Cybersecurity first: Business and consumer

A cybersecurity program isn’t just about securing your assets. It is an asset.  Security is everyone’s responsibility, from the consumer to a business.

Here are some best practices from a consumer's view.

It all starts with locking down your login credentials

• Review your passwords, updating them as needed, and ensuring they are strong.
• Establish a unique password for each account.
• Consider using a password manager if you haven’t in the past.
• Remember to use Multi-Factor Authentication (MFA) on accounts wherever it is available, especially on accounts that have financial information such as online banking, credit card, and retirement accounts
• Passphrase works Length trumps complexity. A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember. Whenever offered, use 2-factor authentication or multi-factor authentication (like biometrics, security keys, or a unique, one-time code through an app on your mobile device).

You have got mail! Cleanse your digital footprint

• Links in email, tweets, texts, posts, social media messages, and online advertising are the easiest way for cybercriminals to get your sensitive information.
• Think before you click: Be wary of clicking on links or downloading anything that comes from a stranger or that you were not expecting. Essentially, just don’t trust links.
• A clean machine – real simple: Keep all software on internet-connected devices – including personal computers, smartphones, and tablets – current to reduce the risk of infection from ransomware and malware. Configure your devices to update automatically or to notify you when an update is available.
• Backups have your back: Use the 3-2- 1 rule as a guide to backing up your data. The rule is: keep at least three (3) copies of your data and store two (2) backup copies on different storage media, with one (1) of them located offsite.

Be aware of your cyber footprint: Every time you sign up for a new account, download a new app or get a new device, immediately configure the privacy and security settings to your comfort level for information sharing. Regularly check these settings (at least once a year) to ensure they are still configured to your comfort.  Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it might affect you or others. Consider creating an alternate persona that you use for online profiles to limit how much of your own personal information you share.

Here are some best practices from an SMB view.

Cybersecurity: Not just for the big guys

Just because a business is small doesn’t mean there’s less to protect, nor does it mean they are not an attractive target for the malicious actor. With the increasing proliferation of hackers, malware, and cybercrime, cybersecurity solutions are vital investments for any organization.

Every business that is serious about its bottom line and reputation must invest in its cybersecurity this year. While cybersecurity has always been a significant concern, small and medium enterprises have never been as much at risk as they are since the pandemic. With data, users, applications, and devices spread across hybrid environments, connecting to the network from highly diverse locations, managing and controlling access — authentication and authorization — has taken on unprecedented priority and urgency. Here’s a helpful playbook.

Not all access and assets are created equal.

Businesses struggle to control who and what devices have access and consider when, why, and for which purpose. This has brought the conversation about security to the forefront. Every connected network needs proper security elements in place to help keep that network protected. In today’s modern networks, small businesses can simplify their network security by turning to one vendor that can meet both the connectivity needs and security elements needed to help protect that connectivity.

Endpoints are a crucial component of every business and are the doors companies run internally and out to their customers. These endpoints need to both be managed, such as pushing out software patches for these vulnerabilities, but they also need to be highly secured with solutions able to detect these zero-day attacks. And it is not just the traditional endpoints such as laptops and desktops that need to be managed and protected.

Mobile devices, such as smartphones and tablets, and Internet of things (IoT) devices also need state-of-the-art solutions designed to secure your data on the mobile platform. Finally, small businesses must detect and respond to threats before there are impacted. Security monitoring can be integrated and centralized across both cloud and on-premises environments.

Vulnerability management – A must-have

Identifying vulnerabilities enables the organization to patch weaknesses before a hacker has a chance to exploit them.  Penetration test results may help drive your security budget and prioritize spending. It, therefore, shouldn’t be a surprise that penetration testing is the best practice for a reason. It’s time to stop putting it off and start thinking about the future of your business.

There are benefits to be had over and above keeping safe from cybercriminals too. With hacking and other cybercrime on the rise, small businesses must take cyber security seriously. Protecting systems, networks, and devices are essential in the race against cybercrime in businesses.

Small businesses that don’t have a dedicated IT team can also benefit from managed cybersecurity solutions, whether to assess your vulnerabilities, prevent and protect your business from attacks, or detect and respond to them. Investing in these expert services can provide peace of mind and minimize the risks to your operations, data, and technology infrastructure. They also free up your workforce to focus on core responsibilities.

Preparation is the key to success

Given ransomware headlines in the news, your best defense against ransomware is a complete incident response plan. To say that ransomware causes technical difficulties is an understatement. Without the proper preparation, an attack can bring your business to a grinding halt and put your critical information at risk. Fortunately, ransomware attacks are avoidable and containable by following the fundamental security and disaster recovery best practices outlined above.