Five Cybersecurity Best Practices for Small Businesses

Whether you and your employees are on-site or working remotely, your company needs a strong security awareness program. No matter how loyal, savvy, and hardworking your crew is, the business you’ve spent years building up will be exponentially safer when your staff gets cybersecurity training. These are just five of the many topics Alterity’s cybersecurity courses cover.

1. Protect your company and your employees’ identities

Some attempts to weasel sensitive information out of you and your employees are obvious. But cybercriminals are working overtime and getting stealthier as they look for subtle, believable ways to con you and your workers.

We all know passwords are important—no birthdates, pet names, or 123456. Your best bet is a long, strange passphrase that’s unique to each system or device you log in to. Think “peanutbutterhickeysgrassispurple.” Nobody’s going to guess that one or find it with a dictionary-based password-cracking program.

As we explain in our online security awareness training, multifactor authentication (MFA) is essential. This means the user’s identity is verified by two or more factors, such as a combination of a code generated by a smartphone app, a physical device like a badge, answers to personal security questions, or something unique to a person, such as fingerprints, facial recognition, or retina scanning. Combine weird passphrases with MFA and your company is much safer.

2. Mind your personal safety

Too often, people forget that their “friends” on social media might not be their bosom buddies. That person whose friend request you accepted because her name sounded familiar and you think you might have gone to elementary school together could actually be a cyber villain. So be careful what you post. First, there’s your reputation. Something that seems funny after you’ve had a couple of drinks could get shared among your friends—and beyond—and embarrass you, jeopardize your relationships, and even get you fired. Don’t post anything you’re uncomfortable letting the whole world see, because it just might.

Also, don’t be too up-front about your whereabouts. If your whole family is vacationing in Hawaii, do you want everybody to know your home in Massachusetts is sitting empty and undefended? Same for out-of-office replies. Don’t go into a lot of detail about how far you are from the office. If you’re dying to show off your attempts to learn to surf, post a few pictures when you’re safely home.

3. Watch out for phishers and other scammers

Your company needs a phishing awareness program to ensure your staff is educated about sophisticated efforts to get their sensitive information. Phishing is the attempt to get goodies like usernames, passwords, bank account information, and Social Security numbers through fraudulent emails, texts, and phone calls. Did you get an email that says your password must be reset for your bank account? Don’t click the link in the email! Instead, open a new browser window and go directly to the bank’s official site, or call them and ask if they sent the password reset email. Don’t believe that email that allegedly came from an acquaintance who’s stranded in Scotland after losing her baggage.

Proper cybersecurity training will protect you and your employees from falling for scams.

4. Be careful with mobile devices

Mobile tools like laptops and cell phones are wonderful for doing work outside the office, in a park or café. But just because the person at the next table smiled at you doesn’t make him your ally. Don’t expect him to watch your phone charging all by its lonesome while you zip off to the restroom. Phones are easy to pocket in seconds. Be sure there’s a password on that phone or, better yet, that it requires your fingerprint to open.

And public Wi-Fi? Risky. It’s safer to use your own data plan when you’re in public.

5. See something? Say something

Empower all your employees to speak up when they think something is wrong. Cyberattacks can be quick and devastating. Your company needs to get on top of any security breach as soon as possible. Make sure all your employees understand protocols for reporting suspicious cyber issues.

Alterity’s Cybersecurity Training

Whether you and your employees are looking for cybersecurity classes online or you need help with government technology training, Alterity can help. Sample our cybersecurity course offerings on our On-Demand Learning Portal today!