We’ve all heard the stories about big-name corporations, large healthcare systems, and even entire municipalities whose digital assets are seized by ransomware and held hostage until payment is made to the hacker who broke through what should have been rigid I.T. safeguards. Could that happen to a small training business? The answer is yes, but there are steps you can take to reduce your exposure.
The Stop. Think. Connect. campaign from the Department of Homeland Security is:
[A] national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone.
On the campaign’s website, you’ll find a link to their blog which contains useful articles to help everyone implement best cybersecurity practices for themselves, their home computers, and their businesses. In honor of the upcoming National Cybersecurity Awareness Month, we would like to share some tips from their “Strengthening Cybersecurity for Small Businesses” article.
As DHS explains, “Strong small and medium-sized businesses are a critical component of our nation’s economy. Due to the sensitive consumer data small businesses house – including personal and financial account information – they have become a prime target for cyber attacks. Cybercriminals recognize that small businesses hold very valuable consumer data and often lack the resources to put in place strong cybersecurity practices, leaving them more vulnerable to attacks.”
Their recommendations include:
Installing security software. Make sure all of your organization’s computers are equipped with antivirus software and antispyware. Update the software regularly.
Securing your Internet. Secure your Internet connection by using a firewall, encrypt information, and password protect or hide your Wi- Fi network.
Having a plan. Establish security practices and policies to protect sensitive information.
Educating employees. Take time to educate your employees about cyber threats and how to protect against them. Hold employees accountable to the Internet security policies.
Using strong passwords. Require employees to use strong passwords and to change them often. Enable two-factor authentication on all business and personal accounts, when available.
For further reading, DHS offers a Small and Midsize Business Toolkit to help business owners learn more about these types of attacks and where to look for vulnerabilities in their data practices. The Getting Started: Top Resources for Small and Midsize Businesses downloadable pdf contains links for additional information.
Here at HSI, we take cybersecurity very seriously. All employees receive ongoing training in cybersecurity and data handling best practices, and our I.T. team regularly rolls out new security features for our systems. Even if your Training Center business is a small network with just a few laptops, be sure you and your team are keeping your email systems, data storage, and websites safe and secure.