According to the Identity Theft Resource Center’s 2022 Business Impact Report, nearly 45% of small businesses and self-employed individuals experienced a security or data breach between July 2021 and July 2022.
Cybercriminals frequently target customer and employee data and while external threat actors are the most common causes of data breaches, incidents involving remote workers, malicious insiders, third-party vendors and human error also leave businesses exposed. Here are some common-sense tips to help reduce the risk of cybersecurity breaches:
· Passwords. Require employees to use unique passwords and make sure they are changed frequently. Also implementing multi-factor authentication can reduce the risk of cybersecurity breaches.
· Security policies. Establish security policies such as internet use guidelines and train employees to recognize threats. This can be one of the best ways organizations can protect themselves.
· Data backup. Regularly backup critical data, like word processing documents, spreadsheets, databases, financial and HR files and account information. If it can't be backed up automatically, then do it at least weekly, storing it offsite or in the cloud.
· Virus protection software. Ensuring security software, web browsers and operating systems are up to date can often be the best defense against viruses, malware and other online threats. Employers should update virus protection software regularly and scan all computer files after each update.
· Firewalls. Install firewalls to prevent outsiders from accessing data on a private network and act as a gatekeeper between an organization’s computers and the internet. Employers should ensure their operating system’s firewall is enabled. If any employees work remotely, organizations should ensure those workers’ systems are firewall protected.
· Networks. Small businesses should ensure their Wi-Fi networks are secure, encrypted and hidden, and router access is password protected.
· Computer access. Lost or stolen computers can make an organization vulnerable to cyberattacks. Employers can reduce this risk by creating separate user accounts for each employee and requiring strong passwords. Employees should ensure their devices are locked when not in use.