Fighting Cybersecurity Threats
Cybersecurity can be a scary topic. However, there are some simple ways to combat the vulnerability for these types of threats. If you keep any kind of digital information for your business or non-profit organization, you have a chance of becoming a victim of a cybercrime. The odds have increased exponentially during the pandemic, with more cyberthreats and scams floating around than ever before. Here are some ways to reduce your chances of getting attacked.
Social Engineering
Social engineering is when thieves try to get your employees or volunteers to provide confidential information via a phone call or email. You can reduce your risk here by developing procedures and training anyone who takes phone calls for your office. Require them to ask for identifying information such as a pin or code, or simply prevent them from giving out any information over the phone.
Passwords
Passwords are terribly inconvenient but incredibly necessary. Almost everyone is guilty of using passwords that are too easy to guess. Here are some password tips:
Avoid using dictionary words, even if the syllables are broken up in the password.
Always use a combination of upper and lower case, and don’t just make the first letter uppercase which is too predictable.
Include special characters, and don’t just use the exclamation point.
Use separate passwords for everything, especially for banking apps, accounting apps, and social media apps which are frequently hacked.
Make your passwords at least 12 characters. More characters will be needed each year.
Receiving and Delivering Information
If you deliver or receive information, it should be done safely and securely. One way to do this is to use a portal such as Box or ShareFile, where the information is securely stored in the cloud. Another tool that is used to safeguard information delivery is encrypted email.
Anti-Virus
All computer users should have anti-virus software implemented and active on their devices. Your established organizational procedures should dictate the settings as well as the brand to use.
Spam Protection for Email
Anti-spam software is also necessary to protect the device from bad links in emails. Users should be trained to detect and avoid phishing emails.
Malware Protection
Malware can be installed on your computer without your knowledge and if you are not careful. To protect against these threats, avoid file-sharing when possible, be careful when visiting unknown websites, don’t download software that you don’t recognize, and be careful with links in emails.
You may also need to protect your website from malware attacks by installing a firewall or other preventative solutions.
Software Releases
Stay current with all of your software upgrades. Upgrades can patch vulnerabilities, so you are safer with each new upgrade you install.
Data in the Cloud
Make sure any data that you have in the cloud is behind an acceptably secure technology solution. Today, this generally means files are stored with AES 256-bit encryption. You can also look for SOC1 and SOC2 certifications.
Need to Know
There are many policies that need to be developed for employees and/or volunteers with regard to data handling. One example is providing data access to individuals on a need-to-know basis. For example, an operations manager does not need the password to the payroll system, but the payroll manager does.
Reducing Risk
These items above are the tip of the iceberg when it comes to having good data security practices in your business. Develop an excellent set of policies, train and monitor those within your business or nonprofit organization, and set a great example yourself when it comes to this growing threat to your online data.
If you have other tips for me in this area, don’t hesitate to send them to me. I’m also available for any questions you may have. Together, we can develop a safe and protective barrier between your online information and those who engage in cyber attacks.
Here’s to your success and cyber safety!
Barbara
