Patch software in a timely manner
Software vendors regularly provide patches or updates to their products to correct security flaws and improve functionality. A good practice is to download and install these software updates as soon as they are available. It may be most efficient to configure software to install such updates automatically.
Make backup copies of important systems and data
Regularly backup the data from computers used by your business. Remember to apply the same security measures, such as encryption, to your backup data that you would apply to the original. In addition to automated backups, regularly backup sensitive business data to a storage device at a secondary location that is secure.
Pay close attention to your bank accounts and watch for unauthorized withdrawals
Put in additional controls, such as confirmation calls before financial transfers are authorized with the financial institution. In recent years, there has been an increase in unauthorized electronic transfers made from bank accounts held by businesses. Don’t forget about tablets and smartphones. Mobile devices can be a source of security challenges, especially if they hold confidential information or can access your business’s network.
Watch out for fraudulent transactions and bills
Scams can range from payments with a worthless check or a fake credit or debit card to fraudulent returns of merchandise.
To learn more about cybersecurity, visit the “ Stop. Think. Connect. Resource Guide” and click to download the Cybersecurity Guide .
Protect computers and networks
Install security and antivirus software that protects against malware, or malicious software, which can access a computer system without the owner’s consent for a variety of uses, including theft of information.
Require strong authentication
Ensure that employees and other users connecting to your network use strong user IDs and passwords for computers, mobile devices, and online accounts by using combinations of upper- and lower-case letters, numbers, and symbols that are hard to guess and changed regularly. Control access to data and computers and create user accounts for each employee. Take measures to limit access or use of business computers to authorized individuals.
Teach employees the basics
Establish security practices and policies for employees, such as appropriate Internet usage guidelines, and set expectations and consequences for policy violations.
Train employees to be careful where and how they connect to the Internet. Employees and third parties should only connect to your network using a trusted and secure connection.
Train employees about the dangers of suspicious emails
Employees need to be suspicious of unsolicited e-mails asking them to click on a link, open an attachment, or provide account information.