Online threats continue to mount for businesses of all sizes. It doesn’t matter if you have 2 or 20 IT experts on staff, or whether your IT budget is puny or ginormous like Target’s or Verizon’s: all organizations are hackable.
Paul Mah, a former IT pro turned tech blogger, recently shared 8 ways to fend off spyware, malware and ransomware in a piece he contributed to CIO magazine.
Here’s a quick rundown on how to make your business less hackable:
1. Enable two-factor authentication.
Two-factor authentication combines your password with a second protection component (like a text verification code) for an extra layer of security. “As you can imagine,” Mah writes, “two-factor authentication works only if [it] is set up ahead of time, so do look into enabling it for all your online services and accounts.”
2. Track your login history.
“A successful spyware or phishing event could give hackers the credentials for an online service, which they can access for their criminal activity,” Mah warns. “If you see logins to your account from physical locations you’ve never been to, it may be time to change the password.”
3. Check your list of authorized devices.
“Users who believe their password may have been compromised are well-advised to delete all authorized devices immediately after changing their password, which will de-authenticate unauthorized parties.”
4. Install anti-malware software.
An oldie but goodie, anti-malware software is still “the easiest way to protect yourself from common malware,” says Mah. He does concede that anti-malware may not cut it against more sophisticated hackers, but remains “a good basic defense against known and older malware.”
5. Don’t drag your feet on security updates.
Be honest: How many times have you clicked on delay options like “remind me later” or “try again in 7 days” when prompted to install software updates? “Doing so places you at great risk,” writes Mah. “Hackers can take just days or even hours to dissemble the latest security updates once they’re released (…), determine the problem they address and construct a malware that exploits it.” Don’t delay; “load patches as soon or as often as possible to stay protected.”
6. Never, ever share passwords. Ever.
This should no longer be a problem in today’s world. But it is. A big one. “Anyone asking you for your password should immediately be suspect,” Mah advises, “especially if it happens over a faceless medium such as email or a chat app.” In those cases, “assume the sender’s accounts have been compromised.”
7. Stop clicking on email links.
Malicious attachments and links are back in vogue as a security risk. It may sound like overkill, but resist clicking on email links and type out the URL manually on your browser instead.
8. Perform offline backups.
Security backups are a “crucial safeguard against a new breed of security threats called ransomware, which works by threatening to encrypt user files or even lock users out of their computer altogether.” If that ever happens to you, an offline backup system will enable you to restore those hijacked files without paying the ransom.
These steps might feel like a pain sometimes, but they’ll go a long way to keep your data (and the customer data under your care) from being stolen, hijacked or corrupted. Now that’s a pain you don’t want to experience.
(You can read Mah’s full post here.)