Employers: Protect Yourself From External and Internal Electronic Danger
Author: Jett Cross
In the days of dial-up internet (think Meg Ryan in You’ve Got Mail), electronic mail (email) was occasional, not constant, and not available on every device. Hacking, phishing, malware, and cybersecurity were relatively unknown terms. Now, every business owner needs to know what these terms mean and how best to protect against online attacks.
Many cybersecurity experts agree that the No. 1 source of external danger is viruses via email phishing. Phishing messages often look as though they come from legitimate sources, such as well-known businesses and retailers, banks, and government agencies. These messages often contain logos, links, and email addresses that mimic in great detail the real thing. The danger lies in clicking the link or opening the email attachment. How do you guard against these dangers?
First, consider it mandatory to scan all email attachments before opening them, especially from senders you don’t recognize. Viruses disguised as Microsoft Word documents are especially common. Business owners must understand and teach their employees not to click on links in emails from unknown or questionable sources. A better practice is to avoid opening any email that does not look right. Spam blockers work well at avoiding questionable emails but don’t catch every one. Look for clues to phony sites in misspelled words in the email or URL, or words suggesting immediate action such as “Hurry, reply now!”
Another recommended security measure is to require the use of strong passwords that are changed regularly—perhaps every quarter. This applies not only to email, but also to Wi-Fi and other accounts regularly accessed. The easiest way hackers obtain private information is by infiltrating through a weak password. Experts recommend using a password manager such as LastPass or Keeper to generate or test the strength of passwords. These apps also make life easier—You only need to remember one password to access the program with all of your stored passwords.
Perhaps the most important advice is to train your employees about information security. Have them understand the need for strong passwords. Educate them about how to determine if a website is secure—The final “s” in “https” is what shows a site is secure. Ensure portable storage such as flash drives are clean and protected.
Just as email is the No. 1 source of outside threats, the main source of insider threats from stolen files to unintentional malware (malicious software) comes from disgruntled or careless employees.
How can an employer protect itself? Take inventory! Know who owns what device and what information they can access. Limit access to devices and files on a need-to-know basis and make sure you know how each device is configured and how it is protected. Also, make sure you regularly back up information from those devices in case of a virus or data breach. Finally, make sure your Wi-Fi access is protected and that you have a separate guest network from your office network. Encrypt sensitive information before sending via email.
Taking these steps to inventory, educate and protect is the best way to guard against external and internal electronic dangers. To help your business succeed, contact Stibbs & Co. today at (281) 367-2222.