We dare you to confirm your company is secure in the 7 most vulnerable areas hackers seek to breech. Don’t miss this opportunity to quickly confirm your organization has taken the most important steps to security your sensitive data and CASH.
You have to really “lock things down” with proper technology and policies, or it is not a question of “if” your systems will get hacked, but “when.”
Here is a list of 7 aspects of cyber security your company must have in place today to avoid common cyber-attacks. Scan the list and quickly assess how secure your systems and data are:
7 Aspects of Cyber Security
1. Get a network assessment
Do not ASSUME your networks, computers, and mobile devices are secure. Confirm it.
Would you assume your accounting is correct? NO. You reconcile accounts monthly and have third party audits.
Would you assume the products you manufacture or services you offer meet or exceed customer expectations and work properly? NO. You test them internally, in focus groups, and track customer feedback.
Would you assume your sales pipeline is strong? NO. You monitor it, measure it, talk with prospects to confirm they have real needs, and more.
We could go on, but therefore why assume your networks, computers, and mobile devices are secure?
For the remainder of 2016 you can receive full network security assessments at no charge from WCA Technologies. WCA Technologies, a reputable, 28-year-old Manhattan team of computer experts providing IT security and managed services. We have protected New York City businesses and nonprofits from cyber hackers for decades.
Do not assume. Confirm.
2. Establish a security plan to protect sensitive information
This is best done by a third party experienced in cybersecurity best practices, such as WCA. A thorough plan includes technology, employee education, physical access policies to computers and networks, and mobile device security precautions.
According to the FCC, “Theft of digital information has become the most commonly reported fraud, surpassing physical theft. Every business that uses the Internet is responsible for creating a culture of security that will enhance business and consumer confidence.”
The FCC offers the Small Biz Cyber Planner 2.0, which is an overview of how small businesses can create customized cybersecurity plans. However, cybersecurity firms such as WCA help you develop, implement, and maintain plans that are more comprehensive.
Your company needs a clear plan with established policies, a process to measure the reality of just how secure your assets are, testing procedures (“fire drills”) to confirm your plans work in the event of a cyberattack, and accountability for your people to work within the boundaries of your secure technology environment.
3. Educate employees
You must have great technology to protect your network and digital assets, but beyond that your greatest liability are your employees. Monthly or quarterly educate your people on how to avoid cyber-risk. Educate them. Train them. Test them. Celebrate safe cyber-months!
4. Only wire in-person
Confirm with your bank(s) that wires may only be sent by specific employees delivering written wire requests to a bank branch. No wires electronically or by email.
Just last week, people who work for Verne Harnish, a well-known management consultant, were fooled into wiring away $400,000 to foreign bank accounts. Never to be seen again.
The only foolproof way to avoid fraudulent wires initiated by cyber-thieves is in-person delivery.
5. Get REAL about passwords
Three key considerations here:
First, define a safe automated way for your people to manage their passwords. There are a number of encrypted password managers available. Check with your trusted I.T. advisor and implement a solution so an employee’s handwritten password list, or one in a note on their mobile device, is not seen by a thief.
Second, require your people to change their passwords every 90 days.
Third, implement multifactor authentication that requires additional information beyond a password to gain entry. This is relatively easy for your trusted I.T. advisor to setup for you, if it is not already part of your monthly managed services. The extra check can save you from a devastating breech of security.
6. Test your backup
Too many backup systems do not work well, or at all. When is the last time you tried to restore data from your backup? There are different types of cloud backup, which we recommend, but there are different benefits based on the technology you choose.
Make backup automatic. Test data restores regularly.
Do NOT have your back up automatically corrupt all your backed-up data should a phishing scheme infect a computer. A little help from a cybersecurity expert like WCA will help you implement a solution that helps, not hurts.
7. Improve your approach with payments
There are new tools and automated processes to improve the security and anti-fraud technology surrounding your payment systems. Cyber thieves are getting smarter and more aggressive daily, and you need to stay a step ahead of them.
Check with your bank(s) and payment processors to confirm your transactions are fully secure. If you have not already done so, isolate your payment systems from other, less secure programs. If you have a lot of transactions daily then limit one computer to payment processing only – no internet surfing or other apps.
For in-person transactions, move to more secure chip card technology, also known as “EMV”. October 1st is the deadline set by major U.S. credit card issuers to be in compliance. SBA.gov/EMV has additional information and resources.
At WCA, we help corporations, nonprofit organizations, and government entities implement and maintain cyber security defenses every day.
Contact us to learn something new about cyber security.
For the remainder of 2016 we are providing full network security assessments at no charge. WCA Technologies is a reputable, 28-year-old Manhattan team of computer experts providing IT security and managed services. We have protected New York City businesses and nonprofits from cyber hackers for decades.
Do not assume. Confirm.
Tighten security. Train your staff. Improve your security policies. Know your digital assets are secure BEFORE you have to explain a security breach to your boss, board of directors, and/or shareholders.