We’ve said it before and again and again and again: Hackers do not fight fair. They don’t care what time of year it is—they don’t care that you are a two-person shop or sole proprietor. Actually, those are the qualities they look for in a cyberattack victim. They’re after your data. And they know who (typically) won’t have enough security to block their attacks.
Malicious hackers more often go after employees who are:
- Busy and distracted
- Working for a small to medium-sized business
Why? Because those two qualities mean that their victim is less likely to pay close attention to what they’re clicking on, browsing or responding to. And, a smaller-sized business or accounting firm is less likely to have the security defenses in place to catch a ransomware attack before it has the chance to wreak havoc.
According to the latest Verizon Data Breach Investigation Report, 43% of breach victims were small and medium businesses.
Don’t let cyber attackers get away with this any longer. Your actions every single day defend against or allow a cyber breach to occur.
Here are five ways that you—an employee at any sized business or firm—can reduce cyberattack risk, protect your data and, therefore, protect yourself.
5 ways to maintain data security
1. Learn how to reduce your cyberattack risk.
- Visit trusted websites, such as nist.gov, for free or low-cost cybersecurity resources
Keeping data secure begins at the user level. According to the Verizon report: 33% of successful breaches involved phishing or social engineering.
With a little education, we believe most of these breaches would’ve been unsuccessful. Make sure you’re taking the required security awareness training your IT department sends out (and pay attention to it!).
2. Change your password frequently.
- Passwords should be complicated and changed often.
- Never share your passwords.
- Use a unique password for every account.
- Use password managers, such as LastPass, Keeper, Dashlane, etc.
If you have a difficult time remembering passwords, try using a password management system. This article by PCmag.com lists the top 11 password managers to use in 2022.
3. Don’t trust your email.
Once in a while, a malicious email may slip through even the best security programs. My rule of thumb? I don’t trust any email without taking a closer look.
Prevent phishing schemes by looking out for these email red flags:
- The email is from a colleague you rarely talk to
- The email is riddled with grammatical and/or spelling errors
- The sender’s email domain is something other than your company name. Pay extra close attention to this one, as sometimes hackers will snag a domain that’s indistinguishable from the one you’re used to at first glance, for example, @rightnetworks.com vs. @rlghtnetworks.com
- The email is asking you to do something, for example: buy gift cards for vendors
- The email implies urgency
4. Enable multifactor authentication wherever possible.
“If companies just [implemented multi-factor authentication], they would be exponentially more secure…”
Brian Grayek, Virtual Chief Information Security Officer, Cosant Cyber Security
So—if multifactor authentication is such obvious protection, why don’t more businesses implement it? According to Brian Grayek, either “A) They don’t know. B) They think it’s high-cost and it’s too hard to do.” Forbes
Simply put, it’s not complicated from an infrastructure setup perspective. From a user perspective, it adds about three extra seconds to my normal login procedures, and I was able to set it up myself at home.
Tell your IT guys to implement it for a more secure workstation overall. You can also enlist the help of managed service providers.
5. Use the cloud’s built-in data security.
- Reputable cloud hosting providers use advanced threat detection to notice unusual system behavior.
- With cloud hosting, if a malicious hacker were able to enter your system and gain access to your data, data would be unreadable to them (as long as the cloud hosting provider uses data encryption technology, as we do).
- Further—victims of a ransomware cyber attack wouldn’t need to worry about paying any ransom to get their data back from the thief. Why? Because providers like us back up your data daily in case of accidental loss or deletion.
The most important data security lesson of all…
Maintaining data privacy is the responsibility of every employee, regardless of their title.
By following the tips included above (and leveraging cloud technology to make maintaining your business’s data even easier), you are doing your part to keep data secure.
