5 Cybersecurity Best Practices for Small Businesses

As a small business owner, it can be tempting to think that hackers won’t be targeting your business anytime soon.

Surely, they’ll be too busy hacking the big corporations like Google or Equifax.

However, you’d be surprised to learn that according to the 2023 Verizon Data Breaches Investigations Report, 71% of breaches targeted small businesses.

Compare that to their 2019 DBIR Summary that stated only 43% of all breaches in 2019 targeted small businesses.

Data like this shows that hackers spare no one when it comes down to who they choose to attack. And small businesses are their major target today.

This means that even owners of the smallest businesses should be concerned about cybersecurity best practices — as even a single breach can make them collapse.

But don’t give up all hope! The fact that your small business is likely to suffer from a cyberattack doesn’t mean you are defenseless.

There are many measures you can take to keep your business safe from hackers—or at least minimize the likelihood of a security breach occurring.

Cybersecurity Best Practices

That’s why I’ve built a list of 5 Cybersecurity Best Practices that you can apply to your business.

With these, you can rest at ease knowing that your business is a bit more secure from hackers than it was before.

Without further ado, let’s get right into it.

1. Train Employees on Cybersecurity 101

Admittedly, “cybersecurity 101” may sound like a silly name, but you can’t run without first learning how to walk.

Unfortunately, 80% of data breaches are caused by human error, down from the 90% reported in 2019.

That means that you should take the time to train your employees.

Identity security is the cornerstone of cybersecurity. Many attacks stem from stolen credentials or compromised employee identities.

There are things they should and shouldn’t do when dealing with anything that has access to the internet — or any electronic device that is used on company grounds for that matter.

Here are a few rules your employees should always follow when it comes to cybersecurity best practices in your business:

  • Never store passwords as plain text.

Passwords stored in plaintext are unencrypted. So if a hacker gains access into your company’s server or computers, they’ll have no problem using them.

Encrypt your passwords with an encryption method such as SHA-2, which became the new standard for encryption in 2017. 

If you do, they won’t be able to utilize the passwords they obtain, keeping your information safe.

  • Never click unfamiliar links or email attachments from people you don’t know.

Although your company may have a spam filter installed in its email server, opening any attachments without verifying the sender first is just asking for trouble.

  • Passwordless authentication is stronger than using passwords

Passwordless authentication is a strong method of keeping your on-premises assets safe from attacks. Passwords are easily compromised.

If employees use passwords at all, they must use strong passwords to make it less likely for data to get stolen (as the password is more difficult to crack).

Never use the same password for more than one account. That way, if hackers gain access to one of the employee’s accounts, their access is limited as all of the passwords are different.

  • Connect only work-issued devices to the company’s network.

Although it is a bit of an extreme measure, you can restrict the devices allowed in your network to those that are company-issued only.

This will reduce the chances of an employee connecting a personal device that is potentially infected with malware which could then infiltrate your network.

Note: these are not the only guidelines your employees should follow when it comes to cybersecurity in your company. But is is a starting point to help avoid some major loopholes hackers may attack.

2. Make Sure to Periodically Back Up Your Data

Everyone should back up their data periodically, regardless of whether they’re a business owner or not.

However, as a business owner, you must have backups in place. Ensure that in case of an environmental disaster, breach, or other potential threats, your data stays unharmed.

Lost data can cost thousands, if not millions of dollars.

Schedule regular automatic backups. They are the best way to ensure that your data is always backed up.

Use weekly backups at a minimum. Larger companies run monthly, weekly and daily backups so they can be certain to restore all data.

Multiple servers should be used for making backups. This will ensure that your data is available if one server fails. (Of course, make sure to protect those servers with strong passwords, too.)

Backup servers should be in different locations. This can maximize the chance of your data being unharmed should there be an environmental disaster or site-wide breach.

3. Install a Firewall on Your Networks

When it comes to protecting your network, business owners should spare no expense.

