Are your employees equipped with the knowledge in combating cyber attack?

in #cybersecurity7 years ago

MAG-HighEdTraining.jpg

Cyberattack is undeniably rampant nowadays.

In fact 50% of cyberattacks mostly happen to small businesses. And 50% of cyberattacks also happen to medium-size and big businesses. Reports says that cybercrime is quite commonplace, making cyber attacks are becoming an increasingly prominent problem for businesses all over the world.

Companies tend to set up all the necessary and even advanced technologies to get their assets protected. But some seem to forget this minor but integral part of cyber security…

What can you do to improve your cyber posture?

Cyber security awareness

  1. Make sure your employees have a strong password.
    More than half of all data breaches are caused by weak password. Always ask your employees to use strong passwords. This matter should not take lightly by the employer. Implement a training awareness for cyber security for your employees.
  1. Require your employees to change their passwords regularly.
    Even with a password policy in place, 65% of businesses said they do not enforce it. Imagine what would happen if the user's password fell into the wrong hands or have been cracked or being guessed by someone. They might be able to mess up your inventory. Your database might be deleted or they might steal customer's important billing information. Reset all passwords monthly to ensure all staffs change their passwords on a regular basis.
  1. Use two-factor authentication when possible.
    Two-factor authentication adds another layer of security that reduces the risk of a password breach. Why need second layer protection? Passwords can be guessed or stolen, it can also get intercepted. Two-factor authentication makes an act of stealing the information twice as difficult. So even the hackers have intercepted your password, they won't be able to get access to your account.
  1. Make sure backing up your files is properly done regularly.
    Ransomware can make your files completely inaccessible. Keeping offsite backups of the important files is the only way to prevent losing access to it. Make sure have a system in place that saves important data.

  2. Make sure every company device have antivirus and malware software installed.
    Most cyber attacks can be prevent by getting right the basics, like proper and regularly updated security software. Antivirus software is the primary defense system against any online or offline threats. Firewalls protect a system from unauthorized entry, adding it to maximize the protection and resistance against threats.

  3. Limit the amount of employees with admin access to only those who absolutely need it.
    Actively controlling the use of administrative privileges is one of top priorities that form the basis of cyber security. Systems and network administrators are targets of Advance Persistent Threats. Minimizing administrative privileges makes it more difficult for malware to spread, hide, persist, obtain sensitive information and resist efforts to remove it. Give out administrative access sparingly, and be sure employees with admin access are well educated on security issues.

  4. Train your employees how to recognize phishing emails.
    The most common cyber crime affecting businesses is phishing emails. Comprising 49% of all attacks. Phishing is an attempt to trick someone, usually via email, making you click tainted links to download malware or send you to fake websites. Make sure your employees to watch out for phishing that may look scarily real. Instruct them not to click on any links or share sensitive information.

Aside from phishing email, spear-phishing attacks are the second most common cyber. A spear attack involves the creation of an email address that looks genuine and is in the name of a colleague. Instruct your employees to never give sensitive information to supervisors via email. Always ask them to double-check email requests for sensitive information, even if they come from supervisors.

  1. Encrypt databases and customer information.
    Without encrypting, your sensitive information will be accessible for hackers in case of an attack. Encryption is important because it allows you to securely protect data that you don't want anyone else to have access to. Instruct your employees to ensure all sensitive data such as client information and important files is encrypted. Implement an appliance that can encrypt data at some point in the storage network.

Conclusion:

There are a number of ways hackers are breaking into businesses important data. Staying ahead of the game when it comes to cyber security is important. And you should not let them penetrate into your defenses. By having the proper guidance and awareness to your employees, from phishing to malware and improving password security habits. Company owners owe much to modern technology for helping them revolutionize their business. But it’s more important for businesses to make sure they have strong data protection and security policies in place to protect them from cyber criminals.