5 things you can do today to secure your business
Sunday 02 Dec 2018 05 am
Did you know:
- Not only are small businesses being hit by hackers, the attacks are costing them a lot of hard-earned cash.
- In 2018 advanced malware protection and prevention is the #1 budget priority.
- 92.4% of malware is delivered via email.
- 60% of small businesses say attacks are becoming more severe and more sophisticated.
- The average cost of a malware attack on a company is $2.4 million.
- The average cost in time of a malware attack is 50 days.
- The most expensive component of a cyber attack is information loss, which represents 43 percent of costs.
- 41 percent of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected.
Here are a few simple measures you can take to help increase your security:
- Enable Multi factor authentication (MFA or 2FA) on your company email services.
Email is the number one source of company breach, and once an email is hacked it is exponentially easier to hack and gain control of other services that are linked to email services. For example: resetting a facebook password - where does that password reset email go?
- Make sure your website and intranet are using HTTPS with TLS1.2 encryption.
Look out for the secure padlock next to the url. If it is not secure, engage a specialist to audit and recommend corrective code.
- Understand PCI DSS compliance.
Don’t write down or store credit card information without seeking specialist advice on PCI DSS compliance. The risks are not worth it.
- Identify and classify your data.
Too many companies dump all their data on one insecure file sharing facility, server, NAS, dropbox etc. Identify Personal identifiable information, Health/Medical information, Payment card industry (PCI) information and make sure it is stored and secured separately in accordance with relevant acts and/or industry requirements.
- Train your staff to be data security aware in the same way they are aware of work place health and safety.
Induct them, and regularly train them with multiple levels of exposure from training sessions, posters, screen savers, meeting agenda items etc. In today's climate cyber security training is equally as vital as any other company training and can save your business thousands in the long run.
Do you (or your business) need help with any of these security steps or with staff Cyber Security training? We are here to help. Please contact us to discuss your needs.