Apcela

Fulfilling the promise of UCaaS requires a better network

UCaaS Systems Unified communications (UC), by combining voice, video and text messaging into a single system, has long promised efficiency and convenience for communicating with co-workers and customers. Why are the promises not always fulfilled? For a long time, integration of hardware-based systems into the
Using Data Science and Google Cloud to Win March Madness…Well, Not Really

Using Data Science and Google Cloud to Win March Madness…Well, Not Really

I suck at the NCAA March Madness® bracket selection process.  I let my personal biases get in the way of making decisions based upon the numbers.  I over-rate the well-known Big Ten conference and under-rate the lesser-known Mid Majors and fall in love with the most recent

Data Security Tips

As more and more companies begin to switch to the cloud, cyber attacks need to be a top priority for business owners of all sizes and within all industries. But small businesses in particular face a greater threat.

Almost half (43%) of cyber attacks target smaller businesses. Even worse, more than half (60%) of smaller businesses that are victims of cyber attacks go out of business within six months. Additionally, infosec experts recently stated that U.S. companies are not doing enough to secure their data.

Fortunately, your small business doesn’t need a huge budget or endless resources to thwart potential cyber attacks if you copy the following five tactics that enterprise-level businesses use to protect their sensitive data.

Data Security Tips

1. Educate yourself and your team on security threats.

Want to know what the biggest threat within your small business is? It’s the people within your organization.

While there are some instances of disgruntled employees sabotaging your business, most cases involve human error, like:

  • Creating weak passwords or sharing login information with others.
  • Leaving a work device unattended in public.
  • Allowing employees to bring their own mobile devices to work. These devices may put your network in jeopardy because they could be infected or don’t have the proper anti-virus software installed.
  • Phishing scams where an employee knowingly clicks on a link via email or text, opens a document or downloads a file that contains malware.
  • Accidentally emailing sensitive data to the wrong recipient.

The first step you need to take is to foster a culture that requires you to assign an owner, set the tone, create an organizational structure that drives it, hold offsite trainings, prioritize and focus, and communicate. Building a great company culture will encourage responsibility and help you establish security procedures. For example, you need to clearly communicate why an employee may not be able to bring their mobile device into work, like because it could enable a data breach.

If you don’t have the budget to hire a security consultant or have everyone attend a workshop, there is still a wide variety of security resources at your disposal, such as the Security Now and Security Weekly podcasts and online courses from Coursera, edX and Udacity.

You should also stay up-to-date with not only existing cyber threats but also emerging threats. Government Technology put together a list of the top 17 security threats for the upcoming year that you and your team should be familiar with.

2. Monitor what’s already lurking.

When it comes to security, most small businesses are so focused on preventing attacks that they don’t take the time to evaluate their existing database to see if there’s already been an attack. Implementing best practices when it comes to cybersecurity won’t prevent a breach if there’s already been a leak.

Training your employees is a start, as it will give you a better idea of whether anything has gotten through. For example, maybe during this training an employee informs you that his or her tablet, which is used for work, has been infected. Now you know possibly where the attack originated from and how to combat this specific threat.

Besides training your employees, you also want to conduct a do-it-yourself network security process to see if you’ve already been attacked or to better understand your network SI security level. This typically involves:

  • Vulnerability analysis where a tool like Nmap creates an inventory of your network assets, an OpenVAS vulnerability scanner detects any flaws in the inventory and Arachni searches for any web application vulnerabilities.
  • Configuration analysis using MBSA (Microsoft Baseline Security Analyzer) for Windows environments and Lynis for Linux environments.
  • Log analysis, which searches system logs for patterns that can reveal hacking attempts through tools like the ELK suite.

Once you’ve conducted this process, make sure you also run password checks and invest in real-time security monitoring tools from companies like Mindtree.

3. Use the right encryption.

One of the most effective ways to keep hackers out is through encryption. But for encryption to work properly, you first need to understand what exactly encryption is and how to use it correctly.

Encryption, as described in a previous CloudTweaks article, “converts data into an unreadable format called cipher text with the help of a secret key called the encryption key. And you cannot gain access to the primary data unless you can access the encryption key or guess it.

In order to encrypt data the right way, it’s suggested that you:

  • Check the strength of encryption provided. Apple uses 128-bit AES encryption, but if you need something stronger, try Crashplan, which offers 448-bit Blowfish encryption.
  • Use longer passphrases, such as eight-letter passphrases, as your encryption key.
  • Encrypt all of your data prior to it being uploaded.
  • Check regulations, compliance and security guidelines.
  • Encrypt your emails.
  • Use digital signatures.

4. Utilize security as a service applications.

Security as a service is generally software that is used to monitor data flowing through mobile devices. However, this software can also be used to protect your cloud infrastructure and data, access all of your cloud apps with a single set of login credentials, protect your company’s website and monitor the information moving through your network and devices like printers.

5 Embrace the cloud to thwart ransomware.

Ransomware involves cyber criminals who infect your system in order to hold your data hostage. To avoid this from happening, you should save, secure, store and back up all your data in multiple cloud locations.

Also, the cloud comes with advanced security features, such as sophisticated access controls and advanced encryption technology, which can protect your business from ransomware.

Protecting the data for your small business is a necessity, but you don’t need to have large, enterprise-level resources to protect your small business from potential cyber attacks.

By Loren Baker

Loren Baker

Loren Baker is the founder of Search Engine Journal and is a VP at Foundation Digital. A long time digital entrepreneur, Loren has been in digital marketing since 1998 and over the past decade he has built & executed innovative online strategies for leading companies in car insurance, retail shopping, professional sports and the movie & television industry.

View Website

BRANDED COMICS FOR YOUR NEXT CAMPAIGN

Get in touch with us regarding our introductory rates!

How Blockchain Could Be The Solution To Many of the Problems in Healthcare

How Blockchain Could Be The Solution To Many of the Problems in Healthcare

Blockchain Can Solve Many Healthcare Problems Emma decides to see a primary care physician after she witnesses a series of ...
GDPR Compliance

A Quick and Dirty Guide to GDPR Compliance

GDPR Compliance Set a reminder: On May 25, 2018, the new General Data Protection Regulation directive from the European Union ...
5 Ways the Cloud and IoT Have Transformed the Transportation Industry

5 Ways the Cloud and IoT Have Transformed the Transportation Industry

IoT Transportation Industry The Internet of Things has caused many industries to evolve - but few more than transportation. Here ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent ...
Infosec thought leaders

Beyond VDI: How the hybrid cloud is forcing us to rethink an industry

Beyond VDI (Virtual Desktop Infrastructure) Before I start this blog, I want to get something off my chest. Here it ...

Azure resources to assess risk and compliance

/
This blog post was co-authored by Lucy Raikova, Senior Program Manager, Azure Global – Financial Services. It is vital for our customers in the Financial Services Industry to deliver innovation and value to their ...

NVIDIA Supercharges Record 80+ Gaming Laptop Models with Turing-Powered GTX 16-Series GPUs

/
SANTA CLARA, Calif., April 23, 2019 NVIDIA today introduced the GeForce® GTX® 1660 Ti and 1650 Turing-based GPUs for gaming laptops, which deliver a major jump in overall performance and power efficiency for ...

Tesla Raises the Bar for Self-Driving Carmakers

/
In unveiling the specs of his new self-driving car computer at today’s Tesla Autonomy Day investor event, Elon Musk made several things very clear to the world. First, Tesla is raising the bar for all ...