Did you know that 91% of organizations have been victims of web- and mobile-based cyber incidents? Or that 69% of businesses were hit by ransomware attacks in 2020? Or that the average cost of a data breach increased almost 10% from 2019 to 2020?
What can you do to keep your business data secure from crippling cyber events like these? It’s simple—follow the steps in this handy checklist to ensure more secure business data.
Do These Things to Keep Your Business Data Secure
To keep your business data secure, follow the steps in this checklist.
Employ Anti-Virus and Anti-Malware Tools
Guarding against computer viruses, spyware, and other malware is imperative. The first line of defense is employing a robust anti-virus/anti-malware utility—and keeping it updated on a regular basis with the latest malware definitions.
Use a Firewall
Using a firewall is another essential component of a robust cybersecurity plan. A properly configured firewall keeps unwanted traffic off your system and prevents sensitive data from leaving your network.
Insist on a Strong Password Policy
According to Verizon’s 2021 Data Breach Investigation Report, credentials are the most sought-after assets (60%) stolen in data breaches. Your employees need to select strong passwords, protect those passwords, and change them on a regular basis. Passwords need to be 16 characters or longer, contain multiple letters, numbers, and special characters, and be as random and hard-to-guess as possible.
Use Multi-Factor Authentication
Make it even harder for unauthorized users to log into your system by enacting multi-factor authentication (MFA). Microsoft reports that MFA can block 99.9% of automated hacking attempts.
Limit Login Attempts
Hackers use automated software to attempt thousands of different login combinations in a short period of time, trying to break into your system via brute force. Thwart these attacks by using a login limiter to lock out anyone after a specified number of invalid login attempts.
Employ Zero Trust Access
Limit your exposure by limiting access to sensitive data and communications. Employ zero trust access so that only those employees who need access get access.
Use Email Spam and Phishing Filters
The FBI reports that most phishing is the most common gateway for unauthorized system access and most phishing attacks start with a fraudulent email message. To mitigate the opportunity for phishing and other social engineering attacks, employ robust anti-phishing and anti-spam filters in your email system.
Replace Email with Secure File Sharing
Email is often used to transfer files between employees, especially remote workers. Unfortunately, email is the least secure form of communication available today, with 66% of all malware installed via email attachments. To improve your cybersecurity, offer your employees a more secure file sharing solution and discourage unnecessary email use.
Back Up All Your Data
It should go without saying that you need to back up all valuable data on a regular basis. Create multiple backups, with at least one copy stored offsite or in the cloud.
Keep Your Software Updated
Minimize the risk of malicious actors exploiting software vulnerabilities by keeping all your software updated with the latest security fixes. Don’t wait weeks or days after a patch is distributed; the bad guys will exploit known vulnerabilities immediately and you have to be faster than them.
Establish Security Policies for Remote Workers
More and more employees, especially remote workers, are using mobile devices to perform work duties. Often, they use their own personal devices for work use, and vice versa. Unfortunately, if a mobile device is lost or stolen, cybercriminals can access sensitive data stored on that device and use that device’s credentials to break into your system. This is why you need to establish clear remote security policies and make sure your employees are trained on them, including:
- Secure mobile devices with on-device encryption
- Use strong passwords and MFA
- Use a VPN to securely connect to the company server when using public Wi-Fi hotspots
- Never leave mobile devices or laptops unattended in public places or in vehicles
- Do not use work devices for personal use, nor personal devices for work use
Cancel Employee Accounts on Termination
When an employee quits or is terminated, immediately revoke all accounts for that employee. Don’t leave disgruntled employees any opportunity to access your system after they’ve left. (You should also wipe and reformat all devices used by exited employees, too.)
Encrypt All Data
All data stored on your company’s servers or in the cloud should be fully encrypted. This will keep unauthorized users from being able to read or use any data they might otherwise steal or breach.
Encrypt All Communications
It’s not just data at rest that needs to be encrypted. For ultimate security, employ a secure communications solution that protects all communications—messaging, audio calls, and video chats—with end-to-end encryption. This minimizes the risk of secure data being hijacked in transit.
Let Wickr Help You Keep Your Business Data and Communications Secure
One of the most effective ways to improve security for your business data and communications is to turn to the experts at Wickr. Our secure communications and collaboration platform employs robust end-to-end encryption and other military-grade security to protect your communications and file sharing from unwanted cyber incidents. Make Wickr a key component of your organization’s cybersecurity strategy.
Contact Wickr today to learn more about secure business communications.