We are well into spooky season, and if you like thrills and chills, you're in the right place! If that's not your thing, hang in there because the thrills we're talking about aren't jump scares or paranormal events. We’re offering helpful tricks to prevent potential attacks – cyber security attacks, that is.
As a small business, you have a high chance of experiencing a cyber-attack. According to a 2017 article in USA Today, almost two-thirds of cyber-attacks were directed at small business. Commercient, a leading technology developer, claims that number has only continued to rise.
According to Commercient, 64% of data breaches are caused by human error. Software can help deter attacks, but users are out of our control. However, there are things you can do to keep your personal and professional information safe.
Protect Your Passwords
Your password is your first defense against those cybersecurity poltergeists. Create a strong password using the full amount of characters the site allows. Sprinkle in some random symbols, capital letters and numbers, but don’t make obvious spelling substitutions. For example, P@ssw0rd has character changes, but is too easy for a computer to guess. Instead, consider using a password that is a full sentence, but contains some spelling errors and symbols. This type of long, complicated password would be especially difficult to guess.
In addition to a strong password, keep your passwords locked up. Never use the same password for more than one website or account. Never write your passwords down anywhere a stranger or someone else could find them. If you don’t have a mind palace (BBC show Sherlock, anyone?) and can’t remember your passwords, consider using a reputable password manager like Last Pass. These helpful programs will archive your passwords for you and often include an auto-fill feature so you don’t have to manually type in passwords when using your devices.
The top way to avoid cyberattacks is to watch out for email scams. If you can train your staff and yourself to spot these scams, you are well on your way out of the cyber-woods. Hackers often use emails that look and feel legitimate but lead you right into a trap. Phishers might replicate company emails and include color schemes, templates, logos and even real names of people that work in the company. They might also use fear to prompt you to act quickly, stating that you will lose access to your account if you do not enter your information. Most of these scams will be after your passwords, pin numbers, Social Security Numbers or your bank account information.
To avoid a scam like this, never click on the link provided in a suspicious email. Even though it could appear to be safe, the link could lead you to a malicious site. Always type in the URL for the website the email appears to be from. If the email prompts you to enter information in order to avoid losing access to your account, call the company to verify this is true. And never send sensitive information via email or enter it on a website. If you believe you have fallen victim to a phishing scam, be sure to keep a close eye on all your accounts for suspicious activity.
In addition, consider discussing with your staff the dos and don’ts of using company computers, as well as which applications should or should not be downloaded to a company computer. Paired with identifying phishing scams, these trainings could save your business from an attack.
Set Up Two-Step Verification
Throw those killer hackers off the scent. If the website offers two-step verification, consider opting into it. If you, or someone else, are trying to sign into your account from an unfamiliar device, your account will prompt you to enter a key code that will be sent to you via email, text, voicemail or through the site’s mobile app. This two-step process creates an extra layer of security that makes it harder for hackers to get into your accounts. Even if they happen to get their hands on your password, they would still need access to your mobile phone or email to get into your account.
Use Software Tools
Hit that update button! Updating your software and operating systems keeps you safe from known security holes. Also make sure your data is stored safely – consider using a safe and secure system that uses the cloud. Lastly, make sure firewalls are activated for all computers in your business. Without a firewall, a hacker may be able to access your network and critical information.
We hope we didn’t spook you too much with the possibility of a cyber-attack, but you are now armed with plenty of tools to recognize and prevent an ambush. Heed these warnings and you’ll be ready to leave the spooky season of cybersecurity attacks behind!