Your network perimeter is one of your strongest defenses against hackers.

A firewall is a security measure which serves to protect a network from potential intruders, having a similar protocol to that of a bodyguard.

It has pre-programmed measures that prevent unauthorized entry to the network and can even be set up to block certain actions from being performed (e.g. wiping a server of all of its data or transmitting a file that may be malicious).

This allows you to keep your network secure with authorized users only.

And prohibits a hacker (or an employee with malicious intentions) from harming your network if they do manage to bypass the authentication factor.

4. Implement Anti-Virus Systems on Your Devices

Let’s face it—although some people see anti-virus systems as “a thing of the past” due to operating systems improving security-wise, the need for strong anti-virus software continues to exist.

Zero-day exploits and malware attacks become more and more rampant year after year, especially for small business owners.

An anti-virus system will remove any existing malware within your businesses’ devices as well as constantly check for new threats as frequently as daily.

This will ensure that your business is free of any threats when it comes to the devices within it.

Their malware database (which is often updated daily) provides reliable protection for even the newest of threats.

5. Secure & Encrypt Your Websites With HTTPS

If you haven’t switched your website from HTTP to HTTPs, it’s time to do so.

Using HTTP instead of HTTPs can harm your SEO ranking. It causes browsers to display warnings on your site (that scare away your visitors!).

But there’s so much more to it than that. A site that is not HTTPs is unencrypted and susceptible to MITM (man-in-the-middle) attacks.

MITM attacks let an intruder listen to the digital communication between a website and a visitor.

This means that any information that is entered on the site is at risk of being stolen, whether it’s their address, credit card number, or SSN.

This is why any sites that accept payment must adhere to PCI-DSS compliance, a set of requirements set by law to protect consumer data.

The FTC and other regulators can impose heavy fines on sites that are not on HTTPs in the event of a breach, as customer data is not being properly encrypted.

Implement These Cybersecurity Best Practices!

These are by no means the only measures you should take when it comes to cybersecurity in your business.

But implementing these 5 cybersecurity best practices should provide you with a good starting point.

You can hopefully expand on these basics, making your company’s cybersecurity stronger every month!

Backup and Storage Through the Ages

Backup and Storage Through the Ages

The History and Future of Passwords Infographic

History and Future of Passwords Infographic

Originally published 9/19/19; updated 5/1/20 to add infographic and improve readability; updated 6/19/20 to add second infographic; statistics, links, and content updated 4/7/24.

6 Cyber Security Measures Your Business Needs for Protection

We’re all aware that cyber security refers to protecting and strengthening your computers and internet-based systems.

This is essential to protect them from unintended or unauthorized access, modifications, robbery, and obliteration.

Cyber Security Measures are essential to every small business because they are now the #1 target of hackers and scammers.

A lot of modern small businesses use web-based technology and tools to carry out their day-to-day functions.

The internet and the cloud have become integral to the smooth functioning of small businesses.

Technology for Cyber Security

It is not necessary to implement all cyber security measures manually. Technology helps with:

    • Conducting long-distance conferences
    • Advertising
    • Buying and selling
    • Researching
    • Identifying new markets
    • Communicating with customers and suppliers
    • And even conducting banking transactions.

You can bring attacks in the physical realm under control with the help of technological aids and state-of-art security cameras.

But the virtual world is a different ball game. The internet might be a boon, but it also has its fair share of weaknesses.

Along with its benefits, there are many risks, which are only growing by the day. Small businesses often fall prey to cyber attacks due to loopholes in their cyber security measures.

Cyber Security Measures to Implement

Below are a few cyber security tactics that all small businesses should have in place to protect themselves from virtual perils.

1. Purchase Cyber Insurance

Cyber insurance guarantees safety even when breached. There are safety measures in place that ensure maximum protection.

However, having a back up plan and a 3rd party organization trace back attacks can lead to reduced recovery costs.

