a token of some type – usually generated on your smart phone – as a second factor. Someone can steal your login ID and password through various means, but they’re not going to get your phone too (if they do you’ve got other problems). 2FA radically increases the effort required to break into a system.
2) Employ full disk encryption
Full disk encryption (FDE) allows you to use the data on your system, but if that system is lost or stolen the data on it cannot be accessed without a passphrase. Both modern Windows and Mac systems come with some type of FDE capability built in.
3) Inform the team about phishing
It doesn’t take much to create a well-crafted phishing email, but there are numerous ways to identify a phish if you know where and how to look. Keep the team informed about phishing by sharing news stories and screenshots of high profile phishing scams.
4) Use a virtual private network for remote access
Work from home? Travel a lot and use airport or hotel Wi-Fi? Connect to the office network with a VPN to avoid unauthorized third parties from eavesdropping in on your connection.
5) Make backups of your data frequently and store them offline
Ransomware is becoming the scourge of the Internet. It is only a matter of time before a firm is hit and a very cold, hard business decision has to be made: pay the ransom, or lose all the encrypted data. Could you restore data by asking clients to resend copies? Sure, but how long will it take to re-create your lost work product? How happy is the client going to be about any of this?
6) Move to the cloud
Putting data in the cloud seems like a risk, but you could never replicate the level of protection a company like Google implements on your own systems, nor would you want to. Putting data on the cloud outsources a great deal of your security solution to people who think about this stuff 24/7, and eliminates the need to buy and maintain your own IT infrastructure.
None of these solutions are expensive. Several of them are free.
What’s the difference between free or cheap compared to “enterprise” products in this space? Generally speaking, it is the lack of external support. Your will need to spend some time to get familiar with and implement the aforementioned solutions, but none of them are onerous.
Taking simple steps to increase your online protection is a must this day in age.