Criminals are capable of hacking into your network with a wide variety of tools. There are sites on the dark web that sell ransomware; the bad actors simply buy it, install it, and launch it on the organization of their choice. With the new business model using some form of a remote workforce, the stakes have never been higher. Reopening East Texas business? Check out these East Texas cybersecurity safety tips to help you level the playing field.
1. Use Strong Passwords and a Password Manager
Julie F. owns a flower shop in Fort Worth, Texas. She has accounts with many different vendors, and used a simple, easy to remember password for them all. “I couldn’t remember every single one, so I changed them into one password.” Julie didn’t think twice when she clicked on a link that was allegedly sent from a local nursery. Julie explains, “It was an attachment that promised huge savings on roses, and with Valentine’s day around the corner, I didn’t think about it.” She entered her password and was surprised when the link appeared to be broken. “I still didn’t think anything of it,” she said. Julie had no idea that a hacker had gained access to all her vendor information, finances, and customer databases until she noticed her network was running slower than normal. “Around that time, I also began receiving complaints from customers about receiving strange charges on their accounts.” She called her IT representative who confirmed that she had been breached.
“I learned my lesson,” Julie admits. “I changed all my passwords and I use a password manager to keep track of them all. I also change the passwords routinely as an extra layer of security.”
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Use long passwords that combine letters, symbols and numbers, and change them often. Keep track of them with a password manager.
2. Protect Yourself from Disgruntled Employees
Some breaches are accidentally caused by employee negligence, but deliberate insider sabotage is a very real threat businesses are dealing with now. The reasons they would choose to infiltrate your network vary and include financial gain, espionage, grudges, and sometimes, just for fun.
There are steps you can take to protect your network from deliberate insider attacks.
- Restrict administrative permissions only to those who need them
- Implement stricter password policies
- Track in-house users on sensitive sites
- Keep an eye on your staff for signs of resentment, frustration, and anger
- Disable all permissions and access to any employee who is leaving your organization
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Internal threats can devastate your business from the inside out. Protect your network by planning an IT security strategy that takes these threats seriously.
3. Choose Effective Antivirus Software
Your network is only as protected as the antivirus software you install on your devices. You may be wondering what antivirus software is best for your business, and the truth is that a two-tiered solution such as Iconic Fortify is better than any out-of-the-box security solution. Iconic Fortify uses AI-based antivirus software along with a manned Security Operations Center to monitor all alerts.
At the very least, you need to make sure your antivirus solution has:
- Next generation endpoint security
- Ransomware and malware protection
- DNS web filtering
- Security patches and updates
- Business continuity and disaster recovery
- Routine testing.
- Email security
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Combine your antivirus solutions with firewall, data loss protection tools, password management encryption, and email security platforms.
4. Continuous Backups
Your backups should be run continuously. If a breach occurs, it’s far easier to restore data back to a timestamp of just prior to the breach. This ability, alongside allowing users to access files even when servers are unavailable, make cloud backup services a very popular choice for small to medium-sized businesses. Datto, a backup and recovery solutions provider, has broken backup and recovery methods into three main categories:
Disc or Tape: Backing up all data on a physical device, such as hard discs and tape
Hybrid Cloud Backup: Backing up data twice; once in your physical location and again off-site
Direct-to-Cloud Backup: Backing up all data directly to a remote data storage center
Your solution will depend on how much data you are storing and how quickly you will need to have data restored in the event of a natural disaster.
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Never store your backup files in the same physical location as your network and consider making the switch to cloud services.
5. Let Your Updates Update
It’s far too tempting to push off security updates or work around them, but the consequences can be devastating. Zero-day exploits are especially harmful hack-tivities that take advantage of the time frame between these patch releases and when you update them.
Microsoft has a list of their updates and patches that your employees should have installed. Remember that if even one is missing off any device, your entire network will be vulnerable.
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Updating your security patches is the most basic step in your cybersecurity strategy. All security software should be updated across all devices. It’s a good idea to keep track of your devices’ security status with a free audit worksheet like this one.
6. Follow Email Security Best Practices
It’s estimated that 90% of all breaches begin with an employee falling for a phishing scam. The worst part of this statistic? These are the easiest hacks to prevent.
Many email phishing attempts involve hackers sending infected attachments through trusted sources, such as Microsoft Word documents. Once these attachments are opened, the malware spreads from the infected device throughout your entire network.
