Best Security Practices for 2023
Why is Keeping Your Data Secure Important?
In today’s digital dependent world, data is often one of the most important assets a business has. Therefore, it has to be kept safe. Norton Antivirus reports that a cyber security attack happens every 44 seconds. 44 seconds is less than a minute!
How do cyber attackers steal data? And why?
There are two major categories of attacks: Targeted, and Un-Targeted Attacks
- Phishing Attacks usually happen as mass emails sent to large groups of people in order to gather sensitive information such as banking information, Social Security Numbers, Credit Card Numbers, etc. Phishing emails range from being very obviously fake to being very familiar to emails any other legitimate company might send you. Keep your head on a swivel and take precautions to identify these fake phishing emails.
- Waterholing is when an attacker sets up a fake website identical to a real one. This is an attempt to trick you into entering your personal information. Pay attention to the URL Address at the top of your internet browser. If something feels off about a site, close it immediately, make sure you have the correct URL, and call the company if necessary to verify you aren’t giving away your information.
- Ransomware is software designed specifically to encrypt and lock you out of your own information for Ransom. Typically the attacker will demand massive amounts of money from your business in order to regain access to your information. If demands are not met, your information can be instantly deleted or stolen. Never share passwords, leave sensitive devices powered on and unattended, and if you feel your device has been breached, turn it off immediately and contact an IT Security Specialist.
- Spear-Phishing is a more targeted approach to the normal phishing attacks described above. These are malicious emails and messages directed towards specific individuals. These can be even more convincing than usual, so be aware!
- DDoS Attacks are massive floods of traffic to your network intended to block access to your systems. Attackers use compromised systems within your network to achieve this. DDoS Attacks can be very hard to detect.
How do I protect my business from these attacks?
1. Be knowledgeable and aware!
Whether you have a medical practice, an accounting firm, just a personal PC, or anything in between! Your data is not immune to these cyberattacks. It is imperative for you and your team to be aware of your surroundings on the web. Even if your network is properly secured using industry standards, hackers can potentially gain access to your network if someone on your team mistakenly gives out information or downloads malware. Scheduling regular security training for the entire team is recommended.
2. Proper Firewall Configuration
Your Firewall is the first line of defense for Cyberattacks. A firewall is a device that filters inbound traffic to your network. We recommend scheduling a meeting with an experienced IT Technician to discuss what kind of inbound traffic is absolutely necessary to run your business. Do third party companies, remote workers, etc need access to your network remotely? Your firewall can be configured accordingly!
3. Maintained Workstations
Ever had a pop-up on your screen saying “New Updates need to be installed?” While those can be tedious. Updates are important! Cybersecurity is constantly advancing, and as such, hackers are always adapting to figure out new ways to steal your data. Entire teams are dedicated to finding these newly discovered vulnerabilities and releasing updates to make your workstations as secure as possible. Most IT companies have the capability to manage these updates so they happen afterhours to not disturb you during work!
4. Password Security
As a rule of thumb, you should be using a unique password for each website, or application you’re registered to. If a hacker is able to steal one of your passwords, him or her won’t be able to log in anywhere else. Additionally, we recommend changing your passwords every, at least, every 90 days.
Opting for 2 Factor Authentication is a great way to improve security of your most sensitive accounts online! Even if a hacker knows your password, chances are they won’t have access to your 2FA Method, therefore blocking access to the attacker!
5. Secure Storage and Regular Backups
Last, but certainly not least, having a centralized secure storage for business-critical information will serve many purposes. If an attacker gains access to a specific workstation, your IT company may be able to quarantine that specific machine so your entire network is not compromised. Additionally, centralized storage provides easy backups. You’ll be able to backup central storage, rather than the many workstations in your business. We recommend keeping a backup on premises as well as in a different geographical location. Incase of a fire, natural disaster, etc your data is still recoverable from the offsite location.
We hope this article has provided you the necessary steps to take in order to protect your valuable data from cyberattacks. If you have any questions about any of this information, or want to learn more how to specifically secure your data. Call us at (931) 222-2222 or send an email to firstname.lastname@example.org