The idea of creating a culture of good cybersecurity practices in your business can seem like a daunting task. You may feel overwhelmed looking at your own company's network. You may even be thinking, "Where do I even begin?"
While there are many long-term, organizational changes that can help benefit your business's cybersecurity, there are also smaller actions you and your co-workers can take immediately to instantly make a difference.
1. Install updates immediately.
Software updates are one of the most effective measures users can take against cyber attacks. Software updates are designed by developers not only to improve the performance of a given program, but also to patch any holes that can be exploited by cybercriminals. Rather than put off these important updates, install them as soon as you're notified.
2. Back up your data regularly.
When a computer is infected with ransomware, the user's options as they're presented by the attacker are to either pay the ransom (which may range from $500 to $1,500) or lose their data forever. However, there's a third option that's much less expensive: back up your data away from the original source. By regularly backing up your data to an external location—such as an external hard drive or a cloud-based service such as IDrive—you can secure peace of mind against your important data being held hostage. Be sure to check out PCMag's favorite cloud-based backup solutions to find what's best for you and your company.
3. Update your antivirus.
There's no underestimating the value of a good antivirus program, but don't get complacent. While your antivirus may have an updated database of viruses and cyberattacks at the time you installed it, that database can become outdated over time. When that happens, your software won't recognize newer attacks when they strike, leaving your data exposed. Just as you shouldn't put off any system updates, be sure to update your antivirus software as new versions are released.
4. Lock your computer.
Cyberattacks don't always come from strangers on the other end of the world. In many cases, cyberattacks can come from within your own organization. Guard yourself from prying eyes by protecting your workspace. Any time you leave your computer unattended, lock the screen or put it in sleep mode. Make sure your computer requires a password to unlock.
5. Secure your Wi-Fi.
You should always exercise caution when using public Wi-Fi networks, but don't assume your own network is any safer. Secure your organization's network by using WPA or WPA2, which requires all users to enter a password. Ensure that password is only available to trusted members of your organization. If the password is compromised, change it immediately.
6. Use stronger passwords.
In many cases, a strong password is your first line of defense against cyberattacks. We know a weak, unoriginal password puts you and your organization at risk, but are you sure the password you're using now will cut it? Visit Dashlane's password grader tool to see just how strong your password is. The longer estimated time it takes to crack your password, the better.
7. Avoid suspicious websites.
A common cause of cyberattacks is careless browsing. By clicking on the wrong action on the wrong website, a user can unwittingly unleash a torrent of malware and viruses on their network. By the time it's under control, an organization may have spent thousands to undo the damage. Pay attention to the websites you're clicking on. If you've stumbled on a website that appears to be a legitimate source, carefully examine the URL for anything that might be a red flag (misspellings, wrong domain suffix, etc.). Most importantly, never under any circumstance enter any personal information unless you're absolutely sure a website is legit. Look for a security certificate (HTTPS) in front of the URL before entering any payment information. If there is none, leave the page immediately.
8. Create a contingency plan.
Let's say the worst has come to pass and your data has been compromised. Now what? The second-worst scenario to a cyberattack is not being prepared for a cyberattack. Have a plan in place for when your data is breached. Do you have an IT response team ready to locate the threat and secure your organization's systems? Get one. Find out how the attack happened so you can prevent it from happening again in the future, and be prepared to handle any negative press your company may receive.