Cyber-crime involving company data has increased dramatically in recent years. In addition to high-profile cases like the Ashley Madison data breach, thousands of small businesses have been the victim of cyber-crime. Business owners need to understand these risks and take steps to protect data. Complacency can cost dearly and have long term impact.
Contrary to what many people believe, cyber-crimes are more likely to be committed by organized criminal gangs than individuals working from their bedrooms. Hackers are largely motivated by financial rewards, and a company's data is a valuable asset they can negotiate with. So-called 'ransomware' attacks involve denying access to a company's data until payments are made to the criminals behind them.
In addition to the potential harm to customers and employees if there's a data breach, a company's reputation is likely to suffer. Customers and shareholders will lose confidence if hackers are able to beat security systems. Companies failing to adequately protect customer data can also face fines and financial penalties.
The following steps can help prevent cybercriminals accessing a company's data.
1) Use strong passwords.
Passwords are one of the foundations of IT security. They should be long and complex enough to make them difficult to crack, and should be changed on a monthly basis. Businesses are advised to have a password policy outlining to employees the importance of protecting access to systems. Smartphones, laptops and mobile devices are particularly vulnerable if they don't have good password protection.
2) Run regular software updates.
Operating systems, web browsers and security software should be updated whenever new versions are made available. Hackers are constantly looking for loopholes and ways to access systems, and software companies offer updates as a counter measure. Ignoring updates means your business will become increasingly vulnerable to cyber-attacks over time.
3) Encrypt data.
Data encryption is becoming easier as a result of the demand for greater IT security. Encrypting files, emails and entire hard drives is possible using software tools. Some operating systems now offer encryption of files at the click of a button.
4) Secure your Wi-Fi network.
Open Wi-Fi networks are one of the easiest ways for criminals to access a company's IT systems. The default setting for many wireless routers is for encryption to be turned off, so check this as it can leave you exposed. The encryption key should be at least 14 characters long to make it hard to crack. Changing the default network name makes it very difficult for hackers to access your router and change its settings.
5) Back up data.
One of the best defenses against a ransomware attack is to ensure you back up your data on a daily basis. If cyber-criminals are able to lock data held on your main systems, having back up means you should be able to continue working. Backing up to an external hard drive is a quick and easy solution for small businesses, but alternative servers or cloud solutions may be required for larger enterprises.
Employees have an important role to play in IT security and protection of data. Many breaches are the result of a simple error such as not changing a password. Having documented procedures ensures everyone working in a business understands their role and responsibility in preventing cyber-crimes.