The last working days before winter holidays are the perfect time to finish all urgent tasks, take stock of achievements, and plan for the next year. During this period, it is also very important to pay additional attention to cyber security, not to miss important steps that would protect your company from attacks increasingly targeting small and medium businesses and allow you to start the next year without a headache. Use these few simple and effective cybersecurity measures to greatly minimize risks of being hacked.
Backup important data
An unexpected loss of important files can be caused either by trivial reasons such as a hard drive break down and by a cyberattack. For example, ransomware, a malicious software, encrypts an entire operating system or individual files and a ransom demand a for the decryption. What makes it even worse is even if a company pays a ransom, there are no guarantees that criminals will restore sensitive documents. Regular offline backups will allow you to get access to crucial data in case of emergency. You also can use a security solution with a function that enables automatic backup copy creation.
Update your devices and software
Legacy software is a gap in security and provides attackers with a great opportunity to get into the corporate infrastructure. Before long holidays, don’t forget to check and install fresh patches on all key applications. This process can be simplified by security solutions with a built-in patch management system.
Renew your passwords
Brute force, a method which involves guessing a password by trying all possible combinations of characters, is still among the most common methods attackers use to penetrate an organization’s network. The likelihood this mode of attack will succeed increases when the password they guess is weak and has already been leaked. The first recommendation to mitigate the likelihood that your data will be stolen is to implement a strong password policy, requiring a standard user account password to have at least eight letters, a number, uppercase and lowercase letters, and a special character.
Check access to corporate data and systems
The end of the year is ideal for getting up your access policy in order. A recent survey tells that only half of business leaders are confident that their former employees don’t still have an access to corporate accounts or data. Since this negligence can lead to serious data breaches, it’s better to deal with this issue before it’s too late. At first, make a list of employees who left the company this year and check if access has been revoked. Also, diminish the number of people with access to important corporate data and reduce the amount of data available to all employees. Breaches are more likely to occur in organizations where too many employees work with confidential valuable information that can be of interest to third-parties.
Remember holiday scams
Adversaries don’t hesitate to take advantage of holiday season massively sending special New Year offers, subscription renewals and gift cards to steal your personal information or money. The pre-holiday bustle is a huge distraction so you or your employees may easily miss a trick, walking into a trap without realizing the potential dangers. Remember and remind your colleagues about the basic signs of phishing emails. Among them are a dramatic subject line, mistakes and typos, inconsistent sender addresses and suspicious links. Also, always check the format of any attachments before opening them and the accuracy of a link before clicking. This can be achieved by hovering your mouse over these elements – make sure the address looks authentic and the attached files are not in an executable format.