Your Alberta business is vulnerable to cybercriminals looking for opportunities to access your information. The more public information you store for your customers, patients or clients, the more crucial cybersecurity becomes.
You can be vulnerable to a long list of cyber-crimes, from identity theft to phishing and accessing your website to post inappropriate content to the theft of your intellectual property. Therefore you need to take every precaution to protect your business, your customers, and your staff. Here are 17 tips to help you keep your business cyber safe.
1. Avoid Using Public Wi-Fi
Instruct staff to avoid using public Wi-Fi for business purposes or when using business provided devices. This can cut down on hackers accessing information.
2. Turn Off Unnecessary Features
When out and about, instruct staff to turn off things such as GPS, wireless connection, and geo-tracking to make it more difficult for cybercriminals to access information or know where they are.
3. Have a No Apps Policy
Set a no-apps policy for all business provided devices and computers. If people do download apps for business purposes, ensure they are approved or from trusted sources only.
4. Safe Access Protocols
Make sure all devices and computers have strict access protocols. Passwords should be changed often and be challenging to decipher, with a mix of at least eight characters: upper and lower case letters, numbers, and symbols.
5. No Downloading or Clicking Unknown Links
Make sure staff understand they should never click email links or download attachments from unknown sources.
6. Log-Off Rules
Ensure you have a log-off rule that instructs team members to log off from devices and computers when not in use, even if it is just for a trip to get coffee or use the bathroom.
7. Fewer Password Attempts
Make sure log-ins cannot be attempted too many times, as this gives cybercriminals more tries to break into the system.
8. Educate Staff
Every new hire should receive an overview of the various threats of cybercriminals, such as:
- Email scams
- Phishing attacks
This will help them avoid risk and keep criminals at bay.
9. Malicious and Fake Software
Like with apps, have a policy that only approved software can be downloaded onto computers to avoid malware issues.
10. Social Network Policies
Another vulnerability is social networks. Cybercriminals can use employee profiles to access information that makes it easier to target. Restricting access to social networks can help reduce the risk for the company.
11. Recognize Phishing
The use of fake emails, text messages and websites can allow cybercriminals to entice staff to enter their passwords, credit card numbers and more. Again, ensuring employees are aware of these crimes, knowing they should avoid clicking on suspicious links or entering information on unknown sources or websites, can help reduce the risk of sharing vital information. Some signs of risky URLs include hyphens, numbers, spelling mistakes and the “@” symbol.
12. Keep Passwords Secure
While it can be hard to keep track of passwords, ask employees not to write down their passwords anywhere near their workstations.
13. Use Locked Computer Screens
Computers should be set to lock quickly so when someone leaves their desk, their computers can’t be accessed easily. Cybercriminals often work within.
14. Have a Departing Employee Policy
Make sure you have a quick policy to change passwords when an employee leaves the company, whether it is on good terms or not.
15. Website Security
Today every business needs to know their website is secure. This is more important if you use your website for eCommerce or to collect any kind of information from your customers. Client data can be used for many crimes leading to dire consequences for your business or practice. Best website security practices include:
- Restrict access to a small group of employees
- Back up your system regularly using a separate location
- Always review logs regularly to look for suspicious activity
- Choose a web hosting service that has security to find and fix security threats and protect your website from possible disruption or security intrusion
- Always use generic business accounts for website contacts
16. Be Prepared
Having a plan in place to handle a compromised website or data breach is a must. Strategies include:
- Backup all files and folders that could be at the most risk in case of a data breach. This backup is then updated every day to ensure the most recent information is stored.
- Use a backup application that allows automatic and continuous backup to avoid employees forgetting to complete daily backups.
- Backups should be off-site at a secure location.
- Have emergency boot discs or USB sticks for system crashes.
- Test your backups
- Perform an annual system restoration “test” so that your backup plan is always ready in case of an event.
- Prepare communication for any outside impact to users, customers, clients, etc.
- Have professional liability insurance along with cyber insurance to cover costs related to data breaches or website compromises
17. Email Specific Security
You should have email specific security in place, including an effective spam filter to reduce the risk of cybercrimes. While you can tell employees to avoid clicking suspicious emails and attachments, they might not always be diligent. Also, enabling HTTPS encrypts data, so it is tough for cybercriminals to access the information.
If possible, assign emails based on generic departments or roles to avoid giving clues to employee names. If an employee thinks they received a suspicious email, make sure they don’t forward it to others to ask their opinion.
Today more than ever, companies of all sizes are vulnerable to the risks associated with cybercrimes. Having a plan to back up your data, protect your company information and maintain customer and staff privacy is critical. These tips will help protect your Alberta business from cybercriminals. However, if you would like to protect your company from possible liabilities, speak to our team today.
For more tips to keep your Alberta business cyber safe, call Bow Valley Insurance at 1-800-332-1308 or contact us here.
Coverage is subject to policy wording, terms, conditions, and deductibles. Protection is limited to the perils, coverage, exclusions, and limits shown on the policy.