2. Install Reliable Antivirus Software

A good, reliable antivirus program is a basic must-have of any cyber security system. Apart from that, anti-malware is also an essential.

These programs work as the final frontier for defending against unwanted attacks should anyone get through your security network.

Antivirus and anti-malware detect and remove viruses and malware, adware, and spyware.

They scan through and filter out potentially harmful downloads and emails.

3. Protect with a Firewall and Install Encryption Software

A firewall is necessary, as it helps you protect your inbound and outbound network traffic.

Firewalls can stop hackers from attacking your network by blocking certain websites.

You can also program firewalls to restrict anyone from sending out proprietary data and confidential emails from your company’s network.

If you deal with data pertaining to credit cards, bank accounts, and social security numbers on a daily basis, it makes sense to have an encryption program in place.

Encryption keeps data safe by altering information on the computer into unreadable codes.

That way, even if someone does steal your data, it will be useless to the hacker because he won’t have the keys to decrypt the data and decipher the information.

4. Limit Access to Critical Data and Do Regular Back-Technology for Cyber SecurityUps

Keep the number of people with access to critical data to a minimum. For example, limit them to the company’s CEO, CIO, and a handful of trusted staff.

Access controls can be various; from privileged accounts to encrypted access keys and verified users using safety certificates.

All of these can help secure access points from a variety of environments, i.e. cloud, personal device, and hybrid.

Formulate a clear plan that mentions which individual has access to which sensitive information in order to have increased accountability.

Every week, back up your data to an external hard drive or the cloud yourself. Or schedule automated backups to ensure that your information is stored safely.

That way, even if your systems are compromised, you still have your information safe with you.

5. Ignore Suspicious Emails

Make it a habit never to open or reply to suspicious-looking emails, even if they appear to be from a sender you know.

If you do open the email, do not click on suspicious links or download attachments.

Doing so might make you a victim of online financial and identity theft, including “phishing” scams.

Phishing emails appear to come from trustworthy senders, such as a bank or someone with whom you might have done business.

Through the email, the hacker attempts to acquire your private and financial data, such as bank account details and credit card numbers.

6. Communicate Cyber Security Policies to Employees

Having a written cyber security policy listing the the dos and don’ts of using office systems and the internet is helpful, but not enough.

You have to ensure you communicate the policy’s details to your employees and that they understand them.

Your employees need to be able to put your policy into practice. That is the only way of making such policies effective.

And make sure you amend your policy regularly according to the relevance of its content.

Get Your Cyber Security Measures in Place Now!

Having your business disrupted because of attempts to steal confidential data and money is a very real threat.

Although a business can never be completely safe from such dangers, there are several security practices, processes, and systems that can help you bust security threats.

Keep your eyes and ears open to suspicious behavior on the part of your employees and outsiders.

Use surveillance systems to identify those with vested interests in your company.

Aside from those strategies, the above tips should come in handy for amping up your cyber security measures.

For more specifics on how to keep your business safe, read 5 Cybersecurity Best Practices for Small Businesses.

Home Title Fraud Prevention – Home Title Lock Infographic

Home Title Fraud Prevention Home Title Lock

And don’t forget your home, too!

Originally published 2/20/17; updated 4/21/21 to format more mobile-friendly and add the infographic; updated 4/6/24 to improve readability and add new information. 

Minimizing Your Vulnerability to Online Security Risks

Got a problem? The internet probably has a solution for it. People today refer to the internet for most of their needs.

This increased reliance on the internet leaves them prone to online security risks including attacks by hackers and other criminals on the web.

Millions of people around the world fall prey to security threats while browsing the internet, but you don’t have to be another statistic.

There are plenty of proven ways to stay one step ahead of hackers when browsing online. Here are some tips:19

Choose Your Browsers Wisely

There are dozens of web browsers all competing for your attention. You are at liberty to choose any of them, but security should be at the top of your list of factors to consider.

