Cybersecurity Guide for Businesses
Computer-related crimes are on the rise as technology becomes more and more ubiquitous in our daily lives – and the way we do business. It’s important to steer clear of fraudsters to protect not only your financial assets but your business reputation.
We’ve gathered a few important cybersecurity steps your business should consider and some great resources to learn more about this critical topic.
Protect Your Files and Devices
Beyond backing up your files on external drives or in the cloud, there are other ways you can secure your devices and their contents. To secure your files, require proper authorization or passwords to access them. Consider enabling multifactor authentication for sensitive systems or accounts. Make sure your employees use strong passwords and avoid sharing them with others. It’s also a good idea to limit your employees access only to those files and systems they need to perform their job. Physical devices like company laptops and phones should always be secured when not in use. You should also develop a reporting policy to track lost and stolen equipment.
Secure your internet connection
It’s important to use and regularly update antivirus software and antispyware on all your business’s computers and devices. Keep all other software up to date as well – Better yet set up your devices so this happens automatically. Don’t let employees download software without permission. In addition, use a firewall, encrypt data in transit, and change the default name and password on your router.
Verify Invoices and Other Requests
One scam making headlines is the Business Email Compromise scam and it’s potentially one of the most financially damaging online scams that your business may encounter. You receive an email that looks like a legitimate request from a vendor, client or even another employee, but if you provide the payment or information, it’s only going to a scammer.
Remember that email addresses and even websites that look legitimate can still be fake.
- Always call to verify the invoice or request using a number you have on file. Do not use the contact information in the email.
Pay close attention to your bank accounts and look out for unauthorized transactions
A common scam is an account takeover where cyber criminals use malicious software to obtain the IDs and passwords for online bank accounts and then make unauthorized withdrawals and other transactions. A way to combat this is by enacting additional controls, such as confirmation calls before financial transfers are authorized with the financial institution or dual control where more than one employee is needed to authorize specific transactions. It also helps to keep a detailed record of your authorized transactions so you can easily spot anything out of place.
Train your employees
It’s important that everyone in your business plays an active role in cybersecurity. Anyone who has access to your devices, network and files is a potential way for fraudsters to compromise your system. Everyone in your organization should know how to avoid, identify and report threats. As the cybersecurity space is constantly evolving make sure to keep them up to date with best practices and information.
We’ve put together a few more resources to help you learn more about cyber threats and stay up to date.
Bank of Colorado’s Fast Money Blog –
Take a Byte Out of CyberCrime | Bank of Colorado (bankofcolorado.com)
Cybersecurity and Infrastructure Security Agency –
Stop.Think.Connect. Small Business Resources | CISA
Federal Bureau of Investigation –
Business Email Compromise — FBI
Federal Trade Commission –
Cybersecurity for Small Business | Federal Trade Commission (ftc.gov)
Small Business Computer Security Basics | Federal Trade Commission (ftc.gov)
Federal Communication Commission –
Cybersecurity for Small Business | Federal Communications Commission (fcc.gov)