How to protect data from cyber criminals

Given the affinity of cyber crooks to corporate information, securing corporate information should be on the minds of the management of all organisations.

Failure to protect your digital assets is akin to leaving the door to you house open and the safe full of valuables unsecured.

Businesses are often the target of technology-orchestrated crime, or cybersecurity, because many people naively think that they not prone to attack.

They therefore postpone putting into place measures that would insulate their digital information. Are you one of them?

The internet is a playground for both good and bad boys.

As more people become digital citizens, so are the online tricksters devising attack-tools.

Why then should anyone take a laissez-faire approach to digital security?

Here is a quick checklist of easily implementable measures to keep your corporate data hard for criminals to crack.

First, protect against viruses, spyware, and other malicious code.

Make sure each of your business’s computers are equipped with antivirus software and antispyware, and update regularly.

Make sure that your computer automatically updates the software any time an upgrade is available.

Second, if you have a Wi-Fi network, make sure it is secure and hidden.

To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the service set identifier (SSID). Password-protect access to the router.

Third, establish security practices and policies to protect sensitive information — policies on how employees should handle and protect personally identifiable information and other sensitive data.

Outline the consequences of violating your business’s cybersecurity policies.

Fourth, educate employees on cyber threats and hold them accountable.

Educate them on online threats and how to protect your business data.

Employees should be educated on how to post online in a way that does not reveal trade secrets or competing businesses.

Fifth, require employees to use strong passwords and to change them often.

Consider implementing multifactor authentication that requires additional information beyond a password to gain entry.

Sixth, make backup copies of important business data. Regularly backup the data on all computers.

Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud.

Seven, control physical access to computers and network components. Prevent access or use of business computers by unauthorised individuals.

Laptops can be easy targets for theft. Lock them up when unattended.

Make sure a separate user account is created for each employee and require strong passwords.

Administrative privileges should only be given to trusted IT staff and key personnel.

Eight, create a mobile device action plan. Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network.

Require users to password-protect their devices, encrypt their data, and install security apps.

Nine, establish physical security rules. Monitor and control who is entering your workplace.

Report broken doors, windows, and locks to your organisation’s or building’s security personnel as soon as possible.

Finally, employees should not shred or destroy documents that contain sensitive information.