Jay Sachetti joined Jeff O’Brien, partner at Husch Blackwell and Dyanne Ross-Hanson, president of Exit Planning Strategies talked about the market for mergers and acquisitions, exit planning opportunities for companies that don’t end up for sale and how companies can maximize their eventual sale price during an early October panel at the first Upsize on Tap event at Summit Brewing Co. in St. Paul.
When the state Legislature passed a law requiring employers to provide paid leave and safe time for employees, Justin Bieganek started hearing differing details from friends, colleagues and peers.
1, Train your employees to notice scams and infected emails. All the spam filters and antivirus programs in the world can’t protect against someone clicking on and downloading a threat.
2, Implement an acceptable use policy outlining how everyone associated with your business is permitted to use devices, software, data, e-mail, and Internet access.
3, Strong passwords and multi-factor authentication are simple security steps that can add significant barriers hackers must get past to access your networks.
4, Update your software immediately with patches and updates created to repair vulnerabilities.
Cybercrimes are increasing in intensity and hackers are setting their sights on small and medium businesses who are more vulnerable for not fully investing in their network security. According to the National Cyber Security Alliance, at least half of the 82,000 new malware threats released daily to steal credit cards, sensitive data and money are aimed at SMBs. Take steps to implement critical IT security protocols and protect everything you have worked to build.
The number one security threat to any business is … YOU. Almost all security breaches in a business are due to an end user clicking, downloading or opening an infected file, either from a website or an e-mail. Phishing e-mails (e-mails cleverly designed to look like legitimate messages from a website or trusted vendor) are increasing in sophistication and spam filters or antiviruses cannot protect your network when someone is intentionally clicking and downloading the threat.
Educating everyone connected to your network to spot an infected e-mail or online scam is key to protecting your business. Cybercriminals can dupe even savvy computer users and just one slip could grant them access to infect other devices on your network. Also ensure the risks associated with public Wi-Fi use is well understood; prohibit accessing your network and any sensitive data through an unsecured internet connection.
On that same theme, implement an acceptable use policy (AUP) that outlines how everyone associated with your business are permitted to use devices, software, data, e-mail, and Internet access. At a minimum, your AUP should limit the websites end users access with work devices and internet connectivity. Enforce the policy with customized content-filtering software and firewalls to grant permissions and rules that regulate online usage during company hours and/or with company-owned devices (social media, gaming, adult content, online shopping, etc.).
The use of unmonitored personal devices to access company apps, e-mails, and other sensitive data remotely are gateways for hackers to your network. Indeed, the global pandemic that imposed many employees to work remotely may have necessitated the use of personal devices for company business, but even employees who have returned on-site are asking to bring their own personal devices (BYOD) and use their smartphones for just about everything.
Alternatively, issue a company-owned and monitored devices under an AUP to anyone who must work remotely. This gives you complete control over your company’s data for any eventuality.
For example, if employees stop working for your organization, will you be allowed to erase all company data from their personal phone or laptop? What if their device is lost or stolen? Would you be permitted to remotely wipe it, hence deleting all their personal photos, videos, emails and texts?
Besides, highly sensitive data such as patient records, credit card details, and financial information may not be legally permitted to be accessed from devices that are not secured. If it is absolutely necessary for personal devices to be used for company business, insist on installing monitoring software that can be secured by your network administrator and under the directive of detailed AUP.
Requiring strong passwords and passcodes for all devices, networks, apps and sensitive files should be a routine security measure and enforced by your AUP. Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number.
On mobile devices, requiring a passcode to be entered will go a long way in preventing access if it is lost or stolen. Likewise, implementing multi-factor authentication (MFA) for all accounts on your network increases the difficulty for hackers. MFA requires anyone seeking access to present evidence from multiple distinct factors. For example, something you know (a code) and something you have (sent to your phone).
Although cybercriminals are diligently working on methods to circumvent even these advanced security measures, MFA adds another barrier against hackers who may have stolen your passwords. Additionally, MFA alerts users to potentially suspicious account activity. Implementing these precautions and regularly enforcing them will help reduce network risks.
Vulnerabilities are frequently found in common software programs such as Adobe, Flash or QuickTime. You can keep your network secure by making it a top priority to install updates and patches. Updating your systems and applications immediately when they become available is the best course of action. Consider working with a managed IT service provider to automate this process so your business does not miss an important release that could leave your network exposed.
An effective safeguard against the most aggressive ransomware attacks (where a hacker locks up your files and holds them ransom until you pay a fee) is a rock-solid backup. If your files are backed up, you don’t have to pay a crook to get them back.
A good backup will also protect you against accidental (or intentional) file deletion, natural disasters, fire, water damage, hardware failures and a host of other data-erasing catastrophes. Therefore, make sure your backups are automated and monitored. The absolute worst time to test your backup is when you desperately need it to work.
Firewalls are the frontline defense against hackers. They block everything not specifically allowed to enter or leave an IT network. Current advancements in technology no longer make a good firewall cost prohibitive, so invest wisely in this key component of your network security. Most importantly, routinely monitor and maintain your firewall to warrant it from failure. Most managed IT service providers include this service in routine maintenance plans.
These seven security protocols when implemented in tandem help construct a multi-layer barrier to protect your network, data, and — most of all — hard earned money from security hacks. Working with a professional managed IT service provider to assure each piece is in working order will further protect your IT investments. Moreover, a cybersecurity insurance policy will help mitigate unpredictable losses.
