How to protect your business from cyber security risks
Protecting your business, Web site and personal information from cyber security risks should be high on your agenda. Now, more than ever before, companies and individuals are relying on the Internet (and technology) to sustain business life as we know it. It is assisting us in working from home, ‘socialising’ from a distance and maintaining our children’s education. This is only the beginning of what digital transformation can do for human interactions and businesses. However, without proper cyber security protocols in place, the advantages of the fourth industrial revolution can be marred by a large risk factor.
Because cyber criminals are clever. The more employees you have, and the more time they spend connected to the Internet, the better the chances are of a hacker successfully exploiting a vulnerability somewhere on your system.
Thankfully, South African companies are responding to this very real threat. In a recent survey conducted by Citrix, 74% of the SA employers polled said they would be investing more in their data and online security going forward.
Here’s what you, as an employer, should be addressing right now:
Educate your employees on ‘savvy’ Internet surfing
Cyber security starts with every person you employ. One click, on a seemingly innocent link, is all it could take for a cyber attack to cause expensive and damaging disruptions to your entire company.
What to focus on?
- Choose strong passwords. Password creation and remembering what password you used where, is a challenge, but it is vital that passwords contain a selection of both upper and lower-case letters, as well as symbols and numbers. Also, instruct them not to use the same password for each profile they create.
- Try and use biometric identification (facial recognition or fingerprint identification) where possible.
- Implement two-factor authentication. Any form of multi-factor authentication (MFA) decreases the potential of hackers’ access to systems. An example of this is using a credit card to purchase online, where a one-time pin (OTP) is sent to your cellphone, prior to completion of the transaction. Double protection.
- Do not share confidential information on any social media platform. Hackers are notorious at social engineering and may use information you have posted online to steal your identity or commit fraud.
- Never open e-mail attachments, or click links sent by people (or other companies) that are not recognised, have not been personally requested or subscribed to.
Protect your company’s Web site, domain name and site visitors
One of the best ways to secure your Web site is to ensure the use of secure, reliable Web site hosting that offers free backups, malware scanning, virus and spam protection. Adding an SSL certificate to your site is an essential part of your security too. This enables encrypted communication between a Web browser and a Web server, thereby protecting sensitive data.
Protecting your domain name is also an important security factor. One way to do this is to ensure that the correct business name is listed as the owner of the domain and not an individual, or Web development company that may have assisted in registering the domain.
Protect computers through anti-virus software
Malicious software such as viruses, Trojans, spyware and ransomware are often deployed unsuspectingly on staff’s computers. Sometimes a virus even “hides” in a flash drive and is unknowingly transferred to a PC. That’s why the best defence is a good offence, and a strict anti-virus protocol should be implemented to prevent, detect and remove malware prior to any functionality being damaged.
Manage WordPress plugins
Should you have a WordPress Web site, managing WordPress plugins, particularly running plugin updates when they become available, are key ways to prevent spam and malware. With a third of the Internet powered by WordPress, hackers focus a lot of their attention on this content management system (CMS). Vulnerable plugins have become an easier way for hackers to gain entry into Web sites. Delete plugins you don’t use anymore, check for abandoned plugins and update, update, update!