Different web browsers have different security protocols implemented to keep users safe from emerging online threats such as phishing and tracking.

They perform and rank differently in this category.

The most reliable and secure web browsers are Google’s Chrome, Microsoft’s Internet Explorer, and Mozilla Firefox.

They are not only more secure than most other browsers but also more convenient and advanced.

Also, be sure to update your browsers whenever there is a new release to stay one step ahead of hackers.

Beware of Phishing

Phishing is another common technique that hackers use to steal your vital data. It mainly involves the use of bogus emails and websites masquerading as real ones.

They will try to trick you into keying in your credentials and record them when you do so. They can then use this information to get into your private online platforms.

For instance, phishing is a common way to get access to passwords to social media sites and even banking portals such as PayPal.

There are numerous phishing techniques that hackers use, so it is important to always be on the lookout.

At the very least, always double-check any prompt on your email or browser to ensure that the sender is indeed legitimate. Learn more about phishing email.

Check the Validity and Credibility of Websites you Visit

The most basic thing you can do to ensure your safety when browsing online is to check the credibility of the sites you visit.

This can easily be done by inspecting their web addresses.

Secure websites usually feature the prefix HTTPS, which stands for hypertext transfer protocol secure.

This may also be accompanied by a green lock. It ensures that all data transmitted via the website is encrypted and not useful to any would-be eavesdroppers.

Avoid websites that simply start with HTTP and WWW if you intend on transferring sensitive data over the website.

Use Verifiable Credentials

Verifiable credentials in cybersecurity are used to permit access without encryption keys. Instead, a certificate is used that signals a safe log in.

Use a Password Manager

Your log-in credentials such as usernames and passwords are keys to any private accounts you may have online.

They should always be kept safe and private. However, it is often the case that you have too many passwords and other credentials to remember.

Most people solve this by giving their web browsers permission to remember their usernames and passwords.

This is convenient but risky as this exposes your sensitive credentials to hackers.

If you absolutely have to store your password on your computer, then do so on a password manager.

This is a secure program that is designed to store sensitive data and keep it beyond the grasp of hackers.

Most password managers are free and easy to use – you just need to remember the manager’s password to get access to all the other log-in credentials you use.

Have Admins and Executives Use Privileged Identity Management

Privileged identity management is an identity and access management solution that focuses on administrators and high-level decision makes who control many business aspects and IT functions.

Such users are privileged and therefore need to be additionally secure.

Use a VPN When Using Public Networks

Public Wi-Fi is convenient and free but hardly ever secure. Hackers can easily eavesdrop on your data transmissions using simple tools as most public networks are often unprotected.

To this end, it is recommendable to always use a VPN when using public Wi-Fi. VPN stands for virtual private network.

This means that your particular connection to the internet is private at all times, even if you are using public Wi-Fi.

The VPN encrypts all the data coming and going to/from your computer.

This then ensures that eavesdroppers get nothing but gibberish if they attempt to hack you.

VPN also has many more security features including preventing tracking by masking your IP address. Features, however, vary from one service provider to another.

Keep Trackers Off Your Scent

Your online footprint is valuable data and multiple parties are always keeping track of all your online activities.

Tracking is common, but that doesn’t mean that you should tolerate it. There are several ways to keep trackers off your back when browsing online.

Start with the basic: enable the ‘Do Not Track’ feature on your browser and turn off cookies.

This should keep most trackers off your back. However, some websites may refuse you access if you choose to turn cookies off.

Luckily, there are many ways to browse privately.

Another way to keep trackers off is by browsing in incognito mode – this will ensure all your data is deleted once your session ends.

A VPN is also effective here as it hides your identity, essentially making all your browsing private.

It is also recommended to create separate users’ profiles on your browsers dedicated solely for browsing social media sites.

CyberSecurity and Remote Work

Remote work is predicted to keep growing. And with it, so are the risks.

