The saying “an ounce of prevention is worth a pound of cure” doesn’t just apply to our health. It also applies to cybersecurity. For small businesses, the best strategy against hackers is prevention. Hackers target businesses of all sizes, but they know smaller companies are less likely to have good cybersecurity practices in place. It’s time to turn that assumption on its head. Here, the experts at ESET share how to protect businesses against hackers.
#1 Encrypt all company files
Every company has valuable data, and many companies store some of their clients’ most sensitive data, like financial information. With this in mind, an important hacker prevention tip is to encrypt all company and client data, if you haven’t already. Ideally, the data should be end-to-end encrypted, which renders data unreadable unless you have a special key that allows you to decode (or decrypt) it. In a nutshell, encryption makes it much more difficult for hackers to access the data in the first place, plus prevents unauthorised users from reading your data. In a company environment, access to data should always be limited to employees who need that information to do their jobs effectively.
Most devices have operating systems that fully encrypt stored data and stop unauthorised users from tapping it (macOS is one example). You could also invest in a third-party, cloud-based system to add an extra layer of encryption and security to your data.
#2 Back up your data
Encryption is one way to protect your data from “bad actors,” and backups are another way to make sure you retain control over your data. If you do fall victim to a cyber attack, data breach or server crash, you’ll be able to bounce back quicker and recover lost or corrupted data. The same goes if you or your employees have devices stolen from you.
Aim to keep two backups: one on an external hard drive or flash drive, and another on a cloud storage system, like Google Drive or Grafana demo.
Backing up on a regular basis is a good cybersecurity practice; but it’s not enough on its own. It doesn’t stop unauthorised people from accessing your information, so use backups in combination with the other strategies on this list.
#3 Make password strength a priority
Think about all the accounts your team uses during an average work day. Depending on your industry, this could include email, collaboration drives, video conferencing software, social media and the intranet.
There’s likely to be a lot of key information stored across these sites. It’s important to have a different password for every single account they use at work. Unfortunately, people tend to recycle passwords, using the same one across multiple platforms. The problem? If a hacker manages to crack that password, they can gain access to more accounts — and more sensitive information.
Along with choosing unique passwords, here’s how to step up your password strength:
- Create passwords with at least 12 characters, and a mix of uppercase and lowercase letters, numbers and symbols.
- Avoid relying on personally identifiable information, like pets’ names or children’s birthdays.
- Try to use phrases or sentences rather than single words.
- Know another language? Weave in a word or two for a hard-to-guess password.
- Change your passwords frequently. This is truly one of the best lines of defence against hackers trying to tap into your accounts and steal your data. Every three months is a good rule of thumb.
Top tip: As your small business grows, consider investing in a password manager. This type of software acts like a vault, storing, securing and encrypting your usernames and passwords so you don’t need to memorise them. Most premium password managers also generate complex passwords for you, and alert you if one of your passwords is compromised.
#4 Set up multi-factor authentication
Do you currently use two-factor authentication? That’s a great start for a small business, and you may want to take it up a botch by activating multi-factor authentication (MFA).
With MFA in place, your employees will need to enter their username, password and one additional piece of information — like a code verification— before they can successfully log in. Chances are, hackers won’t have access to that second device, so this simple step makes their job much more challenging.
#5 Invest in a premium cybersecurity software
Small businesses have delicate budgets, but with cyber attacks on the rise, having good security measures in place is essential to protect your company in its infancy and beyond. Whether you don’t have antivirus software yet or you’re ready to upgrade, ESET Protect’s suite for small and mid-size businesses will cater to your company’s needs.
These software options defend against a range of cyber attacks, safeguard WiFI networks and webcams, and scan attachments and images for viruses. They protect cloud email, collaboration and storage systems, and offer endpoint protection, which is important when employees are working remotely using company devices.
Once you have software installed, be sure to accept all updates! Technology companies constantly refresh their products to meet market needs, so it’s important to keep your software solutions up to date.
Focus on one cybersecurity step at a time
Not sure which solution to choose for your small business? Reach out to ESET today — their cybersecurity experts are there to help and answer any questions about how to stop hackers.