10 tips to avoid cyber attacks

Published
  • December 01 2016, 7:08am EST
Through industry research by Lawley Insurance, the vast majority of U.S. small businesses lack a formal Internet security policy for employees, and only about half have basic cyber security measures in place.

To help clients strengthen their cyber security, Lawley has provided 10 tips to help business owners protect their assets and improve reliability.

Overview

Through industry research by Lawley Insurance, the vast majority of U.S. small businesses lack a formal internet security policy for employees, and only about half have basic cyber security measures in place.

To help clients strengthen their security awareness, Lawley has provided 10 tips to help business owners protect their assets and improve reliability.

Train employees in cyber security principles

While the perception is that cyber security breaches are the cause of a shady computer hackers across the globe, the reality is that most data breaches are the result of human error. Educating your employees to be vigilant in protecting data is as important as having firewalls set up. Your team should be aware of suspicious emails requesting confidential information. If there’s ever a question about the legitimacy of an email making such requests, call the sender to verify they actually sent an email. In addition, make sure employee’s company phone, laptop and/or tablets require passwords to access private data. Leaving an unlocked phone in a cab could be as damaging as a hacker penetrating your network.

Content Continues Below

Install, use and regularly update antivirus and anti-spyware software on every computer

Your computers and network are only as safe as you maintain them, so while it may be a nuisance for your employees to receive pop-up notifications to update their software, it is vital to closing gaps where hackers are trying to penetrate your network. Antivirus and anti-spyware tools are constantly working and updating to battle the latest attacks, but if every machine is not routinely updated, you leave your company vulnerable to an attack that can quickly take down the whole infrastructure. Remind your employees how important the periodic interruptions are.

Use a firewall for Internet connection

Just like a castle has a moat and strong walls to keep bad guys out, a firewall is a first line of defense to prevent unauthorized access to your computers or network. The constant safety checks that firewalls provide help keep your data protected.

Content Continues Below

Download and install software for operating systems and applications as they become available

The updates can create a similar inconvenience as antivirus notifications, but these are equally as important to keeping your information safe. Think of your information technology as a fort that you want to keep intruders out of. Using older versions of software or operating systems is like leaving the back door wide open for someone who wants to do harm to walk right in and grant them access to your financial information, customer records and more.

Make backup copies of important business data and information

It's not a matter of if, but when a breach will happen to your business. Having critical backups of your information could allow limited interruptions to your business workflow.

Content Continues Below

Control physical access to your computers and network components

One way to limit the ability of data breaches is to require logins after a computer is dormant for a short period of time. While it can be a hassle to have to reenter passwords frequently, it can help keep prying eyes away from access to confidential spreadsheets and documents open on the machine of someone at lunch.

Secure the Wi-Fi network

Leaving your Wi-Fi networks unprotected gives hackers a potential window to infiltrate your network to hunt for openings that could access to private information.

Content Continues Below

Require individual user accounts for each employee

Shared accounts open up the possibility for passwords and access to be shared with employees that expose passwords to more people and possibly grant file access to those who should not have it. Tracking down the cause of a breach could become difficult as well when multiple people access your systems through the same login. Not to mention, when an employee leaves the organization, they still could have access. Your best bet is to require individual user accounts for each employee.

Limit employee access to data and information, and limit authority to install software

While you should trust your employees, not everyone should be privy to all of your data. By partitioning access and creating redundancies — even if malicious access occurs — you do not want to give someone the ability to access everything. Limiting HR files to only HR staff and the CEO is one example. In addition, while most software downloads look legitimate, the sophistication hackers use to hide malware in innocuous looking downloads can cripple a network. Allowing everyone to download games and apps could open your company up to trouble.

Content Continues Below

Regularly change passwords

One of the easiest ways your information can become hacked is through easy-to-guess passwords. Most people use the same password across multiple accounts, which can make it easier to hack into several systems if one can be compromised. Ensure employees are changing their passwords frequently and not using the same password across all systems.