Beyond-Identity---MFA-Remote-Work2 (1)

Cybersecurity and Remote Work Infographic – Beyond-Identity—MFA-Remote-Work

What Online Security Risks Are You Taking?

Use the tips above to reduce your online security risks. You are the only person who can!

What else can you do? See these additional resources including the infographic below for more tips:

Phishcloud - Getting Out of the Phish net

Featured Image: Shutterstock / By Khakimullin Aleksandr

Originally published 1/2/19; updated 1/16/24 to improve formatting for mobile devices, add the infographics, and add additional information.

Key IT Security Considerations When Choosing Your Technology Partner

With the advancement of technology has come a new wave of security threats. IT security Software as a Service (SaaS) technology offers an extra bit of security.

As SaaS means outsourcing responsibility for hardware and software to a specialist provider, the opponent the hackers face is much more versed with technology than a normal IT department can ever be.

A company specializing in security has experts who monitor online zero day threats and continually look for breaches.

No small business is likely to have a department tasked with nothing by securing their data and network.

There are a few key IT security considerations you should make when choosing the right technology partner.

Ensure that the SaaS company you engage performs all of the checks below.

Systems Audits

Your SaaS provider should periodically perform audits and system checkpoints to ensure that the application is operating properly at all times.

To guarantee that the protocols are being completed correctly there are Service Organization Control (SOC) reports that detail the findings of the audit or program examination.

Availability of IT Security Services

You need an application that´s up and running at any time. As such, you want to check your SaaS provider commits to defined service levels.

Your contract should include:

        • Service Level Agreement (SLA): availability time of the server
        • Recovery Point Objectives (RPO): acceptable data loss amount and the point to which data must be restored
        • Recovery Time Objectives (RTO): time it takes to be available for use of clients after recovery

Any system that you consider should have these elements in place and be within appropriate parameters.

For instance, a standard RPO is 30 minutes and a standard RTO is no more than four hours.

Identity Threat Detection and Response (ITDR)

Any security related SaaS you consider hiring should be expert at identity threat detection and response (ITDR).

To detect and respond effectively to immediate threats is What Identity Threat Detection & Response (ITDR) is.

IT Vendor Consolidation

The more vendors your business uses, the more challenging it is to protect against data loss.

As part of the efforts to close down attack vectors that permit security gaps later on used by bad actors, each organization should aim toward cybersecurity vendor consolidation to ensure that solutions intersect in the safest way possible.

IT Security Components

In addition to the aforementioned considerations, application, there are a few specific security components that should be in place within the application itself.

The main components to check are as follows:

        • Strong identity authentication features
        • A firewall with an intrusion prevention system
        • Intrusion audits
        • Vulnerability assessments

Making sure that your sensitive data is secure is essential in selecting the right SaaS provider.

To aid in the process, make sure that you weigh in the considerations above. If you do, you will be sure to select a strong partner to support your business.

Additional IT Security Resources:

 

Originally published 3/16/15; updated 1/8/24 to improve formatting for mobile devices and add additional resources.

Save

How to Create a Password Convention for Memorable Passwords

Do you have so many passwords already that they could throw a convention? You may want to use a password convention.

How would you like to know about a simple way to have a different secure password for every account that you can easily “remember” whenever you need it – without looking it up? Read on.

Prefer Not to Remember Passwords? Use a Password Vault

Password vaults are a great way to store your credentials. Although, passwords are easily compromised, which is why the strength should be coupled by an authentication passcode.

What is a Strong Password?

First you need to understand what makes a good (i.e., difficult to crack) strong password. The easiest way to do that is to know what weak passwords are. Instead of explaining all the variables I’ll just offer how I create password conventions for clients.

