Media attention is primarily focused on cyber security breaches, at large organizations. Examples of this include the embarrassing personal information leak at Ashley Madison, or Wal-Mart Canada’s recent credit card data compromise incident. However, due to a lack of coverage, any small and medium-sized businesses don’t consider themselves to be a target for hackers. This is not the case, as they are just as vulnerable. Bots or zombie networks are on the hunt for any organization that has a weakness in their cyber security, and smaller organizations without dedicated cyber security personnel are generally less prepared to deal with these intruders.
Increasing Cyber Security
If your business is hooked up to the Internet, you’re at risk. Hackers are always looking for any opportunity to strike a weak cyber security strategy. Once they’ve infiltrated a smaller business site, they’ll piggyback off of it to go down the supply chain and attack larger organizations. By taking some precautionary steps, you can prevent these attacks from happening, protecting yourself and your clients.
Access Control
To mitigate cyber security attacks, it’s crucial that only those who need access privileges have them. Access should only be given in appropriate does, and when it is no longer needed, it must be revoked. This attention to detail requires diligent monitoring from your IT team, which is absolutely worth the effort. In Verizon’s 2015 report, over 55% of internal data breach was attributed to insider access. Consider the damage that can be done by a disgruntled or former employee because of lax access monitoring, and take the necessary precautions in your cyber security strategy.
Passwords
It’s easy to become complacent with our passwords and use ones that are easy to remember, rather than ones that actually protect us. The best practice is to use passwords that include symbols, upper and lowercase letters, and numbers, and are at least 12 characters in length. Make sure that you never store your password in plain text on your computer hard drive. There are lots of password encryption software platforms that will efficiently manage your passwords. Dashlane and LastPass are two that are highly rated, and easy to use. It’s important to change passwords regularly, but if your password is weak, it can still be breached, even if it was just changed yesterday, so be thoughtful and diligent.
Updates & Shortcuts
Installing patches and updates are often the last tasks on our to-do list. This shouldn’t be the case. Keeping on top of content management systems, software, applications, and plugins is necessary to turn aside hackers who will exploit weaknesses in your systems. At KIMBO, we go a step further and recommend that plugins are hard coded to prevent vulnerabilities.
Updates need to be managed when they are released. If they aren’t, it opens your business to attacks, and your site to compromise. Ensure that all of your software is kept up to date and consider taking the extra steps to hard code rather than relying on third party plugin shortcuts, so you can rest comfortably.
There are few things that bring fear to the heart like switching on your computer and facing the blue screen of death, or a menacing 404 page. New vulnerabilities are discovered daily, making it more important than ever to be vigilant against potential cyber security risks.