Subscribe to our blog for all the latest news, updates, and events from MMA and our partners
Subscribe
You have locks on the doors and windows, but chances are, you're letting your company's cyber security fall by the wayside.
When it comes to protecting your company's private information and your employees' and customers' personal data, there are many ways that cyber crimes can affect you. While many business owners and managers would rather outsource anything tech to the IT department and forget about it, staying ahead of trends in cyber security may just save your company's reputation.
You barely have to wait a day before hearing about some new cyber security breach of a major company, like Equifax (143 million Americans' data), Uber (57 million users' data) and Dropbox (details for 68.6 million accounts stolen), or a major government institution like the SEC where the full extent of the damage is still to be determined.
But know this: you don't have to be big to be hacked. Data shows that in 2016, small businesses were the victim of cyber attacks 61% of the time, a number that was up from 53% in 2015.
So what should you look to lock up better at your company? Here's a quick rundown:
Implementing a rigorous password protocol might just be the easiest way to slam the door on cyber hackers who try to get into your employees' email, files, computers, or even thumb drives. You can have your IT department set protocols to expire passwords on a regular basis, and to prevent the use of some of the perennial "worst passwords" that get used, like (believe it or not) "password" or "12345."
"LastPass recently released a report in conjunction with market research agency Ovum on "Closing the Password Security Gap," writes Rob Marvin in PC Mag. "The report surveyed 355 IT executives and 550 corporate employees. Among the findings were that 61% of IT execs rely exclusively on employee education to enforce strong passwords. The report also found that four in 10 companies still rely on entirely manual processes to manage user passwords for cloud apps. Kaplan said the biggest problem for businesses is having an ineffective security approach to how employees work nowadays."
Most password "hacks" aren't hacks at all, they're guesses that you've picked a password that's easily figured out, says Kyle Bruckner, Managing Director of Technology at MMA.
Some of Bruckner's tips to make all your passwords secure include:
Bruckner also has tips for creating passwords that can't be cracked by even the savviest of hacking software:
All those apps on your employees' phones and computers need updating to fix bugs, but they also get updated to apply patches to close up holes that cyber criminals might pass through to get into company email, files and more. Encourage employees to keep their personal devices updated, especially if they're not company issue.
You hear all the time about "that one employee" who made a bad judgment call and clicked on a phishing link or lost their laptop in a taxi out of town.
For example, "in 2015, thousands of patients had their personal health data compromised when a former University of Oklahoma physician’s laptop was stolen." Writes Alvaro Hoyos at HRPS. "The university was unable to ascertain the extent of the damage or determine exactly what information was on the employee’s laptop. Exacerbating the problem further, the university was unaware the former employee had taken any patient information with him until after the theft was reported."
You can and should educate employees on their role in keeping your business safe. From having a secure laptop password and physically protecting electronics like phones and thumb drives to not sharing access to unauthorized personnel or passing personal information on unsecure or unreliable methods like email, you want to keep everyone aware of their role as a gatekeeper to your business.
Our 2018 RiscoveryTM Insights Report concluded that 70% of those surveyed were at least minimally concerned that their company is at risk for a cyber threat or security breach. But out of those surveyed, 62% do not have a written risk management plan in place in the event of a cyber attack.
Make sure your IT department, web developers and any company hosting data outside your business work together to keep ahead of potential threats, keep software and anti-virus programs up-to-date and maintain a clear level of communication with employees so that no one person or group can put the company at risk.
Cyber security insurance protects not only your business, but everything that your company touches with its digital footprint, from employee social security numbers to customers' credit card numbers.
"As you and your company evaluate your risk and exposure to cyberattacks and data theft, remember that there is no avoiding the impact that this new threat has on all businesses of any size," writes Ryan Bradley at Forbes. "Do not fret, however: There are great resources at your disposal and an army of experienced professionals waiting to lend a hand along the way."
Subscribe to our blog for all the latest news, updates, and events from MMA and our partners
Subscribe
Copyright © 2024 Marsh & McLennan Agency LLC., All Rights Reserved.