      1. First two to four letters of the site where the password will be used
      2. A number the same length as the number of letters you selected (2-4)
      3. A special character – not all special characters are acceptable on all systems
      4. Decide what order you wish to combine them in and write down your pattern

Here are some examples of patterns you could use:

      • Three letters, special character, three numbers
      • Three numbers, special character, three letters
      • Take a word and insert numbers and special characters in specific positions

Those are the basic components of your new password system. Even the simplest version is a fairly difficult password to crack. If you’re really security conscious you can make passwords stronger by:

      • Using both upper and lower case letters
      • Using more special characters
      • Making the way you combine them more complicated
      • Making them longer – the more characters you use the longer it takes to run a password cracking system against your password

Here are some SIMPLE examples to help you understand more clearly:

      • Convention:  first three letters, special character, three numbers
      • Password for Yahoo:  yah-824
      • Password for Google: goo-824
      • Password for Microsoft: mic-824

Even though these are very simple examples they are much more difficult to crack than commonly used passwords.

I would recommend something a little more creative as someone who had one of these MIGHT be able to guess your pattern.

Feel free to make your convention more complicated so it is even more secure.

The key is to make your password convention easy enough to remember and keep it consistent enough to actually use it.

If you want really secure passwords make the convention complicated and write only the pattern down.

If you change your passwords you can change your pattern and even write down the new pattern or even some notes and even if someone finds them they won’t be able to figure out your passwords.

TIPS for Memorable Passwords

      • Use a number you know and don’t write it down
      • Use a base word broken up by inserting your numbers and special characters into it
      • Use both upper and lower case letters

Here is an example of a very complex pattern written down in your own unique code:

      • Write down a12B%3c and no one will ever guess what your passwords are

Example Password Conventions

So what does a12B%3c mean? Here is the translation:

        • You have three letters – say yah for Yahoo or goo for Google
        • You have three numbers – any three numbers you can remember
        • You have a special character – in this case the percent (%) sign
        • a is your first letter – make it lower case
        • B is your second letter – make it upper case
        • c is your third letter – make it lower case
        • Your numbers plug in where the 1, 2, and 3 are

If your number is 824, your passwords are:

      • Yahoo – y82A%4h
      • Google – g82O%4o
      • Microsoft – m82I%4c
      • US Counties – u82S%4c

While this may seem confusing at first, once you get used to it you’ll never be without a password as long as you can remember (or have with you) your pattern.

Your passwords are strong and unique but as you move from site to site while working you’ll be able to recall what one you haven’t used in a long time is because it is similar to one you use every day.

There Are No Uncrackable Passwords

WARNING: All passwords can be cracked with enough time, computer power, and motivation.

Using this convention idea is not as secure as using totally random passwords, especially if someone had access to more than one of your passwords and recognized your pattern.

How strong your password needs to be depends on what you’re securing.

Privileged Password Management

Privileged password management is an advanced type of password authentication that is used for privileged identities. For example, IT admins and CISOs.

Additional Cyber Security Resources

Originally published 9/16/2008; updated 1/7/24.

How to Increase Security at Your Company

It’s a fear every business owner has: a breach in security. Whenever you have something valuable, you risk losing it.

Whether it’s a break-in, a data hack, or employee theft, such threats cause businesses to lose time and money. Increase security or pay the price.

More than that, these breaches can hurt customers and severely damage a company’s reputation.

If you’re wondering how to best protect your business, consider re-evaluating your on-site safeguards, cyber security, and how well you’ve prepared your staff.

On-Site Security

In the digital age, when the term “security” comes up, most people focus on cyber attacks.

Cyber security is certainly relevant and important. But you shouldn’t neglect protecting the actual location of your business, along with whatever goods or information you store there.

A study that evaluated non-residential burglaries found that break-ins typically arise because of three factors.

One was that someone was motivated enough to commit the crime. But the other two factors were that the locations made good targets and were not adequately protected.

The study defined “burglary” as any type of breaking and entering, whether or not the offender stole anything.

It’s interesting that the report found that businesses tend to suffer greater losses than residences do.

