January marks the beginning and celebration of many things, including Data Privacy Day.
This international effort, led by the National Cyber Security Alliance (NCSA), aims to empower individuals and businesses with the resources they need to maintain privacy, safeguard data and enable trust.
At Right Networks, we are laser-focused on protecting our customers’ data, and each member of our staff contributes to its defense. Regular security awareness training, diligent application and software vetting processes, and continued dialogue with our IT security team are our proverbial weapons. And implementing these practices is how we’ve been able to foster our security-first culture.
In celebration of Data Privacy Day, we’re sharing some security best practices that any type of business can benefit from.
Keep reading to discover what they are—and don’t forget to pass along this article to your colleagues!
How IT professionals can secure their technology infrastructure.
According to Verizon’s Data Breach Investigation Report:
43 percent of breach victims were small and medium businesses in 2020
Let’s see that number go down in 2021. Here are a few ways you can secure your IT infrastructure:
Secure your server(s).
- Set up firewalls
- Limit access points to only essential personnel
- Penetrate test, regularly
Lock down email.
Educate staff on common phishing tactics.
Run anti-virus software that scans users’ email for viruses and dangerous links. And, make it simple and safe for your staff to report suspicious emails.
Don’t skimp on security.
Invest in software that will help maintain data privacy. Ensure the program you choose will detect potential threats to your system and eradicate them.
Implement two-factor authentication.
Right Networks offers Duo in our QuickBooks Desktop hosting packages to further protect our customers’ data. We believe in the product so much that we’ve implemented it for our employees, too. The simple and effective method ensures that data and information can only be accessed by the user who is supposed to be accessing it.
You can read more about the importance of multi-factor authentication in our eBook, Secure Access: Granted.
Update your policies annually (at least.)
Security policies should be updated annually … unless there’s a major world event that forces nearly everyone to work from home. And policies should be updated quickly to address these (albeit rare) circumstances. These days, every business should have rules and best practices that speak to maintaining data privacy at work, and at home.
Have a plan if you are hacked.
Keep backups of data offsite in case you’re hacked so you can upload your data and get up and running again quickly.
How employees can prioritize cybersecurity.
Keeping data secure begins at the user level. According to the Verizon report:
33 percent of successful breaches involved phishing or social engineering in 2020
With a little education, we believe most of these breaches would’ve been unsuccessful. Make sure you’re taking the required security awareness training your IT department sends out (and pay attention to it!).
Change your password frequently.
Passwords should be complicated and changed often. If you have a difficult time remembering passwords, try using a password management system. This article by PCmag.com lists the top 11 password managers to use in 2021.
Don’t trust anything without taking a closer look.
CONSTANT VIGILANCE. I’m 100 percent serious. Once in a while, a malicious email may slip through even the best security programs. Be on the lookout for these red flags:
- The email is from a colleague you rarely talk to
- The email is riddled with grammatical and/or spelling errors
- The sender’s email domain is something other than your company name. Pay extra close attention to this one, as sometimes hackers will snag a domain that’s indistinguishable from the one you’re used to at first glance, for example: @rightnetworks.com vs. @rlghtnetworks.com
- The email is asking you to do something, for example: buy gift cards for vendors
- The email implies urgency
The most important security lesson of all.
Maintaining data privacy is the responsibility of every employee, regardless of their title.
Next Data Privacy Day, we hope to be sharing a lower breach statistic. By following the tips included above (and leveraging cloud technology to make maintaining your business’s data even easier) we believe we can.