%20cropped.jpg)
Your organization faces threats every day – threats to your network, your data, and your physical location. Even a single successful data breach or office robbery can drain your finances, damage your reputation, and even put you out of business.
Here are 5 steps businesses of any size can take to protect themselves from both digital and physical dangers. And once your company is better protected, it’ll be free to grow and ready to face the future with confidence.
STEP 1: PROTECT EMAIL
There are 2 parts to this step – software protection and employee education. First, every business needs anti-spam and anti-virus software installed. These tools help block spam, viruses, ransomware, phishing attacks and other threats.
However, those tools won’t stop every single attack. You also need to educate your employees on how to spot sketchy emails, links, and attachments. These dangerous emails can take a variety of forms:
- Some contain links that bring in a virus
- Some ask you to visit a webpage in order to steal your credentials
- Some try to trick the recipient into sharing personal information
One study found 30% of users open emails from attackers and 10% click on attachments or links. Effective training can dramatically boost your employees’ knowledge of email threats and how to respond to them.
In addition, we recommend putting your users through a professional cybersecurity training program like the one from Mimecast. Read more about it here: Email Security Training That’s Actually Fun.
STEP 2: PROTECT PASSWORDS
Why are so many cyberattacks successful? Two words: bad passwords. More than 60% of passwords are weak, default, or stolen. They’re easy for hackers to guess or buy on the Dark Web. Once a hacker has a user’s password, they’re in.
Everyone in your organization should follow these password best practices:
- Don’t use short passwords or common passwords (think “123456”)
- Avoid using personal information like an address or kid’s name
- Change your password twice a year
- Don’t repeat your important passwords across different accounts
- Use unique passwords for every account and use a service like LastPass to manage them
- Do not save password lists in an email folder, Excel file, or Word doc
- Enable 2-factor authentication whenever possible
Also, if your password is on the Worst Passwords List, you should change it ASAP.
Your passwords should be long and difficult to guess. The good news is, you don’t have to try to remember a complex string of letters, numbers, and symbols (like “Tr0ub4dor&3”).
One strategy is the 4 Word Password Strategy. Think of 4 unrelated words and picture them in a scene together (for example, “mountainstaplebatteryhorse”). Recall the image in your mind whenever you need to remember your password.
If you prefer your passwords to be more of a sentence, try turning a meaningful sentence into a password, like this:
- WOO!TPwontSB = Woohoo! The Packers won the Super Bowl!
- PPupmoarT@O@tgs = Please pick up more Toasty O's at the grocery store.
- 1tubuupshhh…imj = I tuck button-up shirts into my jeans.
Whatever method you choose, start improving your passwords right away.
STEP 3: BUILD A HUMAN FIREWALL
You can put in place the best technologies in place, but training your people will have an even larger impact on your success. In fact, research has found employee training decreases the total cost of a breach by $270,000.
Trying to build your own training program in-house is time consuming and expensive. We strongly recommend you use a professional training program. A good training tool should have updated content and include a scoring/reporting system. The data you collect from the training tool will help guide future training goals and identify the problem areas you need to focus on.
In the meantime, make sure your employees are doing these 4 things: The 4 Most Important Security Tips for Remote Workers
STEP 4: MOVE TO NEXT GENERATION ENDPOINT PROTECTION
It’s no longer acceptable to just have anti-virus and nothing else. Modern organizations need a solution that delivers:
- Real-time endpoint protection: prevents known and unknown threats in real time
- Detection and response: devices detect attacks and respond by stopping processes, quarantining themselves from the rest of the network and even rolling back to an earlier, clean backup
- IoT discovery and control: discovers new IoT devices on your network and finds rogue devices
- Native cloud security: deployed and managed in the cloud and covering your entire network
STEP 5: IMPLEMENT NEXT GENERATION PHYSICAL SECURITY
Have you thought about the physical security risks to your organization?
- Tailgating – closely following an employee through a secured door
- Document theft
- Unaccounted visitors
- Stolen identification
- Social engineering – posing as a legitimate vendor or visitor to get past the receptionist
To bring our clients the best in physical security we’ve formed a new partnership with video security company Verkada. They provide a unique, cloud-based system that replaces all the bulky, expensive, hard-to-maintain systems for cameras.
With Verkada, each camera stores 120 days of video footage and uploads the data directly to the cloud. No extra switches or hardware needed to connect your cameras into your network. Its user-friendly management platform lets you securely access camera footage on any device. The best part? Door security is done via facial recognition, not a fob. So a tailgater won’t be able to access any secured areas.
If you’re looking to enhance your physical security, a state-of-the-art video system is an essential component.
Knowing the state of security and the challenges facing our businesses today, we encourage you to start implementing the appropriate security tools and practices. We’re here to help with guidance and solutions.
