With all the recent headlines about ransomware and network security breaches this is a good time to revisit some of the safeguards available to help prevent a work stoppage at your business. It’s important to first understand that, even with the most sophisticated network security measures in place, it is usually human error and risky computing behavior that will unleash infections that can bring your network down. Some common examples include: opening suspect email, infrequent end-user password changes, downloading free software, downloading home computer data to the business network, and visiting untrustworthy sites.
Although we hear a lot about large corporate and US government agency security breaches, companies with fewer than 100 employees are the number one target for cyber crooks who know that many small companies fail to properly protect their data. Unfortunately,most small business owners believe that their business is just too small to attract any attention. The reality is that one in five small businesses falls victim to cyber crime and 60% of those targeted businesses end up closing within six months.
At one time, having a firewall and anti-virus software was considered enough protection to deter unwanted network intrusions. These measures, although still important, are now the bare minimum course of action to take. Today, every feasible effort possible must occur to protect valuable company data and personal information. Computing only with up to date and supported hardware and software has become an absolute necessity. Real-time anti-malware and anti-virus, two factor authentication, breach prevention, content filtering, encryption, network monitoring, and business continuity are no longer security processes for consideration. These have become computing necessities in the battle against cyber crime.
The state of Massachusetts requires that all business owners have a written information security program that imposes several security measures that predominantly focus on the modification of end-user behavior. These include: using complex passwords and changing them regularly, using email encryption when sending or receiving personal information, understanding company policy and procedures for network security and adhering to the company WISP at all times. Business owners are required to perform annual security reviews, provide employee training and document violations and security breaches. Unfortunately, even with these best practices in place, cyber hackers can sometimes still find a way to wreak havoc. So, what can one do? Be prepared!
It’s great to be an optimist but sometimes you must plan for the worst-case scenario. Although we may go years without an insurance claim, we keep paying annual insurance premiums because of the “what if” factor. This same approach should be taken with your business data. Adding layers of security, adhering to security regulations and having the best possible business continuity solution are your best insurance policies against losing all your data or being held accountable for a security breach.