Last year we spoke a lot about how to protect your business IT systems, as growth in home working due to the Covid-19 pandemic had caused an increase in cyber attacks. Now, as 2021 starts to take shape, it is clear that the pandemic is going nowhere, and thus the risks to your business data are higher than ever. Whether you are in the workplace, working from home, or have teams split between the two, the chances are that you are logging into systems and online accounts in the course of your day to day operations. Without the proper protection in place, you could be compromising sensitive details about your business, your workload and your customers.
To help you navigate your way through the working year, we have prepared these 5 top tips to protect your business data online:
1. Use a password manager
One of the easiest ways for hackers to steal your data is by hacking your password. If it’s easy to guess, doesn’t make use of the maximum length or include special characters then you are just making it even easier for them. If you keep your passwords in your head, then chances are you are using the same one to login to multiple accounts. This is next Christmas come early for the wannabe hacker! The best way to keep the hackers away is to use a separate password to access each account or system and to use a strong password. Password managers such as Lastpass, Dashlane or Keepass can store your passwords, create strong passwords for the sites you need to access and make it easy for you to update them. All you have to remember is one master password to login to your password manager.
2. Use Two Factor Authentication to protect your business data online
Passwords alone don’t provide enough security when logging in to your online accounts. They can be easily hacked, so it’s important to add an extra layer of security. Multi or Two Factor Authentication (2FA) basically describes the process of having a one time passcode sent to your mobile device or email address or generated via an authenticator app. To complete the login you therefore need to add the correct username and password as well as entering the one time passcode within the given time limit.
For more information on 2FA and why it is so important to your business please read our Two Factor Authentication explained blog.
3. Keep everything updated
If you use an IT support company to look after your systems, then they will be able to keep everything up to date. Similarly, if you use cloud-based systems for your email and files, such as G-Suite, Office 365 or Zoho, then these will be automatically updated. However, if you use software hosted on individual devices it will be up to you to keep these updated to the latest versions. Everything you use, from apps on your phone to operating systems such as your Windows operating system on your PC needs to be updated, because developers are continually finding new bugs and fixing them. Applying the updates means you are using the latest, most secure version.
4. Don’t click on links or open attachments in suspicious emails
Knowing how to spot the signs of a phishing attack will most likely prevent you from falling victim to one. Phishing emails are sent by cyber criminals to look as though they have come from a trusted source and encourage users to click on a link or download a file. Either of these actions may result in you exposing sensitive business data or downloading malware which could compromise your system.
During 2020 we saw an increase in Covid-19 themed phishing emails which led us to advise businesses on how to protect against these threats. Click here for some top tips on how to spot a suspicious email.
5. Delete old accounts you no longer need
You might think those old accounts you no longer use are pretty safe as you don’t need them, but hackers can prey on unused accounts, particularly if they use short, easy to hack passwords. If you then use these passwords on current accounts that you login to, you will be compromising your security. The least information there is about you online, the less chance of it being hacked. It’s a great idea to review your business online logins once a month, and delete any accounts you no longer need. This can also help your business to comply with GDPR policies, particularly if the systems, apps and accounts you login to contain any customer data.
If you are worried that your business might have been compromised, or you just want to increase your online security, speak to us today about our IT security services or find out more about how we can help you to become Cyber Essentials certified and show your customers how committed your business is to preventing cyber threats and protecting their data.