Technology has changed the way we do business dramatically over the years, and most of the time it has been for the better. However, with the good also comes the bad and those same advances in technology have also left our Intellectual Property vulnerable to cyber-attacks. Cyber-attacks are an attempt by hackers to damage or destroy a computer network or system. They can also be used to steal sensitive data which means not only is a business’s IP at risk but so is the security of its customers information as well.
An organization can protect itself from unauthorized access however by having a cyber security plan in place. Because your employees are on the front lines of the company day to day, an important initial step is to educate them on what it takes to secure confidential data and provide guidelines to keep your systems safe.
Here are a few simple ways to start building a foundation for Cyber Security in your company today.
1. Start with communication.
It’s easy to give your team a handbook on cyber security and expect them to follow it to the letter, but enforcing those rules can be a bit trickier. Maintaining open communication with management and staff on simple things they can do each day to protect their data will help keep cyber security top of mind.
2. Change passwords frequently and use more complex requirements.
Password updates seem obvious but many people create a simple password for a system and never change it again for years. Updating software to automatically prompt/require employees to change their passwords more frequently can help keep passwords fresh and harder to figure out. Also using advanced password requirements such as minimum character counts, upper and lowercase letters, numbers, and special characters can ensure stronger passwords are being created and not just the name of an employee’s cat.
3. Control the accessing and editing of cloud based information.
Cloud based file sharing is a system in which a user is allotted storage space on a remote server and files can be transferred from a physical server to a cloud server over the Internet.Hackers can use the cloud to introduce malware into your systems if not properly protected. Create policies on how to manage imports or exports to and from the cloud or the company's server. You can also employ two factor authentication, and prohibit access to company servers from unsecured public networks.
4. Apply various permission levels for different users.
Not all users need edit permissions to all files. Assigning different access levels maintains checks and balances so that all employees do not have total access to sensitive information. The more people that have access to information in your company, the more vulnerable it can be to cyber-attacks. It is also good to keep an audit log of anyone who accesses or edits specific files or systems including when, who and what edits were made.
5. Educate employees on how to identify if a threat or breach has occurred.
Though you may have advanced security measures in place threats can still occur. It’s important to have a documented remediation plan and update or review it frequently with your employees. Communicate specific instructions about what employees must do if they think a cyber-attack has occurred, as they are often the first to notice something is wrong. Include the basics such as physically unplugging their machine from the network and notifying the IT Manager or Network Admin of any suspicious emails, activity or lost devices immediately.
In the event that a threat does occur Saavedra & Associates can help. Our team of computer forensic experts can help rectify issues quickly and effectively.
We can also identify system vulnerabilities before a threat occurs so the proper security measures can be put in place proactively. With Saavedra & Associates on your side you can feel secure knowing that you have the best resource available to keep your company moving forward safely.