A recent article published by itworldcanada.com suggests that the pace of cyber attacks on Canadian companies is increasing. They launched a large study of 250 Canadian businesses in 2019 that recorded an astonishing 88% of companies reporting at least one security breach in the last 12 months. Of those, just under half said they had suffered a financial hit because of the attack.
The positive result out of all of this is that nearly 90% of the companies said they had strengthened their business cyber security resources because of the attacks, and that they were continuing to learn more about how to protect themselves. But that doesn’t stop the fact that hackers are constantly learning, adapting, and tweaking their approaches in order to gain access to your networks and your private information.
Beware of Malicious Emails
One of the most common types of business cyber security breaches is custom malware invading networks because of a successful phishing attempt. According to the 2019 Verizon Data Breach Investigations Report, nearly a third of all breaches last year involved phishing. Phishing is when someone with malicious intent sends an email that often appears to come from someone familiar, and that email asks that the recipient perform some sort of action. They may ask that recipients click on a link to download an attachment, send money for an overdue payment, or forward confidential information, such as a user name or password.
The reasons why hackers would simply ask for money or a password is obvious, as both provide pretty much immediate gains. Asking recipients to click a link or download a file is a bit more sophisticated, as doing so opens the door for malware or ransomware to be downloaded. Malware can gain access to virtually everything on your network, including your banking information and private customer data. With ransomware, hackers can lock down your systems and demand a payment in order for you to regain control.
Business cyber security means training your employees to be very careful and aware when opening emails. Phishing emails can look entirely legitimate, but there are often a few tell-tale signs. Ensure your employees are giving their emails all of their attention. It’s time to be suspicious if they are not expecting an email asking that they perform a task. Have them check the sender’s email address to verify it is coming from a person they know. Spelling mistakes and bad grammar are also signs of a phishing email. A link that does not go where it is supposed to is also a sign (train your employees to hover and check URLs before they click). Anything that seems unusual could potentially be a trick, and so the best course of action is to call the purported sender to check that they actually did send the email. If employees can’t confirm the sender, delete the email immediately.
As a business owner, it is your responsibility to keep your customer and client information safe. Failing to do so can not only result in a huge headache for you as you try to clean up the mess left behind by hackers, but it can also result in a massive hit to your reputation. Just remember the Facebook security data breach of 2018. Attackers gained access to the social media giant’s network, exposing the personal information of more than 50 million users. The result was devastating for Facebook, with trust reduced to such a level that millions of users shut down their accounts.
Encourage Strong Passwords
Good business cyber security practice means your employees should never, ever, use their work log in and password anywhere else. In fact, password should be long, strong, and unique for each and every account they are signed up for. They should be longer than eight characters, contain a mix of upper and lowercase letters, symbols, and numbers. Secure password managers are great for generating strong passwords, and they remember and store them for you. You only need to remember your master password.
Turn Off Computers at Night
Computers that are turned off are much harder to break into, so it should be regular practice to power down devices when leaving for the evening. This can also save you some money on your power bill.
What to Do if You Think You Have a Virus
Signs you may have a virus include your computer running slowly and acting strange, a different-looking desktop, missing files, missing (or additional) programs, browsers opening to unusual websites, storage space filling up, pop-up windows that can’t be closed, the inability to access websites you used to be able to, and a warning from your virus software.
If you think you have been hacked, immediately disconnect your computer from the internet. The fastest way to do this is to unplug your modem right away. If you are confident in your skills you can run anti-virus software, or else take your computer to an expert.
Remember to always back up your files with an external hard drive so that if files go missing they can be retrieved.
Appoint a Business Cyber Security Champion
Since business cyber security should always be top of mind for all of your employees, appoint a cyber security champion with the mandate of consistently reminding everyone of the numerous different types of scams out there. A weekly email filled with tips is a great idea. They may also want to include regular training sessions that all employees must complete to ensure all points are being fully understood.
There’s lots a cyber security champion can do to further encourage safe use of your business’s computers. Those who complete the training fastest could receive a small gift. They can encourage their colleagues to share any information about new types of attacks they have heard about. They could also wander around and check to make sure everyone has safely locked their computers while away from their desks, and reward those who have with a treat of some sort.
Online Marketing Services From Emphasize Design
Emphasize Design custom-designs the most secure websites out there. We consistently update the back ends of our sites to ensure there are no gaps in technology hackers can take advantage of, and provide security and maintenance packages to help others keep their WordPress sites’ versions, themes, and plugins up to date and as safe as possible. Contact us today for more information.