Cybersecurity is an ever-growing concern for businesses. While data breaches and leaks are an obvious concern, it’s also been shown that cyber weaknesses hold back firms from progressing. In a recent study by Cisco, a stunning 71% of executives said that concerns over cybersecurity had hindered innovation.
If you want to protect your business from potential cyber risks, there are some simple steps you can take. Start by committing to these cybersecurity resolutions for 2020.
1. Train your employees
Employees are the weakest part of your operation when it comes to cybersecurity. A lack of basic digital knowledge means many staff struggle to know how to protect themselves online. Training them in the basics of online security is vital to protect your firm.
What’s more, employees need to feel empowered to take ownership of cybersecurity. Whether it's noticing a coworker who writes down their password on a sticky note, or questioning insecure data storage practices, your staff should feel that they have a duty to proactively protect the business from cyber attacks.
2. Change your passwords regularly
According to recent findings, many people still don't put enough creativity into choosing their passwords. It's shocking, but the most common ones are still '12345' and 'QWERTY.' To make it worse, many people also recycle their passwords and use the same ones for their business and personal accounts.
Requiring staff to change their password regularly is a good way to remind everyone of the importance of staying secure online. If your employees struggle to remember strong, complex passwords, one idea is to use a password manager such as LastPass or Dashlane.
3. Delete unused accounts
Many new employees have accounts opened on their behalf as part of their onboarding, which they rarely or never use. Such unattended accounts can leave security gaps, as no one is checking for suspicious activity.
Make sure you keep up-to-date lists of who can access what within your business, and review them regularly. If an account is not being used, or if the user leaves the business, delete it.
4. Test your data back-ups
While it's pretty common for a business to back up its data and systems, so that they can be restored after a breach or attack, many forget to test the back-ups to make sure everything is really working as planned.
Make sure to test your back-ups and do it frequently - perhaps schedule your testing for the year in advance so you won’t forget.
Also remember to keep your back-ups in a secure, off-site location - so there’s no risk of them being compromised if your business suffers a cyber attack.
5. Understand the laws that apply
As well as general data protection measures such as GDPR, industries such as healthcare, finance, or manufacturing have their own legislation concerning data protection and how to manage breaches.
Review current and upcoming data security legislation as it applies to your business, and ensure you understand your responsibilities.
6. Use a VPN
Although your organization might use an intranet for private internal communications, more and more people are choosing to work from home or public places.
In this instance, it is essential to use a VPN such as NordVPN Teams. It creates a secure encrypted tunnel between your employee's device and the internet or your company's server, protecting the connection from third-party access.
7. Encrypt your files
Finally, consider encrypting your company’s documents - whether they are stored on a computer or in the cloud, being forwarded within the organisation or shared with external clients.
When you use file encryption tools, like NordLocker, even if hackers manage to steal important documents, they will not be able to access their content.