Commentary by Eric Anderson
Almost 2 billion data records around the world were lost or stolen through cyber attacks in 2017, and the trend seems to be increasing.
Following the hacks of large organizations like Yahoo!, Target, Uber and Equifax, even the assets and information of small- and medium-sized businesses are not safe. A company’s size does not make it immune to computer vulnerabilities. Thanks to the shrinking cost of data management, storage and services, cyber security is more manageable for businesses of any size.
Here are four simple measures companies can take to protect themselves, their customers and their employees.
Use a password manager
More than 30 percent of Americans use the same password for all of their accounts. Password managers such as LastPass, 1Password and Dashlane generate random passwords of up to 64 characters for users. Small business owners should assign access and responsibility to only necessary people and departments. Passwords, documents and files are securely managed and encrypted across multiple devices.
Watch the Wi-Fi
Coffeeshop Wi-Fi is convenient and easy to use, but it is often not secure. Experienced hackers can jump on a network and grab customer information and bank records without the user knowing. Similarly, viruses can be planted that are taken back to the small business network. Entire systems can be compromised.
The WannaCry Ransomeware and ILoveYou viruses have spread across millions of computers in a short period of time because people clicked on links in emails from “friends.” People make mistakes, but they make fewer mistakes with proper training. As part of new employee orientation, demonstrate best practices and policies to protect company assets.
Two factor authentication
Having a strong password is a good start. Make sure to also use two-factor authentication, or TFA, when possible. Social media and banking sites should require a password first. After users have passed this first level of security, the site or service will send a code to a pre-determined device such as a cellphone. Only after this code has been typed in will the user be granted access to the account.
These steps are just the starting point. Business owners don’t need a computer science degree or coding certification to protect themselves and their data. However, they are responsible for taking the necessary steps to secure company assets and information from prying eyes.
Eric Anderson is the Chief Geek and training director for Scientifically Speaking, where he makes technology easy to use, personally and professionally. He is a native of Carmel, where he lives with his wife and three daughters.