Oct 2022: Is Your Company Secure?
Security breaches are rising with targets on small businesses; nothing new. Cybersecurity requirements are also on the rise and a must for people and businesses; nothing new. Two-factor authentication is becoming a standard; nothing new. Companies are still not doing enough to protect their data; nothing new.
All businesses in all industries need to take action to protect their data and employees. Companies do not act because it is too much work, time, or money. These are not always true and not good reasons to protect from cyber-attacks.
- Facebook, LinkedIn, etc.: Take 1 minute to verify a person or organization that wants to follow your business.
- Malware: Take 1 – 2 minutes to download the most recent malware protection files.
- Passwords: Take 1 – 2 minutes to change passwords to be a minimum of 12 characters and a combination of alpha (lower and upper case), numeric, and symbols.
- Access: Take 3 – 5 minutes to remove past employees’ access to systems and data.
- Phishing: Take 5 minutes at a company or department meeting to discuss identifying phishing.
- Back-up Data: Take 5 – 10 minutes to schedule a daily or weekly backup process to protect and save company data.
- Two-Factor Authentication: Take 1 hour to add an authentication step to employee logins and sensitive data.
- Train and Continue to Train: Take 30 minutes at every quarterly company or department meeting to educate and stress the importance of good cyber hygiene.
- System Flow: Take 2 hours yearly to diagram data flow, where data is stored, and identify any possible future breaches by the server.
- Data Authorization: Take 1 – 3 hours yearly (based on the number of employees) to create an employee map of who needs access to specific company data. Give access to only the employees that need it.
The Federal Trade Commission’s Bureau of Consumer Protection provides cyber protection resources such as Cybersecurity for Small Business and Protecting Small. These sites offer tools and PDFs, training materials, and more to businesses.
The highest cost is time, but it is worth that cost. Two-factor authentication can be as low as $20 per employee per year. A newer business cost is cyber insurance. According to AdvisorSmith, the average cost of cyber insurance is around $1,460 per year for businesses in the State of North Dakota. The cost of time is far less than ransomware, which according to SCORE, is the number one cybersecurity threat to small businesses. With an average ransom payment of over $900,000, up 71% from last year, according to Paloalto Networks which makes an excellent reason to protect and backup company data.
Businesses that elect not to change online practices are the equivalent of allowing anyone to walk into their office, let the person go through any room & every document, take whatever they want, and then require money to return the information. Ransom and phishing occur most often because employees are not educated or trained to spot an ‘intruder.’ Keep your company safe; complete a few simple actions.
If you are unsure where to start or how to get organized, connect with the North Dakota Procurement Technical Assistance Center (ND PTAC). Our services are at no cost to businesses based in North Dakota. Register to schedule an appointment. Additionally, take advantage of the many other training opportunities and events listed on the ND PTAC website.
Not from North Dakota? Find your closest PTAC on the APTAC website, then click on your state.