So to prevent exposure to hackers, “make sure your operating system is set to receive automatic updates,” and regularly check for or download updates (patches) for your most regularly used software and apps, too.
7. Enable two-factor authentication
“Enabling two-factor authentication provides far more security (and thus peace of mind) than a password alone,” says Mike Catania, CTO, PromotionCode. “The odds are that you have your mobile phone on you anyway, so the level of inconvenience is extremely low for a huge return in keeping the bad guys out. 2FA, as its popularly referred, essentially confirms you by requesting a PIN verification from your mobile device if someone attempts to log in from an unrecognized machine.”
8. Use a virtual private network (VPN)
“The growth of bring your own device (BYOD) in the workplace means employees may be tempted to use their own cloud-based apps to store or share customer data with colleagues,” says Julian Weinberger, director of systems engineering, NCP engineering. That “may leave sensitive company data vulnerable with only the strength of an employee’s password to protect it.”
To protect against mobile breaches, “small businesses can restrict [or prohibit] BYOD or use a virtual private network. A VPN will enable remote offsite employees to create an encrypted, end-to-end connection with the company network and transfer data securely regardless of their location or the application they are using.”
9. Minimize risk from third-party vendors
“SMBs need to talk to third party vendors about their security policies [before they do business with them] to ensure they’re properly protecting company information,” says Kevin Haley, director of product management, Symantec Security Response. “Ask questions such as: Are you using multilayer security? Are you backing up the data? Are your systems up to date? SMBs should also limit the amount of customer data they share and only provide what is absolutely necessary in order to minimize risk.”
How to protect data when cyberattacks happen
1. Back up data regularly
“By constantly backing up your data and storing a copy safely in a separate location, you create a strong last line of defense against a wide range of threats, from hardware failure to equipment theft, fire, flood and file-encrypting ransomware,” says Stephen Cobb, senior security researcher, ESET. “Be sure to test recovery from your backup copies on a regular basis to make sure everything can be restored and the appropriate employees know how to restore it.”
2. Have a disaster recovery (DR) plan in place
“SMBs should have a disaster recovery plan ready to go in the event of a cybersecurity [breach],” says Brady Keller, digital manager, Atlantic.Net. “If all of your business's data is stored with a cloud service provider, have autonomous and complete backups of that data somewhere else. This can be done by paying either a third party vendor to back up your data or your staff to create the backups internally. These backups and the corresponding recovery plan should be tested thoroughly in disaster simulation exercises.”
Sign up for Computerworld eNewsletters.