The world is filled with scammers and hackers who would be happy to breach your networks and computers and help themselves to your data and identity. In Forbes, Dana Miranda explains some things you can do in 2024 to increase your security online. She writes:
Internet Safety Dos
1. Do: Implement Strong Security Measures
Establish robust security measures on your computers and other tools, such as firewalls, encryption protocols and intrusion detection systems, to protect company data.
2. Do: Encourage and Enforce Cybersecurity Among Employees
If you have employees or contractors working with sensitive company information on-site or remotely, encourage awareness of cybersecurity measures in their day-to-day work. Determine protocols they need to adhere to, such as avoiding public Wi-Fi or installing proper antivirus software.
3. Do: Regularly Update Software and Security Systems
Computer software updates might feel like a nuisance or a time suck when you’ve got a day packed with meetings and a mile-long to-do list. But it’s worth it to give your computer a few minutes to update when it needs it. Updates often contain security patches that address vulnerabilities and weaknesses to protect against newly discovered threats.
4. Do: Use a VPN
A VPN, or virtual private network, is a service that encrypts your activity on the internet and keeps your identity hidden while browsing. Choose a VPN for your business, and encourage or require employees to use it for online work.
5. Do: Use Strong Passwords
Show employees how to create strong, unique passwords for their work accounts, and implement a password policy that enforces complexity requirements (e.g., number of characters, numbers, capital letters and special characters required). You can also set up two-factor authentication (2FA) on your company accounts to require an extra step, usually an email or text verification, to sign in to anything. Use a password manager to monitor and share encrypted passwords among employees, and don’t allow employees to save login information on their browsers.
6. Do: Educate Employees About Cybersecurity
Employees should understand their role in maintaining the security of the business. Conduct regular training and awareness programs to educate employees about safe online practices, recognizing phishing attempts, avoiding suspicious links or downloads, and using secure methods for sharing sensitive information.
7. Do: Regular Data Backups
Work with your developers or data scientists to develop a robust and consistent data backup strategy so your company’s vital information is regularly backed up and can be restored in case of data loss or a ransomware attack.
8. Do: Follow the Principle of ‘Least Privilege’
Set up access controls on any company systems, and grant employees access according to the principle of “least privilege”: Provide each person only the access necessary for their specific roles. Regularly review and revoke access privileges when employees change roles or leave the company.
Internet Safety Don’ts
1. Don’t: Use Weak, Repeated or Default Passwords
Implement and enforce a policy for password complexity to ensure employees don’t use weak passwords on company systems or use a single password repeatedly across applications. Also, avoid using default passwords for their systems, devices and online accounts, as these are widely known and easily exploited.
2. Don’t: Ignore or Delay Software Updates
When a computer or other company system calls for an update, let it update right away. If you have the option, set systems to update automatically overnight or during other slow periods, so you don’t risk missing vital security updates and patches.
3. Don’t: Work on Public Wi-Fi
Employees should understand the risks of public Wi-Fi, such as networks at coffee shops, libraries and airports. If you have remote workers, implement and enforce a Wi-Fi policy to ensure employees only work on secure Wi-Fi networks or use a VPN when accessing the internet through vulnerable public networks.
4. Don’t: Rely on Antivirus Software
Businesses shouldn’t rely solely on reactive security measures, like antivirus software. While antivirus software is one essential part of your cybersecurity plan, it won’t protect against all threats. Proactive measures, such as regular security assessments, vulnerability scanning and employee training, will ensure a comprehensive security strategy.
Action Line: Be proactive about your online security. Click here to subscribe to my free monthly Survive & Thrive letter.
