Taking precautions against cybersecurity threats
October is National Cybersecurity Awareness Month, a campaign designed to educate the public about tools needed to stay safe online and increase protection against hackers. Threats like malware and phishing will always exist, but employers large and small can take precautions to guard against the inevitable cyber attack.
1) Data encryption
Target's massive data breach resulted in $200 million in losses for the financial institutions involved, according to NBC News. Encrypting your data can help you avoid those steep costs by digitally converting information into code known as cipher text, which can only be decrypted back to plain text through a password. Putting encryption protocols in your network protects confidential data embedded in cloud storage, operating systems, networks and business email accounts.
2) HTTP awareness
As entering information into unprotected websites is dangerous for any company, employees should be taught to look for HTTPs and padlock symbols in a website's address bar. However, some phishing websites use fake digital certificates to appear trustworthy. Phishing simulation training will keep employees aware of the tactics utilized by fraudsters to steal critical data.
3) Employee password training
All workers should be knowledgeable on the use of passwords, even seemingly obvious steps like not writing down a password where someone can find it. Employees should never share passwords over unencrypted online communication, or re-use passwords for multiple company applications.
"Strong" passwords are generally lengthy and do not spell out any words, so using "Bob12345" will only make it easier for hackers to gain access to your network. Multi-factor authentication - including fingerprint scans and cell phone verification codes - are additional measures required by some organizations to bolster network passwords.
4) A segmented network
Having "strong" network authentication points doesn't mean these points should all be accessible from the same place. Segmenting your networks ensures a hacker getting into one system is less likely to access another. Systems should be separated by how critical the network is to your business, with the strongest security on the most critical networks.
5) Always have a plan
An incident response strategy is a must for any business looking to minimize damage from a data breach. Be ready to block the communications channel the hacker is using to infiltrate your system, even if you have to cut your internet access entirely. Your servers will provide data logs that can be configured to report where and how an infiltration took place. A company also has responsibility to inform those impacted by a data breach, particularly if personal information has been stolen.
OPENonline is a trusted source for comprehensive background screenings. For more information, visit our website.