To help those looking to implement some basic cybersecurity practices, we asked tech experts and business professionals for their best cybersecurity tips. From implementing 2-factor authentication to securing a wireless connection, there are several things that may be helpful to know about creating a plan to implement basic cybersecurity practices.
- Change Your Passwords
- Implement 2-Factor Authentication
- Create Strong Passwords
- Security Headers
- Create a Cyberplan
- Back-Up Company Data and Files
- Secure Wireless Connection
- Have Safeguards Against Phishing
- Turn Your Employees into Cyber Warriors
- Don’t Neglect Regular Patching and Updates
Strong passwords are often long, difficult, and include various special symbols and numbers. In other words, they are hard to hack and even harder to remember. Tools like LastPass and other password managers ensure you don't have to remember or write down your passwords in an insecure location.
Brian Greenberg, True Blue Life Insurance
Anyone can fall victim to a cyberattack or hack in today’s world, which is why it is so important to protect yourself and your company’s data. The simplest way to ensure the wrong person doesn’t get into your accounts is to implement 2-factor authentication. This way, even if your passwords are compromised, a hacker will still hit a brick wall trying to get into your system.
Fran Yardley, Threads
While constantly changing and updating passwords can be a pain, it is a cybersecurity best proactive. 63% of data breaches happened due to lost, stolen, or weak passwords. Make sure your employees are updating their passwords at least every 90 days while also using a combination of upper and lowercase letters, numbers, and symbols.
Carey Wilbur, Charter Capital
Setting HTTP security headers enable better browser security policies. There’s a variety of security headers worth setting on a website, including strict-transport-security, x-content-type-options, x-frame-options, content-security-policy, and x-xss-protection. To get started, I’d recommend using WebPageTest, checking your Security Score, and then working with a web hosting company or technical service to assist you in setting security headers for your site.
Brett Farmiloe, Technical SEO
The best thing you can do to practice sound cybersecurity is to create a plan if anything were to get hacked. This plan should involve other employees and be an ongoing training activity, not just a one-time training. The plan should include who to contact, where data backups are stored, and when to contact law enforcement. The Federal Communications Commission offers a cyberplanner to help small business owners create a plan to protect their business.
Peter Babichenko, Sahara Case
Though small businesses can be inclined to think they won’t be targeted in cyberattacks, that’s not the case. Small businesses should back up their important company data and files in case of emergency or loss. Updating software with the latest patches and security features is another way to minimize risk. Being aware of threats and documenting them helps small businesses better secure their networks and systems.
Jenna Phipps, TechnologyAdvice
With so many employees working remotely, it is important to educate your employees about the importance of using a secure wireless connection, especially when working with sensitive data. The last thing you want to do is have your employees working on public Wi-Fi and opening your clients’ data up to hackers.
Megan Chiamos, 365 Cannabis
Make sure that all employees are educated on spear phishing, to ensure that someone impersonating the small business owner cannot get employees to do anything that they shouldn’t be doing, such as sending credit card information or buying XYZ. This routinely happened to us at FanSided, but thankfully we had safeguards in place. As your business grows, you are more likely to become a target for this type of cybersecurity issue and many others.
Matt Blake, Entrepreneur, Investor, and Partner
It doesn’t matter how great your cybersecurity tools may be, the weakest part of your protection system are your employees. Take some time to make sure that they understand both the threats and the tools to protect the organization. Ultimately, you want to change them from being liabilities to becoming cyber warriors in the fight against hackers. The more you communicate with them about why things are being done, the more likely they are to either join in the battle or at least understand why things are likely more complicated.
Rick DeBruhl, Communication Consultant
One of the number one cyber risks small businesses face are vulnerabilities due to neglecting regular patching and updates. With limited IT budgets and resources, it is a considerable time commitment to keep applications and infrastructure up-to-date. It can be tedious to keep on top of these things but failing to do so leaves your business vulnerable to security risks that software vendors may have already patched up. An important security practice is approaching cybersecurity in layers for more complete risk management. Organizations need to safeguard their technology with tools like firewalls, email filtering, antivirus, and multifactor authentication.
Colton De Vos, Resolute TS