Simple Steps Every Business Can and Should Take
By Franco Correia
Internal Systems and Security
Data security has become a fundamental concern for all businesses, small as well as large. Cybercriminals are increasingly ubiquitous and sophisticated. But there are procedures you can adopt to make it harder for them to gain access to your data and systems, simple things you could start today, the low-hanging fruit of cybersecurity.
This course of action is not only fundamental but can be necessary. Data breaches are costly, to the point that they have put many small businesses out of business. This simple plan can help ensure that you will qualify for cybersecurity insurance and meet the requirements of the insurer.
In a way, protecting your systems is analogous to protecting your home, the parts of your house that work to keep it secure for your family:
- Firewall. Protection starts with a firewall. Like the walls around your house, your firewall protects the perimeter of your business. Similar to a front door, it serves as an access point for entry. At its most basic level, it provides spam and virus filtering, detects and prevents intrusions. If you have a firewall with an active security subscription, you will have taken the most fundamental step in the effort to protect your data.
- Next-Gen Antivirus (EDR). Your antivirus software is like the security system inside your home. It monitors what’s going on in your systems, alerting you if malicious software is trying to invade your environment and actively working to keep it out. It is a level of security that every business should have. To combat increasingly sophisticated cyber-attacks, antivirus software evolves regularly; it is important to stay abreast with next generation protection.
- Multifactor everything. I refer to this as “extremely crucial.” Using a password to secure your online accounts is equivalent to a doorknob lock; it provides a basic level of security and can deter casual burglars, but it isn’t exceptionally hard for a determined one to bypass. In some instances, your password can become compromised due to data breaches, password reuse, or simplicity (stop using “summer2024”). In contrast, multifactor authentication (MFA) acts like a deadbolt on that door, adding an extra layer of protection that is much harder to overcome. Typically, it involves using an authentication app on your phone, to which only you have access. Just as a burglar would need to put in more effort to get past both a doorknob lock and a deadbolt, a cybercriminal would have to go through significantly more trouble to breach an account protected by MFA.
- Patching and updates. If you have a leaky sink, you fix it, and patch it. So too software vendors update their products and provide patches as security gaps are exposed. Managing your systems requires staying current with vendor patches and updates as they are issued.
You can protect your information technology substantially by adopting a few simple processes and practices. Cybercriminals look for easy marks, in particular when targeting small businesses. Taking these simple steps will make it a lot harder for them.