Data breaches can be catastrophic events, especially for small businesses not prepared for this threat. 60% of all targeted attacks on businesses occurred on small, medium, or large companies, according to the Symantec Internet Security Threat Report 2015. To prevent data breaches, it's very important to know how to avoid them before the damage is done.
Outsiders hack into systems on a regular basis, you think. Media coverage tends to focus on data breaches in the form of hacks, but employee error may also result in a breach, such as a lost or stolen mobile device, or downloading malware. Protect your company's data by training your employees about these risks.
There are some safety steps you can take regarding your workspace, sending emails, and creating strong passwords.
Workspace Data Protection
Consider taking some precautions to protect sensitive company data when you step away from your desk during a project that contains sensitive business data. Keep your work area secure by following these steps:
Lock your computer when you step away. When waking or unlocking your computer, you can also change your preferences.
Clean up after a meeting.
Take your documents as soon as they are printed, copied, or faxed.
Cybercriminals and hackers use fake emails to steal passwords, access computer networks, and target credit and identity. They can include links or attachments and appear to come from a trusted source like your credit card company. Emails you don't open should be deleted.
Ensure that before opening any emails or clicking on links to download or open any files:
It's from someone you know.
You have previously received an email from this person.
Your expectation was met.
The spelling and characters don't appear odd.
Longer, Stronger Passwords
You can make information harder to access by using strong passwords and changing them regularly. Passwords shouldn't be shared. Pick something cryptic, yet memorable so you don't have to write it down. Lock it away if you write it down.
Among the best practices for creating strong passwords are:
Neither your name nor ID should ever appear in your password.
It is recommended that passwords have a minimum of seven characters.
In addition to upper- and lower-case characters, passwords should also include numbers and symbols (e.g., &, %, $, #).
Identify Social Engineering
As with putting together a puzzle, social engineers get their information from a variety of sources, including your social profiles and other information about your organization. It is always a good idea to verify any information provided to you before giving it to anyone.
If you think someone is your employee but do not know them, you can:
Make sure you call them back on their work phone number.
To the person's email address at work, send a code word or number and request a callback.
Make sure that others in your organization are aware of these tips to ensure the security of their data. Learn how to create cyber security training for employees and what risks are associated with them.
This short guide should help you to keep your data safe for your business. Do you have any other tips that could help? Please share a few in the comments below.