8 steps cyber security checklist
27 April 2016
3 min read
Ask IT and non-IT departments in your business about their opinions on cyber security and you’ll get two very different responses. IT Managers will frown and look worried while everyone else will guiltily say they’ve been meaning to update their antivirus but haven’t had the time to restart.
A recent survey from The Department of Business, Innovation and Skills revealed that 74 percent of UK businesses have been hacked – and that number is growing every year. It’s time to start fighting back against the hackers.
We’ve put together an essential cyber security checklist so you can immediately start protecting your business from cyber criminals.
Install security software with antivirus protection. It’s the bare minimum of protection you need. Make sure it’s set to continuously scan for intrusions. For help choosing the right software, start by reading reviews from real IT experts in the Spiceworks community
If one person doesn’t bother installing updates to software on any of their devices, then everyone is at risk. Downloading and installing endless patches might seem time-consuming but every update is fixing potential security holes and blocking the ways that cyber criminals gain access.
Encrypt your most important files
Encryption isn’t foolproof but it’s like locking your front door instead of leaving it wide open. It’s essential to lock away the contents of sensitive or private data in order to put an extra layer of security between you and your cyber attacker. Tools like PKWARE’s Smartcrypt technology will make sure users see the data they’re supposed to see – and unauthorised users won’t see a thing.
Scan external drives
External and portable storage devices are one of the biggest tech danger zones. You never know where your staff might be taking them. From multiple PCs in an office to their home PC or even a digital photo printing kiosk, you have no way of knowing or controlling where these devices have been.
Some malware is designed to hide on USBs and install itself onto any PC it’s plugged into, so make sure every device is regularly scanned.
Create a cyber-literate team
We don’t expect everyone to be able to become an elite cyber security guru. However, this doesn’t mean that staff can’t be trained in the best practice security essentials. From strong password creation to recognising suspicious files and phishing scams, knowledge is power. Create guidelines and make them a mandatory part of training.
Attackers exploit human error and negligence, which is why 31 percent of the worst security breaches in 2015 were directly caused by the staff members.
Create a response plan
Imagine you’ve just been informed of a massive data breach. What happens next? Data, money and customer trust is trickling away with every wasted minute, so what are you doing to stop it?
With a plan in place you can immediately spring into action and ensure that everyone from your internal IT teams to the authorities is involved and on the case.
Cyber security hit squad
These are the people that will respond to threats and ensure that problems are resolved as soon as possible. Everyone in this team will be a cyber security expert responsible for training other members of staff in best practice and new developments.
Everything on your network can be measured and monitored. If something stands out it’s important to look for the cause. Whether it’s a sudden spike in activity or sustained network utilisation during odd times – investigate it.
It could be something innocent, like an employee downloading a TV boxset to watch during a nightshift. Or something more sinister, such as a botnet using your network to broadcast spam and viruses to across the internet.
This checklist isn’t exhaustive or guaranteed to protect you from cyber crime, but your business will be a lot safer after implementing the points on it.
To stay ahead of cyber criminals, keep up with the latest news and guides on cyber security on BusinessNow.