Data is the new currency of the digital age. If you think your internet experience is free, think again. You actually trade in valuable coin when you use Google and Facebook.
Our information is valuable. And when we give away our information in exchange for services, that which we don’t give away becomes like diamonds or platinum.
Cyber criminals aren’t looking to steal dollars or Euros or Yen. They’re looking to steal information. And if your network and website aren’t secure, you’re essentially giving away your customers’ valuables.
Today I’m going to talk about how to virtually lock your door and keep the cyber criminals out of your network.
1. The Lay of the Land
It’s 2017 and despite much effort to stem the tide of cyber criminal activity, we’re all still vulnerable. Even the largest companies experience data breaches and cyber attacks.
Sometimes these breaches happen because of human error, as was the case with Verizon this past July. Human error caused names, numbers, and PINs to become publicly available online.
But human error is the least of our concerns. In the third quarter of 2016, there were 18 million new malware samples captured. Over the course of 2016, we saw 4000 ransomware attacks every day. And the percentage of phishing emails went up a full five percentage points.
In essence, cyber security is getting harder, not easier. And it’s not the time to get lazy and forget about network security.
2. It Begins With You
The first thing you need to eliminate is human error. At least as much as you can.
Human error will always be a problem. People will make mistakes, but proper training makes these mistakes rare.
This is where you begin, with you and your team. Find a webinar or a training course. Educate your team on cyber security.
What kinds of things does your team need to know?
- Password best practices
- How to recognize malware
- Proper email protocol
- How networks work
- How to secure a network
- The value of customer data
You can eliminate a huge hole in your security if your team follows protocol. Even if one team member decides they don’t give rat’s hide about security, you are vulnerable to an attack.
3. Secure the Base
Your own business wifi network is the second stopgap for network security. Many businesses don’t know how to secure their own local networks.
Offering free wifi to your customers is tempting, especially if you have a physical store front. But with the advent of 4G cellphone networks, free wifi is wholly an unnecessary perk.
Keep your wifi network secure. Do not give out the password to anyone who isn’t trained in your network security protocol. And change the password often.
This is one of the best ways to keep your business wifi network secure from attack.
Also, make sure you have a sign-in system or a visitor management policy if you run an office. Not only is this important for physical security, it’s important for network security.
If someone can get inside your office and find an unlocked terminal, they can access your network and data. If you’ve ever seen Mr. Robot, you’ll understand how easy it is to infiltrate a network if no real world security is present.
Your Netgear router login needs to be impervious to cracks. Find a password encryption software and make a router password that would take years to crack.
Change this password monthly.
If your company is big enough, you may want to consider hiring a floor marshal. Someone who is trained in recognizing potential threats and strange individuals who do not belong. They can question these people and help ensure your company’s IT infrastructure isn’t compromised.
4. Bar All the Doors
If your business were in a bad area of town, you would bar the doors and windows, right? Imagine your computer network as a set of doors without locks.
If each computer on the network had no antivirus or antispyware software, thieves could just walk right through and steal information. Each computer without these types of software is a vulnerability in your network security.
It might seem obvious. But it’s one of the most important parts of your security plan.
5. Update All the Things!
You may think that network security is an IT problem. It’s not. Network security is a business problem. And if you’re solely relying on your IT guy to remember to update everything, you might get into some deep water.
Ask your IT personnel for a list of update times. What should be updated?
First, if you use a local server, keep it up to date. There will be constant security patches. If your IT professional can give you a list of updates or at least a schedule that shows they’re checking on updates regularly, you can rest assured your server is secure.
Second, every terminal in your business needs to be updated at least quarterly. Most software does this for you. But it’s always a good idea to have a human check in on the progress and reset things if necessary.
Router updates don’t happen as often, but they do need to happen. Replace your routers every other year to keep up with the latest security features.
6. Backup! Get Backup!
If a breach does happen or ransomware hits your company, you need to be able to access your data to restore it. If you’re not backing up customer data, you could lose it forever.
42% of businesses hit by ransomware don’t recover even if they pay the ransom.
The only way to be sure you can restore data is through a constant backup plan. It depends on how often you receive new data as to what constant means in this case.
Some companies back up data daily. Others only need weekly or monthly backups.
The thing that matters most is consistency. Don’t miss a backup date. Ever. Or you’ll be really sorry.
Conclusion: Secure It Good
The risk of losing it all is too great. Customers trust us with their data. And if you breach that trust even once, your company is screwed forever.
Don’t be that company. Secure your network right now.
What do you do to keep your company secure from attack? Let me know in the comments below!