By Bill Carey, Vice President of Marketing & Business Development, Siber Systems Inc.
It seems like every week brings another report of a cyber attack that compromises business data. Cybercrime is a growing problem worldwide, and although media coverage generally focuses on data breaches that occur at large corporations or government agencies, small businesses and entrepreneurial ventures are also vulnerable.
That’s why preparing ahead of time is a good idea for small business owners and leaders of new startups. Here are three tips that can help you avoid data loss:
1. Educate your employees.
Many data breaches originate when an employee account is hacked, and passwords are a major entryway for cyber thieves. Passwords are compromised on the job in the same way they are for employees’ personal accounts – often through the use of weak passwords that contain information that is easily available on social media sites, such as birthdays, children’s names, etc.
Increase cybercrime awareness at your company by providing employees with the information and tools they need to reduce vulnerability. Consider online training modules or tips that can help your staff improve password strength. There are a number of techniques employees can adopt to make passwords easy to remember but hard to guess, such as using numbers that resemble letters in the password, e.g., “9” for “g” or “1” for “l,” etc. Remember: passwords that are longer than six characters and those that contain both upper and lowercase letters and numbers are significantly stronger than short, all-lowercase, all-alphabetical passwords.
2. Develop formal policies and hold employees accountable.
All the training in the world won’t help if employees don’t adopt better password and data security habits in their daily operations. Consider putting a formal cyber security policy in place. Specify best practices that you expect employees to follow, such as using strong passwords, logging off of unattended PCs, placing secure passwords on mobile devices, etc.
Once you have a cyber security policy in place, it’s a good idea to go over it with current employees and new hires and obtain a signature to indicate that they have reviewed and understood the policy. This documentation can be kept in employee files, and the fact that you’ve reviewed the policy with them and collected their signature can significantly improve awareness and inspire employees to adopt safer online security practices.
3. Get managers on board.
One of the best ways to build momentum for positive organizational change of any type is to create consensus with the management team and let them lead by example. If employees see that managers view cyber security as a critical issue, they will be more likely to remain aware of the problem and comply with company policies.
It may be a good idea to prep your management team prior to rolling out the general company policy on cyber security. That way, managers can serve as effective advocates for the change.
Toward a Stronger Cyber Security Posture
Hackers can cause havoc for your small business or entrepreneurial venture, compromising business data, stealing intellectual property and destroying client trust. A proactive cyber security program is your best defense against the growing threat of a data breach. By educating employees, creating policies and accountability and building consensus on the management team, you can protect your company from cyber attacks.
You may also want to consider investing in a password management system to ensure that employees maintain access to vital online information without the risk of using vulnerable passwords. A small investment in time or money on the front end can pay major dividends if it prevents your business from falling prey to hackers.
Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager solution. Find out more about RoboForm at http://www.roboform.com/.