“A lot of the cyberattacks that we have witnessed from our investigations, almost all of them could have been prevented by doing very basic cyber hygiene,” according to FBI Supervisory Special Agent Michael Sohn, “Unfortunately, the majority of those victims were small businesses.”
Only 14% of small businesses use basic cyber hygiene to protect their data, reputations, and money. In this post, we will explain what basic cyber hygiene means and what you can do to mitigate the risks.
What is Basic Cyber Hygiene?
Basic cyber hygiene is a small set of practices that help protect your business from cyber attacks. You have probably heard of most or all of these; they are the basics. But are you doing ALL of them?
- Keeping your software up to date: Ensure that your operating system, software, and applications are updated regularly. This is because outdated software can contain vulnerabilities that attackers can exploit.
- Using strong passwords: Use strong passwords that are difficult to guess, and avoid using the same password across multiple accounts. Consider using a password manager to securely store and manage your passwords.
- Regularly backing up your data: Backup your business data regularly, so you can quickly recover it in case of a cyber attack or other disaster.
- Educating your employees: Educate your employees on basic cyber hygiene practices, such as not clicking on suspicious links, avoiding downloading attachments from unknown sources, and reporting any suspicious activity immediately.
- Implementing multifactor authentication: Implement multifactor authentication on all your accounts. This adds an extra layer of security by requiring a second form of identification, such as a code sent to your phone or email.
Doing all of that? Great! You are in the top 15% of small businesses! Now, for a little extra security (since criminals are getting extra sophisticated) you can up your game with a few more risk reducers.
Conduct regular vulnerability scans: Conduct regular vulnerability scans to identify and address any vulnerabilities in your system.
Create a cybersecurity policy: Create a cybersecurity policy that outlines basic cyber hygiene practices and procedures for responding to cyber-attacks.
Limit access to sensitive data: Limit access to sensitive data to only those who need it, and ensure that they use strong passwords and follow basic cyber hygiene practices.
Basic cyber hygiene is critical to protecting your small business from cyber attacks. You do not want to meet a special FBI agent in the aftermath of an attack on your business.
Remember that cyber attacks can happen to anyone, so it’s essential to remain vigilant and stay up to date on the latest cyber threats and mitigation techniques.
Of course, there is a lot more you can do to protect your business, but practicing good cyber hygiene is a great start.