You Can’t Afford to Ignore Cyber Security

  • Share:
February 19, 2018

Once you're a member, your LegalShield team is constantly providing useful information. From the latest IDShield’s informational pieces:

"The number of cyber-attacks against small businesses has more than doubled in the past 5 years. Small businesses are often targeted because many lack critical IT security policies and procedures, which larger organizations have in place. You have a duty to your business and your clients to understand the threats and find ways to reduce and manage risk.

Examining your existing IT policies and practices will help you uncover your vulnerabilities and develop a plan to make your business more secure.
• Understand the risks.  Attacks come in many forms, such as viruses, malware, cyber extortion and data theft. Employees at every level of your business must know how to recognize common signs of spam emails or spear phishing techniques used to gain access through an individual user. Cyber extortion, often in the form of ransomware, holds information or systems hostage in exchange for payment. Data thieves will steal client information for use in identity theft rings or other criminal activity. Leaving client data unprotected is particularly bad for business. While losing a customer’s data would likely mean losing their business, depending on the nature of the loss, the client may also seek damages from you in court.

• Set a secure password policy. Your business is only as secure as your weakest password. Passwords such as 1234 or password leave access to your network wide open. Passwords should be at least 8 characters and include numbers, letters and special characters. Never share or use company-wide passwords. Do not use your name or birthday as part of your password as these may be easily accessible online. You should also require password updates at least every 90 days.

• Utilize security tools. Protect your network with a firewall, which will block any unauthorized access. Use a virtual private network (VPN) to secure your network. Use encryption software to protect data traveling outside of your network. Install antivirus programs on all computers and update them frequently to prevent the latest viruses and malware.

• Install critical security updates in a timely manner. You should complete software updates in a timely manner. Hackers are constantly looking for software vulnerabilities. Software developers, in turn, create updates to fix those vulnerabilities. Failing to update your software is like leaving your door wide open to cyber criminals.

• Do not forget to secure smartphones. For many small business owners and employees, the smartphone is a vital piece of workplace equipment. It is important to treat security on your smartphone as you would on a desktop at work. Use encryption software, follow password policies, install updates and backup your data.

• Back up everything. It is vital that you back up your data. Having an offsite backup service will help shorten recovery time from a cyber-attack or other IT disaster. Consult a trusted IT professional about the best options for your business. There are now many cloud based backup services that can sync your data daily. This will speed up the recovery process if your data is damaged or corrupted as a result of an attack.

• Have a written policy and update it as needed. A cyber security plan should set clear and concise ground rules for your employees and managers. The FCC offers a helpful online tool that allows you to develop a customized cyber security plan for your small business. You can access the FCC Small Biz Cyber Planner 2.0 at www.fcc.gov/cyberplanner. Provide all of your employees with a copy of your policy and have them sign an acknowledgement that they received, read and understand the policy. Make sure employees feel comfortable reporting potential vulnerabilities and asking questions.

• Consider cyber security insurance. Not everyone needs cyber security insurance but it may be worth investigating depending on your business. Talk to your broker to find out what cyber security options are available for your business. If you need assistance reviewing the terms and conditions of a policy, call your LegalShield provider law firm."

Contact:
Phil Liso, Contact
(562) 322-7376