Cyber criminals find small businesses and startups more appealing because they are more vulnerable and prone to a security breach. Generally, they do not have the appropriate security tools, methods and security protocols in place like other bigger companies.
In 2017, the number of data breach incidents reported in the U.S. are up over 700% more than the numbers recorded in 2005.
Regardless of your company size, your business data is very important and there is need for cybersecurity measures to protect your data. Based on our research over the years in cybersecurity, we have listed below important measures a company must take to reduce the chances of a security breach.
1. Performing Rigorous Background Checks and Screening.
Although hacking can be done from an external network, a good number cyber breaches happened from internal sources. One needs to rigorously screen all potential employees, which includes the one’s being called over with references. Evaluation of their cybersecurity knowledge along with their browsing patterns is a must. They should also not have access to any company sensitive data until they are confirmed. You can monitor them until then for any suspicious activity.
2. Build a Disaster Recovery Site.
Any catastrophe can destroy your business and hence your data involved with it. This can cost your business a huge monetary loss and a damaged reputation.
Having a Disaster recovery site ensures that your business data is always safe irrespective of even an attack. Ransomware is being deployed across the globe at ever increasing rates. So it is not a matter of if you get hit, it is a matter of when…..Are you prepared today if you most critical server and information is locked down?
In today’s connected world, the cost of downtime is huge and gives an edge to your competitors when you are down.
3. Use Strong Passwords.
The majority of the hacks are because people still use very predictable passwords for even the most sensitive records, such as any banking account, wallet accounts, etc. Check this list of some of the worst possible passwords people used in 2016 to get an idea of a bad password. The general rule to create a complex password is to use a mixture numbers, letters and symbols of no less than eight characters.
Companies like Microsoft don’t recommend using personal information (like, birth date, year, name, etc.) in creating your password. Ask your employees to change their passwords regularly or at least every 90 days. This will help maximize global data security across your business.
4. Be careful with links.
One should never click a link received via email or IM if it is from an unknown or unauthenticated source. Even if it is from a known source, it should be verified by checking with the sender personally or over call. More often you would find out that their account has been hacked.
5. All Software’s should be up to date.
Hackers always find new ways to breach the security systems. This requires software companies to keep improving their products’ security measures.
If you are working with any major software package that hasn’t been updated in the past 6 months, it likely has already been compromised by someone and just a matter of time before they find your old version to compromise your system. Take advantage of the security updates your software vendors provide to protect your company’s data. Your data is as safe as their most recent software update.
If your systems are connected to the internet and you have employees who click on emails, you will never be able to completely prevent all intrusions. However, with just a few extra measures you can decrease the likelihood of a breach and hopefully, frustrate them enough to move on to the next target, plus you will be better prepared to recover from a breach if one occurs.
Cyber security is not a “maybe” for startups, it’s a “definitely”.
Are you a startup founder who’s dealing with cyber security issues?
We’d love to hear from you and see how we could help.