This is true despite the fact that criminals break into residences more often than commercial buildings.

And while companies do report most burglaries to the authorities, the typical recovery rate for anything stolen is less than 10%.

Steps to Take to Increase Security

The Los Angeles Police Department recommends you carefully evaluate all aspects of your company’s security.

These would include the potential for someone to break into your building, as well as to commit embezzlement or fraud.

The department points out that:

“Crimes against businesses are usually crimes of opportunity. Failure to take good security precautions invites crime into a business.”

Many of the security measures you should take are simply common sense. Your building and parking lot should be well-lit.

Make sure you store any cash and sensitive information in a secure, anchored, and fireproof safe.

Your building should be easy to see into so that it’s obvious if anyone is breaking in or not.

Increase security by installing strong locks and burglar-resistant glass. You should also have a reliable security system.

Keep in mind that alarm systems are not for retail businesses alone. SimpliSafe, a prominent figure in the security solutions scene, notes that “whether you’re a boutique clothing spot, a small translation firm, a restaurant or a literary agent,” it is still important for you to protect the premises of your business.

Some companies, such as ones specializing in graphic design, own costly equipment.

Many businesses have sensitive client information on-site. You might not keep cash on hand, but your property is still valuable.

It’s also wise if, as part of your alarm system, you have a camera for capturing video footage of break-ins.

Video recordings are helpful for those monitoring your security. And the police will appreciate that footage because “they also have significantly higher probability to apprehend a suspect.”

Cyber Security

The data showing how cyber attacks are impacting small businesses is unnerving.

Small Business Trends reports that even though small businesses say they are exceedingly concerned about cyber security, only 14% believe they have strong measures in place for preventing cyber attacks.

This is a problem because small businesses receive 43% of all cyber attacks, and 60% of SMBs close down six months after they receive such an attack.

To protect your business from hackers, make sure you install antivirus software and that you keep it up to date.

Encrypt your internet connection and use a firewall. Make the connection as secure as possible by using a password and by concealing the name of your network.

Also make sure that you’re using the safest methods available to you for any of your financial transactions.

Back up your data on a regular basis and store copies of it in another location (such as the cloud).

Be particularly careful with data that employees access through mobile, especially if that means they’ll be using public Wi-Fi.

Install apps for security, and require employees to password protect and encrypt their data.

Employee Caused Breaches

2023 research shows that 80% of data breaches occur as a result of a negligent employee or contractor.

Small businesses need to implement advanced authentication to reduce the potential of a data breach.

Advanced authentication is a type of protection of access that merges passwordless and multifactor authentication.

The advanced is simply an adaptation for each user depending on how the user interacts with access portals.

Educate Your Staff

To prevent a security breach because of poor planning or carelessness, the LAPD suggests you educate your staff about cyber attacks and their consequences for your business.

Make sure that you are absolutely clear to your workers about your security policies and the repercussions for breaking them.

Get written confirmation that employees understand and will abide by your procedures.

Document Your Security Policy

Your policy should cover social media use, as well as how employees should discuss sensitive company information with clients.

Procedures for reporting crimes within your company should be clear.

Maintain accountability for sensitive information. Someone in an outside department should be able to verify its accuracy.

And it’s wise to limit any means by which someone could access sensitive data or commit theft. If an employee leaves your company, change your passwords and locks.

One of the most important steps you can take to prevent employee security breaches is to carefully vet potential hires in the first place.

Thoroughly check the information on candidates’ resumes, including references. Consider running a background check on anyone you want to hire.

Conclusion

As a business owner, you have a lot of responsibilities and a lot on your mind. Don’t let security be something that slips through the cracks.

Step back and assess where your company is as far as protecting the location of your organization, as well as your digital data.

And then do everything you can to train your staff and get them on board with your procedures.

 

Originally published 3/30/17; updated 1/3/24 to improve formatting for mobile devices, remove broken links, and add additional information.