12 Best Practices to Manage Cyber Attacks

12 Best Practices to Manage Cyber Attacks

July 29, 2013 by Andrew Rogerson in Andrew's Money 2.0 radio show, Management and Planning

Chuck Ashman is the founder and Executive Producer of Business Matchmaking. He was my guest on my radio show, 105.5FM and Money 2.0 and and came to talk about Cyber Security and how it affects businesses.

Every day there seems to be another story about stolen credit card numbers, someone spying electronically on someone else, data being hacked, passwords being stolen and so it goes on.

In early June, 2013 the FBI, the U.S. Attorney’s Office as well as a local law enforcement agency gave a presentation in West Sacramento on the steps a small business owner can take to protect their important and sensitive information. Based on the material given at this event, there are an increasing number of cyber attacks hitting small businesses and the data that’s being stolen is not just credit card information. It includes customer data, financial records, private information, employee personal data, intellectual property and more. If you would like more information, here’s a link to a 6 page report that is a survey conducted of small businesses by Symantec.

Now that we know the problem, what can be done about it?

The answer comes in an 8 page document also put together by Symantec called Small Business Protection Guide.

Here are 12 best practices.

1. Close security gaps. This includes how laptops are handled when travelling and computer networks when working with contractors and visitors.
2. Integrate defenses including the use of antivirus software, firewalls, using encryption when travelling and more.
3. Patch software or software updates are regularly released by software vendors. Quickly apply these updates to get the protection the patch is offering.
4. Update virus definitions. Once again, common sense dictates keeping the security software you use up to date.
5. Alert employees about opening attachments or clicking links from unknown email senders…and what they should do if they were not alert enough.
6. Research file sharing services to make sure they don’t install malicious code automatically.
7. Strengthen passwords. The need to use a password has become outdated due to the number of websites that require them. Until a better solution comes along, create a convention that mix letters and numbers so passwords can be changed often.
8. Data security and integrity is critical. Create processes and procedures to back up data and automate as much as you can.
9. The cost to store data has dropped considerably. Not only back up data but back up the complete system including the operating system, applications, configurations and settings.
10. Doing backups and storing them at the business is good but getting a copy off site is better. This can be done with physical backups or using an online service. This is how you protect yourself from fire, flood, vandalism, sabotage and other disasters. We call them disasters for good reason.
11. How do you know your backups work? Very simple – test them. Don’t have time or not sure how to do it? It’s your data so there are no excuses.
12. Overwhelmed with so much to do? Get help. Find a local IT partner who you trust and knows what they are doing. Costs are very reasonable when you consider the importance of what you are doing. If you think insurance is a good idea; so is this.

All this information comes from Business Matchmaking which is a not-for-profit public/private initiative in partnership with the SBA and Hewlett Packard.

If you would like to hear my conversation with Chuck Ashman, please click this link. Chuck is the second guest and my conversation starts about 28 minutes into the show.