As a small business owner or manager, you are expected by your employees and customers to keep the information shared with you secure. If a breach were to happen, you would likely be the person that they turn to for answers and solutions. It is therefore a good idea to take steps to protect personal information before problems arise.
As October is Cyber Security month in the US, it’s the perfect time to take a look into ways you can make your business and systems more secure. One of the best places to start is to look at how your company stores and protects personal information. Here are five tips that can help you protect personal information in your company.
1. Change your passwords One of the weakest links, in terms of security, is not the programs, networks, or systems, it’s actually the passwords used to access these. You should ensure that your passwords are strong – at the very least use a mixture of capital and lowercase letters, numbers and special characters like ! or @. This makes passwords harder to crack.
It is a good idea to change your passwords on a regular basis. You should change them at least once a year, but far preferable is to change these every 90 days. This will minimize the chances of your password being hacked and likely increase overall security.
2. One password shouldn’t rule them all The number of password protected systems and sites that we use on a daily basis is increasing and it can be tempting to have one or two passwords for all of these systems. This is not a good idea though because if one password is compromised, a hacker could gain access to all of your systems and the personal information stored on them.
The best solution is to have a unique password for each system and one that is as different as possible. Using a password manager like Dashline or LastPass might be worth looking into but just be sure to use a separate password to access to this system as well!
3. Don’t keep everything While passwords are a common way hackers can access systems, another popular way they get in is through malicious links in email, social media posts or online advertising. These links can be viruses and trojans that install backdoors to systems, allowing hackers access to files and potentially sensitive information.
In order to maximize security, you should look at every link and ensure it is legitimate before you click on it. The best way to do this is to look at the sender’s email address and ensure there are no spelling mistakes or weird characters. Look for any strange spelling, and if possible check there is https:// at the beginning of all links. This indicates that the page is legitimate. If a link seems even remotely suspicious, simply delete it.
4. Don’t react immediately Communications, especially in online ads and emails, often urge you to click immediately. Pause for a moment, inspect the email or links and try to verify them. As a rule of thumb, if it sounds too good to be true, it is. Therefore, think first and don’t click the link.
5. Develop policies In order to secure your systems and protect information stored within, you should develop a policy for all staff to follow. Be sure to look at how you plan to protect information, where it is stored and how it is stored, as well as who has access to it, how can it be accessed, and what happens when the policy is breached. How do mobile devices/devices brought in by employees fit into the plan?
Once you have developed a policy, communicating it to your employees and ensuring that they are all on the same page in following it is essential. We know it can be challenging to develop an effective policy, so why not contact us? We may be able to help not only secure your private information but also develop a sound policy that is workable.