Additionally, here are some quick security fixes to ensure everyone in your business is doing as much as they can to prevent a security breach:
1. Don't let your PC go unprotected: Move off of Windows XP if you still have computers running it, as support and updates for Windows XP ended in April 2014.
2. Coordinate policies with processes: Make sure everyone in your company is clear about your data-protection policies and what they can and cannot store on their personal computers.
3. Keep sensitive data safe: Do not use a general purpose computer to store sensitive data. For example, don't use that computer to check email or surf the web.
4. Regularly review what information you store: Check over what information is being stored on your server(s), verify that any confidential or monetary data is sufficiently protected.
5. Maintain PC protection: Confirm that you have automatic software updates and antivirus updates enabled and ensure firewalls are maintained.
6. Plan ahead: Put a disaster recovery plan in place, including who to call when something bad happens, offsite backup in order to recover from fire, flood, physical theft, and hackers, and records of what (if anything) your insurance policy covers from down time and other costs associated with hackers.
7. Be in good company: Develop a relationship with your local government authorities before you need to call on them in a crisis. Some government agencies provide simple cybersecurity toolkits to small businesses, such as the Employee Cyber Security Kit provided by the Cyber Security Agency of Singapore.
8. Do your data homework: Collect computing logs and occasionally review them because they will prove valuable during incident response, helping you to learn what your computers normally do, respond to cyberattacks more quickly and potentially spot hackers before a damaging breach.
9. Consider managed security services: Advances in cybersecurity technology, including the use of more sophisticated analytics, can be difficult to keep on top of. Managed security services can ensure that you are as well-protected as larger firms.
10. Support cyber protection and knowledge sharing: Sharing information on cyber breaches gives experts a community view of the shared threats that exist and hopefully fold those threats into an actionable analytic approach that reflects the real risk of cyber threat.
Some of the countries in South East Asia have already set up dedicated outfits that deals specifically with cybersecurity, and often act as a reporting centers for such threats. In Singapore for example, businesses may report cyber security incidents online at the Singapore Computer Emergency Response Team (SingCERT) website..
Once you have the fundamentals in place, the next step is to investigate some of the new breakthrough alternatives that will best protect your business, and your pocket. Today's innovations include analytics or machine learning, and devaluation of data. If you are a small business, look into P2PE or tokenization, which can be very cost effective. Securing a business today with a very small budget is challenging, but ignoring cybersecurity is no longer an option.
Sign up for Computerworld eNewsletters.