Cybersecurity 101: Here Are 5 Things You Can Do Now to Protect Your Information Systems

Cybersecurity is a very important topic that must be considered because it affects pretty much everyone; companies and individuals.

For individuals, I think it is safe to say that, whether we like it or not, technology has taken over our lives. Nowadays, instead of getting dressed and going to the store to shop, we simply pull out our phones or laptops or tablets (or whatever else) and make that purchase from the comfort of our bed.

Who cares if your hair looks good or if you’ve even showered. No one needs to know anymore!

Just think about all the transactions that can be done electronically; opening bank accounts, purchasing insurance, even applying for citizenship.

This opens us up to cyber threats that could lead to loss of data, identity theft, or more. Also, think about all the additional data you provide to companies when you reluctantly decide to visit their brick-and-mortar location (maybe because you’re not able to purchase the item online). That’s a lot of data!

Now, companies experience a similar challenge but to a much larger extent simply because they are entrusted with that large volume of personal data entrusted to them by employees, vendors, customers, etc. A breach in their information systems could be a very catastrophic event.

For these reasons and more, cybersecurity has gained increasing importance and it is imperative that management continue to take it seriously. Of course, to manage a problem, you first need to understand it by determining the root cause.

How was a third party able to penetrate my system and, therefore, how can I minimize the risk of that event happening again? These are critical questions to ask, and I’m sure that companies such as Equifax, Best Buy and Sears wondered the same.

As you can imagine, cybersecurity is a broad topic, hence there are a multitude of measures that can be put in place to protect the data you hold. However, for those of you that would like to know some simple ways to go about doing so, check out the 5 suggestions below that can be put in place right now:

1. Employee Awareness:

In my opinion, employees are the first line of defense for any organization. They can either be the ones that click the unscrupulous link in their email, exposing company data, or they could be the ones to report suspicious activity, protecting others.

Therefore, apart from training your employees on what to look out for, creating a “cybersecurity conscious” culture is just as important. This allows employees to constantly consider the risks associated with their actions.

The disclaimer here though is that this might not always be effective since there is no guarantee that employees will do the right thing. Also, there could be disgruntled employees that wish the company harm, no matter what. And finally, employees might not be able to identify all cyber threats due to its evolving nature.

2. Implement Passwords, PINs, Encryption, and System Authentication

Having a password is a well-known and expected control, but just having a password isn’t enough. Are employees encouraged to create strong passwords (alpha-numeric, with symbols, etc.)? Do they get a mandatory prompt to change it periodically?

Furthermore, companies will need to account for remote employees and/or employees that can conduct work on their own devices (bring your own technology).

In these cases, it is suggested that a robust system authentication is employed as well as encryption and Personal Identification Numbers (typically for mobile phones).

You can work with your IT department (or IT person) to sort these out.

3. Invest in reliable anti-virus software.

This tip is pretty straight forward. An anti-virus helps the company to protect data by identifying threats, preventing them from attacking your system, where possible, and removing them.

4. Continuous Backup of Data.

Have you ever started writing a research paper or report and, for some reason, the data are lost because you didn’t hit save? How did you feel knowing that all your hard work was gone? Imagine this happening to a company like Amazon. Can you appreciate how critical this could be to business continuity? I think you get the point. Nowadays, backups can be done right away, so get it done.

4. Just Be Aware

This tip is often overlooked because it is so simple, but it is important to be aware of all the data that you hold. After all, how will you know that the data are missing or corrupted if you didn’t know you even had it? Pay attention.

***BONUS TIP***

6. Employ an Ethical Hacker

If you happen to have the resources, you could also consider recruiting an ethical hacker to intentionally hack into your system with the objective of identifying and reporting weaknesses to management.