In today’s hyper connected world, cybersecurity tips should not be taken lightly. Like millions of small business owners in South Africa, you probably cannot imagine how a cyber-criminal halfway around the world could possibly cause your business to suffer a data security breach. You are probably thinking cyber-criminals are not interested in your small business because they are too busy with JSE listed corporations – right?
Wrong! Cyber-criminals now, more than ever, are focused on small businesses making it crucial to implement a cybersecurity strategy that protects assets, customers and data from these threats.
We have compiled the following eight security tips that will be invaluable in your fight to keep your data and your business, safe.
Train employees in security protocols:
- Create clear cut employee security practices and policies that include strong passwords.
- Establish appropriate Internet usage guidelines that penalise violators of company cybersecurity policies.
- Create rules of behaviour that illustrate how to handle and protect customer information and other vital data.
Implement Firewall Security: Firewalls provide a set of related programs (software and/or hardware) that prevent outsiders from accessing data on a private network.
- Ensure the operating system’s firewall is enabled or install firewall software.
- If employees work from home, make sure their home systems are protected by a firewall.
Secure Wi-Fi Networks:
- Wi-Fi networks are only as secure as the passcodes and the more people who know this, the less secure it becomes.
- Ensure your workplace Wi-Fi network is secure, encrypted and move to a Wi-Fi network that doesn’t require manual Wi-Fi passcodes.
- Implement Enterprise Authentication and Encryption – this eliminates the need for manual passcodes.
Make Backup Copies of Important Data:
- Perform regular backups of data on ALL computers. Critical data includes word documents, spreadsheets, databases, financial reports, human resource dossiers, and accounts receivable/payable records.
- Automate data backup processes – or store copies either offsite or in the cloud.
Control Employee Access to Data:
- Prevent access or use of business computers by unauthorised individuals – laptops can be lost or be easy targets for theft, so lock them up when unattended.
- Ensure a separate user account is created for each employee and apply strong passwords.
- Allow only trusted IT staff and key personnel to have administrative privileges.
- Use encryption to secure all data on laptops because this prevents access if that device is stolen.
Multi-factor Authentication is a safe bet:
- Compel employees to use unique passwords and change them every three months.
- Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry.
Protect data with clean machines:
- Keep clean machines: deploying the latest security software, web browsers, and operating systems is the best way to defend against viruses, malware, and other online threats.
- Set antivirus software to run a scan after each update.
- Install other key software updates as soon as they are available.
Create BYOD Policies: Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network.
- Oblige users to password protect their devices, encrypt their data, and install security applications to prevent criminals from stealing information while users’ devices are connected to public networks.
- Be sure to set reporting procedures for lost or stolen equipment.