By Craig Skevington
Every time we turn around it seems that another major retailer, social network, or infrastructure company has been hacked.
These intrusions put millions of people at risk via their personal and financial information and cost companies billions of dollars. So, what are small business owners to do? Small and medium size businesses are prime targets for hackers since they are often less prepared. There are some simple, but important things that can be done today to ensure your data remains secure.
Configure your computers and mobile devices to automatically install software updates. These updates are most often fixes to weaknesses that hackers use to break in. If you don’t know how to do this contact/contract, an IT support company to set this up for you.
Use a password generator to create unique passwords for each account. A common strategy used by hackers is to break into less sophisticated websites to obtain usernames and passwords. They know it is common practice to reuse these same passwords on important accounts.
Large amounts of data were obtained from Dropbox even though security was never breached. The hackers used passwords stolen from other accounts and, in a large percentage of the cases, they worked on Dropbox. Also, do not use “admin,” “password” or “12345” as your password. While this may sound obvious, an anonymous study done within the past few years found that almost 50 percent of the passwords were exactly this.
Your employees are your biggest security risk. The various cryptolocker viruses are rampant. These are the ones that encrypt your data making them unreadable unless you pay a ransom to the hacker. It is estimated over $5 billion was paid in ransom in 2017 alone and this is projected to increase to $11.5 billion in 2019.
This virus is almost always downloaded by someone who clicks on a link they thought was safe. Emails can be made to look like they came from a trusted source. Pay attention to the email itself, look for misspellings, poor grammar or incorrect fonts. If it doesn’t feel right don’t click it. Check with your contact to confirm they actually sent you the specific email.
Consider a training program for your employees to sensitize them to these risks and always keep your data backed up.
Never plug in a jump drive that you are not fully confident as to its origins. Never. The Iranian nuclear program was hacked not through breaching network security but because one of the scientists found a jump drive and was curious, so he plugged it in.
Never use your personal computer to sign into your firms’ server system, use only the computers that are kept secure by your provider.
Hackers are looking for the easy targets. It is similar to keeping your home safe from burglars; a few locks and some lighting go a long way to discourage most break-ins. Thieves are drawn to easy targets.
There are simple and inexpensive methods to discourage them from your business. Bottom line: Your IT support needs to move as fast as hackers move, their speed of service is what keeps your systems safe.
Skevington is president and CEO of STEADfast IT in Saratoga Springs.