They say hindsight is 20/20. If you are not familiar with the saying, it generally means it's easier to comprehend something once it has already happened. the saying is typically said in response to a criticism that the person should have known better or done something differently.
Well, as the year is now 2020 — so in a manner of speaking, 2020 is not yet hindsight. With all the cyper security threats out there in this new year and with your business on the line, let's not have disaster befall your network and data and have you or someone else saying "Hindsight is 20/20."
Here are 7 tips to make your business more network secure before hindsight is 20/20.
Shred your confidential documents
It’s the 2020, the future, and society has not yet gone paperless, and doubtless, nor has your business. It may have gone "less paper," but certainly not paperless. So as you continue to create and keep records on paper and especially as you retire them, it’s as important today as ever to keep documents bearing sensitive information secure. When it comes time to get rid of those records, don’t just throw them away, but destroy them.
Use a shredder or have your local mobile shredding services provider come and shred your those documents. That way you know no-one outside of your office is ever going to be able to read your documents, whether HR, medical, client, tax or other records, and use that information to hurt you, your business and those you work with.
Destroy your retired documents and gain peace of mind.
Educate your network users
As it was once written “My people perish for lack of knowledge,” businesses die for lack of knowledge.
If your network users do not know how to identify social engineering schemes, your business is at risk. If they’re workstations are online, every day they are likely receiving emails with messaging enticing them to click a link or to download an attachment. Behind that dangling hook is a maliciously written software program, designed to lock up and hold all of your data for ransom. Sometimes if you pay the ransom, you can access your files again, and sometimes you can’t. In either case, the results are costly and in many cases, lethal to businesses.
According to one CNET article, ransomware shuts down one of every five business it strikes. And if you think your business is too small to be a target, think again. The same article said as many as one-third of small to medium-sized businesses were hit by ransomware in 2016, mostly due to network users falling for phishing schemes.
The lesson here is to protect your business’s network security by educating your users on how to spot potentially dangerous emails, links and attachments and to refrain from interacting with them.
If you don’t know how to spot such phishing schemes, read this for help: How to spot a phishing email .
Raise awareness of potential threats
While educating your users does increase their awareness of threats arriving to their inboxes everyday, it's also good to have systems in place that monitor your network for any kind of security alerts. That way, if something does make a breach, you or your IT specialists are aware of the issue right way so they can identify the source and to begin damage control if possible, as soon as possible.
If you install a software agent on your network like we use with our clients, the agent will watch for any security issue and will send alerts if an issue arises. This helps you bew aware of the problem and fix before it becomes a bigger problem, and prevents further like it in the future.
Use passwords and use them properly
Passwords are a classic example of a love/hate relationship. You love that they keep your devices secure, but you hate having to make them, remember them or use them. They are a hassle, for sure!
Thanks to technology, nowadays we have biometric scanners (fingerprints scanners, facial recognition, etc.) on some of our devices, making passwords less prevalent in use — but even these devices almost always require a password or PIN before you can use your biometrics.
So, sadly, it’s 2020 and, yes, passwords are still absolutely necessary. So if you are going to use them, use them right.
If not using a password generator, when coming up with a password, make it:
- A minimum of eight characters — those characters including one symbol, one uppercase letter, one lowercase and a number. You can change out letters with numbers and vice-versa, like substitute “s” with “5” or “$”, “e” with “3”, or “a” with “4”, as examples.
- A phrase or sentence — A passphrase, but not including the word "password"! Your Labrador retriever’s name “Shadow” doesn’t work anymore either. Try something like: “5had0w$B4dbr3ath” or even something more random like: "BlueHorse404".
- Sunset after 90 days — This forces you to remember it and not forget it as is easy if you use the same password for 2 or 3 years. It also make your password more of a moving target.
- Unique to the user and to the login — Don’t use the same password for multiple logins and don’t let everybody in your office use the same password. If the wrong person gets the password, they will be able to access everything, and,
- Free of the user name or parts of the user’s full name — Using John Smith's name or user name just makes guessing his password “Smith123” easy to guess.
Hopefully, these are helpful in creating a password you will use and remember. But also, check out password managers like LastPass, 1Password, Bitwarden and so on.
Implement two-factor authentication
Newer than passwords, but designed to work with them in bolstering your network security, is two-factor authentication. This requires individuals logging on to your network to provide verification of who they are.
For example, an individual logs into a workstation, they receive a dialogue box on their phone or moile device requiring them to accept the login. This way, if someone who doesn’t belong on device — and may even have a password — tries to login, they won’t be able as only the rightful user will be able to grant access.
This makes it much more difficult for an uninvited guest to access your network infrastructure.
Update your software
The bad guys are always creating or finding new ways to exploit weaknesses in networks. Much of what they exploit are security holes in operating systems and other software. The good news though that just they are working to use and manipulate these security holes, the software companies finding them are making patches to fix them. But those patches require constant updating. That’s why you should always update your software and why we recommend restarting your computer daily so it can receive and install those updates, making your system less susceptible to cybersecurity threats.
Back up your data
Even after implementing all of the tips for enhancing your cyber security up to this point, bad stuff can still happen — your network breached or property destroyed by a natural disaster, a fire or whatnot.
That’s why you have a back-up data recovery (BDR) system and business continuity service in place. With these in place, no matter the destruction caused, even in the case of “acts of God,” fire, weather or other disaster events, your business can pick up where it left off and continue business almost as if nothing ever happened — or at least where your network and data are concerned.
It's wise to prepare for such scenarios because if and when they do, you'll be ready and still have the material you need to rebuild and continue business.
Hopefully, these tips and a little foresight will help you plan and implement your business network and data security enhancements for the year so later you aren't hearing yourself or someone else say, "Hindsight is 20/20."
The beauty is implementing these strategies doesn’t require the staff or budget of large organizations. These measures may only require a helping hand. RK Black, a provider of office technology solutions to small and medium-sized businesses, is that hand here to help organizations such as yours.
If you would like any information on how to secure your network and data as described above let us know. We’d be glad to help in any way we can.
About R.K. Black, Inc.
R.K. Black, Inc. is an Oklahoma City-based, family-owned leading provider of office technology solutions to small and medium-sized businesses in Oklahoma and Kansas. We specialize in everything business technology from copier, fax, printer and scanner technology to document management, onsite paper shredding services, VoIP phone systems and managed IT support to video surveillance solutions.
If you want to learn more about us, feel free to explore the website, read our other blogs or click the button below to be contacted by one of our reps and tell you! Also, be sure to keep watching our social media channels on Facebook and Twitter for more business tips from our blog.