The FCC published ten tips promoting the cybersecurity of small businesses. Here is my Executive Summary including some added advice:
1. Train employees to follow key security practices (below) and explain the consequences of failing to follow them: Breach of client secrets, office disruption, stress, not to mention possible disciplinary action.
2. Use the latest in security software, MS Windows releases, and web browsers.
3. Check to see that a firewall is running on every computer.
4. If employees have access to firm email or documents on laptops, home computers, cellphones and tablets, require passwords and install security apps. Require immediate reporting of lost or stolen devices.
5. Run automatic, regular backups of files and data and store copies offsite and in a secure cloud.
6. Prevent outsiders from accessing your computers by using strong passwords not saved nearby on paper. Lock up laptops and mobile devices when unattended.
7. Use a strong password to secure your WiFi network. Consider hiding the network name from the public by disabling SSID broadcasting on your wireless access point.
8. If you accept credit cards, take special care when accessing your account and when processing payments.
9. Allow each employee access only to sensitive files and records that he or she needs.
10. Use LastPass or another highly reputable password service or program. That makes it convenient and efficient to create and use strong passwords for all of your web services and for accessing computers and backups. Use multifactor authentication (text, phone call, email) to protect access to sensitive services such as bank accounts.
Call us to beef up your defenses!
Wells H. Anderson, SecureMyFirm - 888.922.1120