Collaborative post – may contain affiliate links
Most of us understand the basics when it comes to cybersecurity, but these basics often aren’t enough. Cybercriminals are getting smarter and a simple password and security software isn’t always enough. Here are some of the most common mistakes that businesses make when fighting cybercrime and how you can strengthen your security to fend off these online thieves.
Failing to back up files
Ideally, you don’t want cybercriminals getting to your files in the first place. But in case they manage to slip through your defenses, it’s always worth backing up files as a secondary precautionary measure.
A growing number of cybercriminals are now using ransomware to hold files hostage – this could involve locking files and threatening to delete them unless a ransom is paid. By having all these files backed up, you can afford to give in to cybercriminal threats without having to pay out any ransom – they may delete your files, but what does it matter if you’ve got them all backed up.
It’s important to choose a secure backup option. Storing files on the cloud is a popular option – there are business cloud servers available that are guarded by the most advanced security, making them a safe option. Another option could be to put your files on an external hard drive. Make sure that this hard drive isn’t left plugged into your computer, otherwise cybercriminals will be able to access it during a hack.
Using out-of-date security software
Security software that hasn’t been regularly updated will likely be ineffective against modern cyberthreats. Many security programs automatically update themselves, although this may require restarting your computer – if your computers are completely left on standby, this software may never have a chance to update.
Keep an eye on your security software for updates so that you’re always running the most secure version of the software possible. It’s worth updating other general software too as some of these updates may be security related.
Using the same password for everything
A lot of people are guilty of using the same password for everything because it’s easier to remember. The problem is that if a hacker does find out your password, they’ll then have access to everything.
You’re best having a few passwords in circulation as a result. You should change these every so often to keep them fresh (this can also prevent bitter ex-employees leaking passwords).
On the topic of passwords, it’s worth ensuring that you’re using strong combinations – a mix of lower-case letters, upper-case letters and numbers will made your passwords harder to crack. Try to stay random and not use dates of birth or the name of your company or anything else that’s easy to guess. You can even throw hackers off by using incorrect security question answers.
Falling to filter emails
Many cybercriminals will try to break into your system via emails. A common way of doing this is to provide links in emails leading to websites filled with viruses. It’s worth having an email filter in place that can check each email for dangerous links and warn you against opening certain emails.
Whilst it’s sometimes easy to notice a suspicious email, cybercriminals are getting craftier by using email addresses and templates that make them look like official organizations – by having a filter in place, you may be able see through the lies more easily.
As well as not clicking on links, you should make sure that you don’t ever reply to these fishy emails – especially if they’re asking you to provide personal details, which never be given out via email.
Not training your staff in security protocol
It’s no use having security protocol in place if your staff aren’t trained in how to implement it. It’s possible to get your staff professionally trained up by looking into cyber security certification training – this could be useful if your job requires handling a lot of sensitive data. Alternatively, you may be able to take a course yourself and then relay information to your team.
Make sure that every new customer is filled in on your company’s security protocol. You may want to provide a handbook as an easy reference, but it’s worth investing some time into in-person training just in case they do skim over this documentation.