We thought with another lockdown or lockdowns (who knows by the time this is published!) and with you and your team back working from home and remote working environments, it is a good time to review your cybersecurity.
The reality is any business is exposed in the current environment and we are seeing more and more intrusions of a cyber nature for clients and in the media and a greater degree of skill being applied by criminals.
Here are some basic and non-exhaustive cybersecurity tips to help you combat cyber-attacks:
1. Conduct a security risk assessment. Understand the critical threats to your business, such as system failures, natural disasters, together with malicious actions, and determine the possible impact they have on your business. You should conduct regular security assessments, especially those businesses that have client records or must adhere to certain standards and regulations. Regular assessments help you understand your current security measures and help you adjust the level of security your business needs.
2. Train your employees. Make your employees aware of the risks; train and keep them up to date on common scams and avoidance techniques. Because threats constantly evolve, you must frequently review and update your training to ensure it is current.
3. Use multiple layers of protection. Implement a password policy that requires strong passwords, that are regularly updated and changed; ensure you have a firewall, VPN, and antivirus technologies to ensure your network and endpoints are not exposed to attacks. Implement Multi- Factor authentication, and hard drive encryption.
4. Keep software up to date. Unpatched and out-of-date software allow breaches to your security. Cybercriminals exploit software and vulnerable businesses using a variety of tactics to gain access to your computers and data. Don’t forget to keep your cell phones security up to date as well.
5. Create cybersecurity policies for your team. Write and distribute clear rules and instructions on cybersecurity best practice for your team. This may change from business to business, but you may consider policies on social media use, bring your own device (BYOD), authentication requirements, and such.
6. Back up your data. Daily (or more frequently) backups are a requirement to recover your data from any form of loss or corruption, or security breaches. There are many types of backups, tape, disk, cloud, on site, and offsite; it pays to have several, so if one fails another has it covered. Remember it's not just the backing up of data that is important, it’s the ability and speed of data retrieval as well for many businesses, as downtime can significantly impact your business’ ability to generate income.
7. Know where your data is. The more places you spread data, the greater the risk that unauthorized people will have access to it. Therefore try to limit the spread of your data and ensure when it is in multiple places you have good security practices for all of it.
8. Control access to computers and devices. Each access point creates an individual risk, so limit access to specific data your team needs to perform their jobs. Plus, keep administrative rights restricted to highly trusted team members with the skills and security awareness to keep your business safe.
Disclaimer – While all care has been taken, Johnston Associates Chartered Accountants Ltd and its staff accept no liability for the content of this article; always see your professional advisor before taking any action that you are unsure about.
JOHNSTON ASSOCIATES, 202 Ponsonby Road, T: 09 361 6701, www.jacal.co.nz
#ponsonbynews #iloveponsonby #ponsonby #auckland #aucklandshippestrip #onlyponsonby #ponsonbyroad #Greylynn #freemansbay #westmere #ponsonby #hernebay #stmarysbay #archhill #family #friends #coxsbay #johnstonassociates #cybersecurity