Your employees need to be vigilant of the most common phishing schemes and protect your network. Advise them:
- Do not open email attachments with unusual requests from “coworkers”
- Never click on a video or file from any source that you do not recognize
- Never provide sensitive data, personal information or passwords via email communications
- Be wary of “spoofing” sites that mirror known, trusted sites but come from unusual sources
- Never use work devices to browse social media
It’s highly recommended that your IT department sends phishing simulation tests, like this free one from KnowBe4, to assess your employees’ readiness to spot scam, spam and phishing emails.
Integris’s Reopening Business East Texas Cybersecurity Safety Tips: Make sure that email security best practices are second nature to your employees. One very effective way is to post them in high-traffic areas such as the break room. Check out this complimentary email best practices poster from Integris, full of helpful tips for maintaining your email safety.
Cybersecurity Awareness Training is a Must-Do on Our Reopening Business East Texas Cybersecurity Safety Tips List
- Trending cybersecurity threats
- Reporting processes for suspected malware exposure
- Email best practices
- The importance of good password practices
- Proper device management, including an acceptable use policy
- Internet safety
- Data protection
- The importance of installing security patches
Integris’s Reopening Business in East Texas Cybersecurity Tip: Cybersecurity training is one of the most important “Do’s” on our list. Contact us for help getting your cybersecurity awareness training classes together and let us handle everything.
Superheroes don’t always wear capes. Download our Cybersecurity Essentials Kit, with checklists, do-it-yourself assessments, eBooks, and webinars to make you Captain Cybersecurity! Download your free kit now!
How Do I Know if My Network is Infected?
Some malware infection is very apparent. Ransomware, or Cryptowall, will freeze your network, making access impossible. You will receive a communication from the hacker with conditions for releasing your data, which almost always includes payment of the “ransom.”
Other malware is more subtle and will affect your network in less aggressive ways. A mistaken click can result in a hijacked toolbar for the user, installing a different browser that can spread malware, or change the user’s homepage to something that will benefit the hacker. Sometimes the malware can be spotted and fixed immediately, but other times the infection will run for prolonged periods of time, collecting data and corrupting files for days, even weeks, at a time.
Some red flags of network infection include:
- Annoying popup ads and messages
- Network running slowly, or devices crashing
- Disabled antivirus software
- Files moved, missing or renamed
- Trusted apps no longer working smoothly
- Inability to access control panel, apps, or files
- Unusual errors
- Desktop icons that were not installed by the user
- Password changes that were not authorized by the user
- Toolbars or home pages that have changed without the user’s authority
What to Do If You Suspect Your Network is Infected
If your employees suspect their devices have been infected, there are four steps to take to stop the infection from spreading.
Isolate the Device
Instruct your employees that if they suspect malware has been installed on a device, the first thing they must do is isolate it from your network. This means turning it off and unplugging/disconnecting it from the network immediately.
Call the IT Department
Notifications must be made. The steps your IT department take next are the only way to stop the spread of the malware and limit its effects on the network.
A good IT services department will most likely be familiar with whatever malware is “currently trending” and know how to mitigate the damages.
Wipe the Malware
There is software your IT professionals will use to wipe the malware from the device. They will most likely run the entire network through a “cleaning” phase to make sure they get the malware wherever it is hiding within your systems.
Different malware platforms can cause different types of damage to your devices and computers. If you’ve been running your antivirus software and updating the security patches, you may be able to find the solutions you need within your security platform. A call to a trusted IT services provider is a good way to make sure you understand what malware you are dealing with and the best ways to combat it. An outsourced MSP can help provide your solution either on its own or alongside your internal IT department.
If the malware cannot be wiped from the device, a factory reset may be the best option. This is a last resort and should only be done if all data and files have been properly backed up.
Reopening your business in East Texas? Download our free, easy to use Down and Dirty Nine Point Do-it-Yourself Network Security Quiz and make sure your network is ready, too.
Backup Recovery and Restoration
Once the virus has been wiped, it’s time to call on your backup recovery solutions. If you’ve been following IT best practices, you’ve been testing for this moment and restoring your files will be relatively easy. If you haven’t, you will need to call on an IT professional for help.
Having a cloud backup solution makes this process far easier for your business’ network.
The Best Solution to a Malware Attack is Prevention
The best way to fight malware damages is to make sure they never happen in the first place. Learning to identify the ways your network becomes infected and training your employees to practice safe internet habits is your biggest defense.
These reopening your business in East Texas cybersecurity tips are a great start for checking your network preparedness, but If you haven’t had a security risk assessment, now is the time to make sure your defenses are where they need to be. Integris offers a free security risk assessment to help you identify your cybersecurity weaknesses and provide possible solutions for you to build an effective antivirus and cybersecurity platform.
Does cybersecurity make your head spin? Simplify it with our Cybersecurity Essentials Kit, full of do-it-yourself resources and tools.