5-Steps to Better IT Security


With so many cyber threats to small businesses and individuals, Better IT Security is something we all need to consider. The latest cyber attack statistics are frightening, yet so many people remain in denial about becoming a victim. The thing is, because so many of these attacks are now automated, we are all targets.

Just look at the numbers.

Hacker Image Better IT SecurityThis year, 43% of all data breaches involve small and medium-sized businesses, and that same number, 43% of small businesses, do not have a cybersecurity plan in place. And 83% of these sized businesses do not have the financial preparation in place to recover from a cyber attack. Just to throw one more stat out there, 90% of all healthcare organizations reported at least one security breach in the last three years.

These statistics don’t get better for individuals. Phishing scams account for more than 80% of attacks, and Google has identified more than 2.1 million phishing sites. Not only does this expose us all to credential theft, but it has led to 1 in 5 Americans becoming victims of Ransomware. On top of this, more than 60% of cybercrime victims unwittingly expose friends and family to their attackers.

But we are not helpless in the face of these attacks. Here are 5-Steps to Better IT Security.

1. Strong Passwords and 2FA

First, everything you knew about passwords in the past is wrong. An 8 character password mixed with numbers, symbols, lowercase, and upper case letters takes approximately 17 hours to crack. By contrast, a 12 character phrase of mixed upper case and lower case letters will take 600 years to crackadd a number, and the time increases to 6,000 years.

Everyone should be using a Strong Password. That means a minimum of a 12 character passphrase for general accounts and 16 character passphrase for accounts with sensitive information. A personal passphrase is much easier to remember than a complex password and more secure. For example:

Better IT Security Passwords Imagemy2doggiesareAwesome 20 characters, uppercase, lowercase, and a number, this passphrase will take 374 trillion years to crack.

And the best part, the NIST cybersecurity rules say you don’t need to change that password unless it’s breached.

This takes us to the second point – 2FA (2-Factor Authentication). With all those phishing scams and other credential-stealing attacks out there, this is a fail-safe for your passwords. 2FA prompts you for a second method of authentication, typically a code generated by an authenticator app or sent to a mobile phone or email.

This step alone will significantly increase your personal and business security, but there’s more.

2. Antivirus and Ransomware Detection Tools

When you click on something you shouldn’t, and it can happen to any of us, having these tools makes all the difference. Cybercriminals are getting better at crafting attacks. They use automated tools to reach more people and find new and inventive ways to trick us into downloading malicious software and clicking on links.

Antivirus and Ransomware Detection tools can help stop the attack before it starts, but you have to do your part. That means keeping the programs updated and not using admin accounts to surf the net. Whether at home or work, never use an admin account as your primary account. If you click on a malicious link with an admin account, it’s like opening the door and letting the criminal inside.

If you don’t have a good antivirus and Ransomware Detection program or need help with user rights, contact us for a free quote.

3. Update Update Update

Better IT Security Update ImageThis cannot be stressed enough. Cybercriminals can exploit vulnerabilities in software to inject malicious code without you doing anything. These are called Zero-Day, Zero-Click vulnerabilities. They happen to Apple products, Microsoft products, Google products, games, business apps, financial apps – the list goes on and on. This year, Google Chrome has had 12 zero-day, zero-click vulnerabilities as of this writing.

The only way to fix these vulnerabilities is to perform security updates. These days, problematic updates are rare – you put yourself at far greater risk of problems by delaying updates.

Updates apply to computers, laptops, tablets, mobile phones, routers, modems, printers, TVs, security systems – if it is hardware connected to the internet, there are most likely security updates for it.

Small business or home, we offer affordable maintenance contracts to help and never require a long-term commitment.

4. Consistent and Reliable Backups

Your data, whether personal or business, is irreplaceable. It is difficult to explain the loss of this year’s invoices to a small business owner and downright heartbreaking to tell someone that all those pictures of their children and grandchildren are gone. And with so many storage options available these days, there’s no reason for it.

We always recommend the 3-2-1 approach to data backups—three copies of the data on at least two data storage types, with one taken offsite. One of the tenants on which Darren built Clark Computer Services is that a good backup is the key to getting back to business after a disaster.

We offer a variety of backup options to fit every need.

5. Cyber Awareness

Better IT Security Awareness ImageStaying informed about cyber threats will give you and your employees or family an advantage against cybercriminals. Most cyber scams rely on people being too lazy, unaware, or busy to pay attention. Internal errors and data loss most often results from people not understanding or caring about their IT security obligations.

Technological solutions are not yet at a point where they can protect us from every type of cyber threat. As a result, automated attacks are out there looking for you whether you’re at home, at work, or surfing the internet from a coffee shop. Training courses, newsletters, and general discussions about current cyber threats will help everyone to spot the scams.

It only takes one employee or one member of a household to click on the wrong thing for you to potentially lose everything.

Final Thought

Whether or not you have a cybersecurity plan, these five steps will help to protect you. And if you want help implementing these steps, assessing your risks, or coming up with a plan, we offer a variety of services to help. Contact us for a free quote.


0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments