Think cybersecurity threats are only the responsibility of your IT department? Think again. As a PR-marketing professional and important member of your organization’s business continuity and reputation management team, understanding the current state of cybersecurity is valuable for you, both personally and professionally.
Today’s technological advances allow businesses to be more efficient than ever before. However, they also increase threats from cybercriminals. The following tips from cybersecurity and managed data hosting expert Christophe Réglat, president and CEO of Coaxis International, Inc., can help you and your company prevent a PR crisis-producing hack.
Set up a firewall
A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized internet users from accessing private networks connected to the internet, especially intranets.
Have an antivirus program
Antivirus software programs are designed to find known viruses and oftentimes other malware, such as Ransomware, Trojan Horses, worms, spyware and adware that can have a detrimental impact to the user or device.
Turn on automatic updates
Antivirus programs provide a way to protect against known threats. The effectiveness of an antivirus program is heavily dependent on how often it is updated. Therefore, it is important to have the antivirus program scheduled to update daily.
Create secure passwords and have password policies
At a minimum, organizations should require all users to change their passwords four times per year using complex passwords. These should be a combination of numbers, letters, and special characters that are unique to each application and not numerically derivative of a previous password. Also, users should never have a shared password between work and personal use. For example, your work password should not be your personal FB password.
Secure your Wi-Fi networks
Basic steps include creating a unique password for your router, changing your network’s SSID name to something employees can clearly identify, and enabling network encryption. The FTC offers good information on how to secure your wireless network at www.consumer.ftc.gov/articles/0013-securing-your-wireless-network.
Educate and train employees
Ninety percent of data breaches are caused by human error. Educating new employees about your firm’s cybersecurity policies should be part of their onboarding process, reinforced with constant training updates for all staff. The best security you can have is trained employees who are on their toes with security top of mind. Educate and train employees
Avoid installing bundled software
Some companies will bundle a program download with an offer to install an unwanted application, in some cases without providing a clear opt-out method. Also known as a potentially unwanted program (PUP), they include adware that displays intrusive advertising and spyware that tracks the user’s Internet usage to sell information to advertisers. The US Department of Homeland Security warns that these unwanted programs make computers vulnerable to serious cyberattacks. If you want a particular program, security experts recommend downloading the latest version from the official program website.
Be careful about what you download
The same caution applies to downloading Word documents, PDFs, photos and other files. Make sure you have effective and updated antivirus software and firewall running before you start downloading. Only use trusted down-load websites, rather than peer-to-peer systems, to obtain programs; if you must use file-sharing software, make sure you choose safe software and consider paying for the premium version not funded by advertising to reduce the risk of adware being installed.
Be cautious about clicking on unfamiliar links
Newsweek reported that more than 50% of people will click on an unknown link out of curiosity. Don’t be that person. Clicking on unknown links in emails (a cyber-scam known as “phishing”) or on unfamiliar websites can put you at risk of downloading malicious ransomware that infects and restricts access to your computer, or malware that allows cybercriminals to retrieve your passwords, access your files, and even switch off your anti-virus software.
Use HTTPS on all sites
A website that uses “HTTPS” at the beginning of its URL instead of “HTTP” is safer and more secure because it uses TLS encryption, a widely adopted security protocol to ensure privacy and data security for communications over the Internet. Think “S” = Secure. TLS-protected HTTPS is quickly becoming a standard practice for websites, also easily identifiable by the padlock icon.
Back up your data offsite
This is an important component of any business continuity and disaster recovery plan. What happens to your data in the event of a ransomware attack or natural disaster like a hurricane or fire? The ideal off-site backup solution is physically secure, verifiable and accessible to ensure that the system works and your backup data is preserved and can be retrieved quickly when something happens to your main backup location.