October is National Cyber Security Month
Whether you’re a small business, municipality, technology company or a large publicly traded corporation, if an organization uses technology, it is at risk of a data breach or cyber attack. In today’s interconnected, digital world, cyber threats continue to grow and represent a serious challenge to organizations of all sizes. October is National Cyber Security Awareness Month, so it is a great time to take a step back and learn more about this critical topic.
Did you know that less than 1/3 of companies are insured against data breaches and that businesses are beginning to rank cyber-security risks as greater than natural disasters and other major business risks?
Here are some tips from Travelers Insurance to help protect a small business:
- Set up a data breach response team and plan that outlines how your company will address any data breaches and the roles and responsibilities of team members.
- Develop a data retention policy. It should explain how your company will retain data and keep it secure, as well as how you will destroy and dispose of unneeded data – dormant customers’ accounts, job applications, former employee privacy information, etc. Make sure you and your employees back up critical information regularly. Have secure locations where this data and its backup can be stored.
- Keep up to date on fast changing state laws regarding data breach, privacy and mandates on how you must notify customers if your data is breached. Incorporate them into your data policy. Failing to do so could result not only in fines and penalties, but in lost customers if a breach is ill-handled, and critically damaging your company’s reputation.
- Be sure that your anti-virus protection is installed and kept up-to-date. It’s also a good idea to designate a limited few within your company who will be responsible for downloading and installing programs. Only download programs from trusted sources, and instruct all employees to stay away from links or ads for software on email or pop-up ads.
- Train your employees. They are your last line of defense. Teach them how to identify and report potential breaches, and to be alert to unusual emails and attachments. Email is the most prevalent way of spreading computer viruses. Inform employees never to open an email that looks suspicious or contains odd spellings or characters. They should only open emails from people they know or have communicated with in the past. Explain about phishing and hacking techniques. Instruct employees to fully shut down their computers at the end of the business day.
- Require employees to change passwords on a regular basis and to use strong, unique passwords. Passwords should be unique to each program, account and computer in use. They should not be written down or shared in any way. A good password is sophisticated enough to thwart hackers, but straightforward enough to be remembered easily. Online password generators can help.
- Make sure that mobile devices that contain company information – laptops, smart phones, tablets and flash drives – are encrypted and password secured, in the event they are lost or stolen.
- Control access to your computer systems and establish a process to deactivate former employees and third party contractors whose service has ended.
If you have any questions about Data Security, contact us today: 781-444-3050