4 Cyber Security Mistakes Commonly Made by Small Businesses
Bad habits can be hard to break, and that’s especially true when it comes to small businesses and cyber security. After all, it’s easy to think “that will never happen to me,” and let things slide that end up creating real security concerns.
Here are a few common business cyber security errors you should avoid:
1. The Post-It notes full of passwords.
Take a walk around the office. Most likely, you’ll find at least a few desks with Post-It notes full of passwords stuck to the bottom of a computer monitor. Yes, it’s convenient, but it also provides easy access to sensitive information to people who shouldn’t have it—like disgruntled employees or a thief during a break-in.
The Fix: Explain to your employees why this is a bad idea, and give them some ideas on how manage passwords safely.
2. Out-dated operating systems.
Technology is an important part of every small business, but it’s often not a priority. That’s how things like updating operating systems slip through the cracks or get ignored until they become a serious cyber security threat. For example, do you still have systems running on Windows XP or Windows Server 2003? If you do, that creates a serious security vulnerability.
The Fix: If you’re running outdated operating systems, it’s time to transition to something more secure. As a managed IT service provider, Pros 4 Technology can help you execute a migration like this, and you can also have us take care of updates and patches going forward so you can make sure it gets done. We can identify outdated software and systems, as well as many other potential security threats during a no-cost audit of your business network.
3. Security software that never gets updated.
Do you think your business is secure because you invested in a firewall or installed antivirus software on your machines? That’s a great start, but if you didn’t take the next step and pay for subscriptions or updates to go with it, you aren’t nearly as secure as you think.
The Fix: Find out if you have the subscriptions and updates you need to keep your firewall and antivirus software as secure as possible. If you don’t, you need to get those in place as soon as possible. Consider signing on for managed IT services that include overseeing these types of updates going forward.
4. Old employees still have access.
Lax password policies and passwords that don’t expire create another security concern for SMBs. If you don’t set passwords to expire regularly, there’s a good chance a number of former employees still have access to your system. That doesn’t necessarily mean any of them will do something malicious, but why take the risk?
The Fix: Set up a solid password policy, and have passwords expire every 90 days. Yes, employees might think it’s a hassle at first, but the improved security will be worth it. While you’re at it, teach your employees the best practices for choosing a strong password that’s easy to remember but hard to guess.
Using strong passwords is one of the easiest things you can do to help keep your data secure. While choosing an obvious phrase makes it easy to remember, it also makes it easier to guess. And there’s nothing easy about regaining control over compromised data.
Here are a few key tips on what to avoid when choosing a password:
- Avoid a sequence such as “qwertyuiop,” which is the top row of letters on a standard keyboard, or “1qaz2wsx,” which comprises the first two ‘columns’ of numbers and letters on a keyboard.
- Don’t use a favorite sport or sports team as your password.
- Don’t use your birthday or especially just your birth year. You should also avoid passwords that are just numbers.
- Avoid using first names as passwords. Names of friends and family are particularly vulnerable.
- Stay away from swear words and phrases, hobbies, famous athletes, car brands, and film names, which are all widely used passwords as well.
- Avoid password reuse. If a hacker gains access to one of your accounts and all (or most) of them use the same password, you’re in trouble.
What if the worst does happen, and you experience a network security breach? With an automated, scheduled system backup you can ensure that you never lose your data. We can help you identify the source of the breach and prevent it from happening again.
Source: Intronis Industry and Tech Blog, April 22, 2015. Reprinted with permission.