Jan 08
How to protect yourself and combat hackers if you own a business
January 08, 2018
As the owner of a small or medium-sized company, you probably have invested a lot in the physical security of your work space. But there is another kind of threat that could be right in the middle of your operation.
Cyber attacks on small and medium-sized companies are increasingly common. In fact, 43% of all cyber attacks are aimed at small businesses, according to a study by the company Symantec.
When a hacker attacks a small or medium-sized company, it is usually to steal sensitive data (such as information on credit cards or personal information that can be used for identity theft), to access the resources of a specific system (such as a directory) or to demand payment in exchange for encrypted information (what is known as ransomware), according to a white paper by the SANS Institute.
As if the day-to-day challenges of operating your business were not enough, now you must also consider these forms of attacks, which can be attempted through phishing (usually via e-mail), social engineering and web-based attacks to insert a malicious code. But there is a way to be proactive in the face of this uncertain landscape. The first thing you must do is a risk analysis to identify your business’s assets and resources, because the criminals probably also consider them valuable, said Jose Arroyo Cruz, vice president of Obsidis Consortia Org and cyber operator for the National Guard. Once you determine what you need to safeguard, you can outline a plan for preventive measures to take.
- Establish rules on appropriate use of technology with your working team
- Determine which programs can be downloaded or accessed from the work computer and which ones cannot.
- Use strong passwords that are different for each service.
- Do not open unknown e-mails, messages, posts or attached files.
- Do not use personal pen drives or hard drives at work.
- Install and periodically update anti-virus programs
- Develop safe practices for managing confidential information
- Customer payment card transactions.
- Customer addresses and e-mail addresses.
- Customer service information.
- Medical records on patients or employees.
- Employee payroll records.
- Personal financial statements and business records.
- Marketing plans.
- Product designs and development plans.
- Legal, fiscal and financial correspondence.
- Protect the networks from intrusion by third parties
- Establish a schedule of backups