Quick action may help your business more than you think. With cyber criminals targeting small businesses like yours every day, you need to protect yourself now. Here are 5 actions you can implement this week.
1. Strong passwords. Get everyone to change their passwords in the next 2 days. Plan a company-wide 5 minute meeting to remind your people what a strong password is. Share with them the 8/4 Rule: a minimum of 8 characters and include each of the 4:
- UPPER case
- Lower case
- Symbols @#$%&
Ask them to think now what their new password will be. Ask your staff to each develop a personal password formula so he/she can create and remember the password without relying on words others can easily guess.
Tomorrow, schedule 5 minutes for everyone to change their password. Frequency of change matters, because often a hacker gets into a business’s network and prowls for weeks or even months before significant damage is done.
2. Patch Management. Meet with your IT person to learn if he/she is updating all operating software and applications within 48 hours or less after receiving patch alerts. If not, find out what your IT specialist needs to make this happen. Set the expectation that this is a requirement.
Patches can be done either using the automated patch management feature for many applications, or your IT person can go directly to the application vendor’s website to download the patch.
3. Firewall. For under a $1,000 you can get a robust firewall, suitable for many small businesses. Set up business rules to manage internet traffic, such as whitelisting (allowable or blocked websites) and time of access (does ever staff person need access late at night or on weekends?).
4. Encryption. Determine what your most sensitive data is and encrypt it. Depending on your business, it might be 5-20% of your files. If your business is highly confidential, you may need to encrypt nearly all of your data and emails. A number of strong encryption applications are available, so check out several and install one this week.
5. Anti-Virus/Anti-Malware/Anti-Spyware. Invest in a well-known, well-rated virus/malware/spyware protection software. Be sure to update it often as the malware dictionaries are updated by the vendor frequently. With over a 100,000 (yes, truly that many) new malware programs identified a day, your dictionary must be updated constantly.
Think of these basic defenses as the locks and security cameras used by many businesses. They are the first line of defense and reduce many threats. Make it hard for the hackers to get to your system and chances are strong the criminals will look for an easier target.