2019 : how to prevent your company from hacking ?
92% of businesses experienced some kind of cyber-attack in 2017. When faced with this alarming statistic, it is only natural that businesses are attempting to adopt the best technologies to combat online hacking. It is besides increasingly prevalent. As we start the New Year, vigilance is still the order of the day if you are to protect yourself from these threats. Here are a few tips that can help to keep your business safe.
1.Watch your business closely!
You can never say this too many times: watch your business closely. Any device that provides access to your employees’ mailboxes is a potential source of risk to your company. We talk about laptops, mobile phones and tablets. Theft of work tools seriously endangers your business, and can exposure you to all kinds of hacking.
2.Data encryption is key!
Encryption of personal data can keep information secure, even if the hardware is stolen. If laptops or other devices for reading data are encrypted, there is as a second level of validation when accessing sensitive data. Encryption is currently both the most common and the most effective way of combating hacking.
3.Stop deleting your files and start destroying your kit instead
Sensitive data remains confidential even when a contract comes to an end or when you stop performing an activity. Datas can be stored digitally or physically and both ways are concerned. You therefore need to ensure that all paper files are permanently destroyed by shredding in the case of paperwork.
Nevertheless, merely deleting digital data represents a risk. Cause a number of software packages now make it possible to retrieve files even after they have supposedly been deleted. To prevent all fraudulent attempts at data recovery, you are advised to destroy the media (like memory cards) rather than just the content.
4.Unique log-ins with restricted permissions
By providing unique logins for each user, you can also ensure that each employee only has access for specific tasks. Thereby it prevents excessive exposure to sensitive data across your entire staff.
While unique login details have now become standard practice, limits on access permissions are much less widespread. Indeed, even when each user has a unique user ID, the risk of hacking or theft of secure data remains. By refreshing these user IDs regularly, you can use planned obsolescence. It prevents hackers from stepping into the shoes of your legitimate employees.
5.Watch out for the USB port
Curiosity can be more than just a major inconvenience: it can harm an entire company. According to Guy-Philippe Goldstein, a cyber-defense and cybersecurity consultant, most people’s natural instinct when they find a USB stick is to plug it into a computer to check what it contains. Big mistake! You’ve just opened yourself up to hackers’ preferred entry route.
6.A single password but multi-stage authentication
This is what is known as MFA (multi-factor authentication). This solution is also intended to replace 3D security for bank cards.
Indeed, many companies are finding that passwords are no longer sufficient and need to be complemented by other authentication systems that focus on three different factors:
- Knowledge (in other words, knowledge of the password)
- Possession (e.g., by validating an IP address linked to a computer);
- Inherent factors (a biometric identification system such as face or fingerprint recognition).
Many companies, including Google and Amazon, have already adopted this system.
7.Remote working: arch enemy of cybersecurity?
Even though it is very popular among employees, remote working creates a favorable environment for malicious actors and hackers. This is due to remote workers’. Outside they can connect to multiple different Wi-Fi networks. As a matter of fact, free Wi-Fi networks retain a record of your browsing history, while so-called secure networks also suffer from numerous vulnerabilities.
In other words: there is no more secure way to access your sensitive data than from a computer on your work network. If that is not available, use a VPN.
8.Spelling tests: the new anti-intrusion weapon
In summary: trust your instincts! An e-mail that doesn’t seem to fit (for example, if it has too many spelling mistakes) is an e-mail that risks exposing your business to hacking.
Similarly, it is not always possible to discover who is on the other end of an e-mail conversation in a large organization. If you have any concerns, it’s always worth checking the domain name and file extension of any e-mail address. If you’re still concerned, escalate to your management or your company’s IT department.
Your team is the most effective weapon against attempts to hack your business. Undertake regular penetration tests and ensure that your employees are aware of the best practices that can save your company’s life so that it can continue to exist – and thrive – for the long term. The aim is to ensure that you adopt a consistent, collective approach, while different iterations of this approach should be a natural instinct.
Don’t wait for your customers to feed back when an incident occurs, because once that happens, it’s already too late.
Never forget that the greatest single threat is human error. Every single person is unknowingly a source of vulnerabilities. Because we are all vulnerable to making mistakes when disclosing information. This is primarily due to the fact that employees are not sufficiently educated as to the risks that are involved. However, it is possible to develop a risk culture that addresses malicious threats including fraudulent password harvesting (known as phishing), the theft of personal data, and ransomware. In this case, training and employees engagement are both business-critical factors.