November 05, 2019
Every year, European Cyber Security Month involves organisations across the continent take extra steps to improve their cyber security, so there’s no better time to minimise the risks of your company being compromised.
Assess the risks to your organisation’s online information and systems with the same vigour you would for legal, financial or operational risks. To achieve this, install a risk management regime across your business. Business leaders are being urged to build better human firewalls as cyber crime incidents continue to rise. Security experts identify people as the biggest targets – and weakest links – in the corporate cyber security chain. Extend your risk assessment regime to also cover the paper-based confidential documents that come in and out of your organisation, to ensure you’re protected in both cyber and non-cyber spaces.
Protect your networks from cyber attacks. Defend the network perimeter and filter out unauthorised access and malicious content. Security software essentials include firewall and antivirus programs. What’s more, never trust unsolicited emails and text messages. Never click on a link, image or video that has been received from an unknown sender. Check that emails are legitimate: red flags include spelling mistakes, poor grammar, odd phrasing and urgent requests for money or action.
Strong passwords use eight characters or more and include a combination of upper and lower case letters, numbers and symbols. Keep passwords in a safe place and don’t use the same one for multiple accounts. Be sure to change passwords every three months. But at the same time, avoid changing login information so frequently that your users suffer password fatigue and settle for variations on the same theme. Beware of leaving passwords lying around on post-it notes for the whole office to see! Password manager tools help you use unique, secure passwords for every site you need and will also automatically keep track of them for you.
Cyber criminals create networks that look like free internet, which allows them to watch your every move, including what passwords and account information you enter when connected. To keep your information safe, never make online payments, send confidential information, or introduce important account passwords when using public Wi-Fi.
Keep your personal information secure on social media. Cyber criminals can often obtain your confidential information with just a few data points, so the less you share publicly, the better! For instance, if you post your pet’s name or reveal your mother’s maiden name, you might expose the answers to two common security questions. But certainly think twice before sharing personal information such as your name, home address, phone number and email address.
Produce user security policies covering acceptable and secure use of your systems and provide ongoing cyber security awareness training. Employees must know how to identify suspicious emails or links and they should be wary of what websites they visit and the applications and mobile apps they download. Encourage staff to report all cyber attacks. Knowing that you have been attacked enables you to efficiently manage the recovery. Bringing in a Clean Desk Policy will also help to uphold cyber security – by reducing the risk of passwords and other sensitive information being left carelessly lying around the office.
Don’t stockpile computers or hoard digital data. Keep digital data filed and current and purge files regularly. Have old or unused computer hard drives securely destroyed in your workplace. Shred-it’s physical destruction of digital media service ensures your confidential information stays confidential. To protect your business further still, adopt a Shred-it All Policy to simplify document handling, enhance legislative compliance and increase secure recycling within your organisation.
Businesses are increasingly reliant on mobile technology. But mobiles and other devices are big targets and can be your organisation’s weak link. Always be aware of where mobile devices are, never leave them unattended and make sure you switch on password protection, keep your mobile applications and operating systems up to date and can can track, lock and wipe lost or stolen devices.