Cybersecurity Tip of the Week: Photo with Padlock

To celebrate Cybersecurity month, RCM Technologies is featuring some important tips to keep you and your employees safe online. Since so much of our workday is remote now, it’s more important than ever to protect your information online.

Here are our tips.

Educate and train yourself and your employees on current scams and viruses

Work with your IT department to send out emails to employees to educate them on how to recognize a scam or virus. Set up a system so when an employee opens a scam email and/or clicks on the link unknowingly, IT is immediately notified. This will help keep the system safe and also educate people when an email is not legitimate without the negative repercussions that comes with opening a legitimate fraudulent email.

It’s especially important for smaller organizations to take precautions with phishing emails since Verizon’s 2020 Data Breach Investigation Report found that 22% of data breaches involved phishing. According to Comparitech, “for an organization with 1–250 employees, roughly one in 323 emails will be malicious. For an organization of 1001–1500 employees the rate is far lower with one in 823 emails being malicious”. Think about the amount of emails you get a day. For some people, that could mean two phishing emails a day flood your inbox, potentially disarming your organizations cyber security protocols.

Implement Multi-Factor Authentication

Most universities have already taken advantage of programs like Cisco’s Duo in order to protect their student’s profiles, especially those containing sensitive information such as social security number and financial information. These systems use two different devices in order for the user to access your account. Once you attempt to log in on a web browser, an alert pops up on the users secondary device, most of the time a cell phone, enabling you to accept the login information.

Consider implementing Duo or a program like it in your organization. Using Multi-Factor Authentication protects the sensitive information of your employee and your business.

Want some more information on how you can start this process? Check out this link and learn how to get started.

Securing Your Wi-Fi Network

If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. There should be separate access for guests so they’re not gaining access to your network by connecting. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Then, password protect access to the router, with each individual employee having a different username and password.

Unsure whether the methods you’ve taken have worked? Hack yourself. One of the best ways to find vulnerabilities is to hire an outside firm to audit your system to find any weaknesses. If or when they’re found, you can make the appropriate changes to secure your network and your business.

Protect Yourself against Ransomware

Unsure what Ransomware is? Put yourself in this situation: All of your company data, for you and your employees, has been encrypted by an outside hacker so you no longer have access to it. The only way to get that data back is to pay the hackers who locked it. If you don’t, you risk the data being lost forever. Your organization is then faced with a choice: pay to get that data back, or lose that data, crippling your organizations foundation.

According to Expert Insights, “In 2018, 71% of ransomware attacks targeted small businesses, with an average ransom demand of $116,000. Attackers know that smaller businesses are much more likely to pay a ransom, as their data is often not backed-up and they need to be up and running as soon as possible”.

One of the cheapest and most obvious ways to prevent this sort of attack from crippling your organization is to back up your data. By making this a priority on a weekly or bi-weekly basis, if a ransomware attack were to hit your organization, you wouldn’t need to make the impossible choice of either losing money or losing data.

To learn more about how to protect your organization from ransomware, check out this link.

What other tip will you add to this?