A data breach can be disastrous for any organization, especially small businesses who are unprepared for this kind of threats. According to Symantec’s Internet Security Threat Report, over 60% of targeted assaults hit SMBs. But, you can keep your company’s data secure as a business owner or employee. The first step is to understand the common causes of data breaches and how to avoid them.
You may believe that only outsiders hack into systems to create data breaches. Also, in addition to employee errors (such as lost or stolen computers on mobile devices), or downloading malicious software, can result in data loss. Protect your company’s data by educating your employees on these threats.
These tips can help you protect your workplace, keep your data safe when receiving emails, and show you how to generate policies to implement strong passwords:
1. Workplace Data Security
If you leave your desk while working on a project containing sensitive company data, take steps to protect it from visitors or others not authorized to see it. Keep in mind these easy security measures:
Lock your computer when you leave it. You can also require your user account password to unlock or wake up your computer.
- Clean up after a meeting.
- Pick up your documents immediately after printing
- Secure sensitive papers
- Keep an eye on your surroundings.
2. Be Mindful of Phishing Schemes
Phishing emails are misleading email communications that criminals and hackers can use to steal your password and access company information, acquire control of your computer and network or target your credit and identity. They frequently look to be from a reputable source, such as your credit card company or another vendor, and they frequently include links or attachments that you are asked to download. Delete suspicious emails immediately, don’t open them and don’t click on the links or open attachments.
Before you open an email or respond to any demands to download files or click on links, double-check that it has the following information:
- It’s from someone you know.
- It’s from someone who has already sent you an email.
- Is this anything you expected?
- It doesn’t appear to have any uncommon spelling or characters.
3. Longer is better when it comes to passwords
Using strong passwords and changing them on a regular basis makes it more difficult for thieves to gain access to data. Never give out your password to anyone else. Choose something obscure to make it difficult to guess, yet rememberable so you don’t have to write it down. Keep it in a locked cabinet or drawer if you do write it down.
The following are some of the best techniques for creating strong passwords:
- Passwords should not include any or all of your name or identification number
- The length of a password should be at least seven characters
- Passwords should contain characters from at least two of the following four categories: upper case letters, lower case letters, numbers, and symbols (e.g., &, %, $, #).
4. When traveling, be cautious
Portable electronics, such as computers, tablets, and smartphones, are more likely to be misplaced and stolen. When entering into protected systems in public places, be in mind that others may be able to see your login and password.
- Always keep your phone with you at the airport, on public transportation, or in any public place, and never check it with your luggage.
- Place your laptop in the trunk of your car when traveling by car. When you arrive at your final destination, take it with you.
- Mobile devices should never be used to store passwords or backups.
- Keep your company laptop, mobile device, and portable storage devices, such as flash drives, secure when you’re gone from the office, either locked up or in your personal possession.
5. Recognize the signs of social engineering
Social engineers get what they need by piecing together pieces of information from a variety of sources, including your social profiles and other information about your company, much like a puzzle. Always verify before sharing any kind of information, as people may not be who they claim to be.
If a stranger pretends to be a coworker, you have the following options:
- The person’s work phone number might be a better option.
- Request that he or she phone you back using a code word or number you’ve sent to his or her company email account.
To help keep your company’s data safe, share these guidelines with others in your organization.
We provide FREE IT Cybersecurity Assessment and Network Security Analysis for your business and we also provide training for your employees to help keep your company’s data safe.
Call us at 855-448-2178 for FREE Consultation or email us at info@it21st.com.
