23 Mar Cyber Security in your small business – Tools and tips
In the previous blogs in the series, we have explored the ways in which cybercriminals attack your systems and some of the fundamentals you need to implement to ensure the best possible cyber security infrastructure for your business. In the last blog of the series, we will explore some lesser-known tools and methods to help you achieve cyber security.
Cyber security tools and tips
Password management applications – Keeper
Keeper is a password manager application and digital vault created by Keeper Security that stores website passwords, financial information and other sensitive documents using 256-bit AES encryption, zero-knowledge architecture, and two-factor authentication.
Keeper creates random, high-strength passwords for all websites and applications that employees use and then stores them in a secure vault on all employees’ devices. Each employee gets a private, encrypted vault for storing and managing their passwords, credentials, files, and private client data.
Keeper also saves employees’ time, reduces frustration and eliminates the need for them to reset, reuse, and remember passwords. It also offers strict and customisable role-based access controls, 2FA, usage auditing, and even provides industry compliance with SOC, HIPAA, DPA, FINRA, GDPR, and many more.
In short, Keeper secures your business passwords to prevent data breaches, improve employee productivity, and meet compliance standards. It will ease your security concerns around passwords permanently.
Education and training
The most important step of all is education and training – if you educate your employees to a good standard on the steps they can take to protect themselves when working online, then the technological tools will be used in the correct way to ensure maximum effect. Uneducated employees can hinder even the best technological tools by accident or sheer stupidity when using them.
Implement an effective company IT policy
An effective company policy surrounding IT is essential, no matter if you have a small office of 10 people or are multinational and employ thousands of people worldwide. The policy can literally act as a rule book (a list of do’s and don’ts if you will) to guide your employees to a way of working that not only is as secure as possible, but also guarantees the most effective use of the tools available. Your IT policy should include the following:
- Acceptable use – detailing the circumstances under which corporate IT resources are given permission to be used. You don’t want employees logging on from anywhere anytime without you knowing, so keeping your IT systems and employees under control is essential.
- Confidential data – defining which information the company deems to be sensitive and explaining how it should be handled.
- Network access – explaining to employees and guests what procedures exist around device passwords, firewalls, networked hardware, and wireless network usage, as well as covering what needs to be done to ensure security when connecting mobile devices.
- Passwords – make sure that all members of staff are adhering to consistent standards when it comes to selecting robust, confidential passwords that cannot be easily guessed. This, along with the use of a password management system (such as Keeper), will set you up for being almost airtight when it comes to your passwords.
- Physical security – defining a policy for how physical devices are handled and transported, and guarding against common risks. It is common for company devices to be lost on public transport, for example – unfortunately, this is a problem that could have severe derogatory effects on the business.
- Incident response – providing a step-by-step guide for everyone within the organisation to follow in the event that a breach does occur, with a focus on alerting the relevant parties, minimising the impact on network and data integrity, and recovering as quickly as possible.
Accompanying your new improved IT policy should be a rigorous training initiative for everyone in the organisation that goes for everyone from the highest-ranking members to the frontline workers. By doing this, you know that they understand the procedures and principles thoroughly, and means you can present a cyber safe, confidential image of your organisation to all clients (both potential and existing). As the old saying goes ‘you are only as strong as your weakest link’ and that is no different for your cyber security.
Cyber Security for your business with Urban
Do you want your business to be protected to the best possible standard? Do you want a provider that monitors your systems regularly to ensure that a high standard of security is maintained at all times? Look no further than Urban Network! Our team of experts add layers of additional security to whatever existing measures you have in place. We will liaise with you to ensure that there are comprehensive policies in place for password control, access control, network housekeeping, and, importantly, remote access and BYOD policies. We can look at the current implementations of any facet of your network and give advice on industry best practices to ensure your business is sufficiently covering your risk. Contact us now to find out how we can help you!