Data Security Starts with You.
We’ve said it before and again and again and again: Hackers do not fight fair. They don’t care that tax season is in full swing—they don’t care that you are a two-person shop or sole proprietor. Actually, those are the qualities they look for in a cyber attack victim.
Malicious hackers more often go after employees who are:
- Busy and distracted
- Working for a small to medium-sized business
Why? Because those two qualities mean that their victim is less likely to pay close attention to what they’re clicking on, browsing or responding to. And, a smaller-sized business or accounting firm is less likely to have the security defenses in place to catch a ransomware attack before it has the chance to wreak havoc.
According to Verizon’s Data Breach Investigation Report: 43 percent of breach victims were small and medium businesses in 2020.
Don’t let cyber attackers get away with this any longer. It’s your actions every single day that defend or allow a cyber breach to occur.
Here are 5 ways that you—an employee at any-sized business or firm—can reduce cyber attack risk, protect your data and therefore: protect yourself.
1. Learn how to reduce your cyber attack risk.
- Visit trusted websites, such as nist.gov, for free or low-cost cybersecurity resources
Keeping data secure begins at the user level. According to the Verizon report: 33 percent of successful breaches involved phishing or social engineering in 2020.
With a little education, we believe most of these breaches would’ve been unsuccessful. Make sure you’re taking the required security awareness training your IT department sends out (and pay attention to it!).
2. Change your password frequently.
- Passwords should be complicated and changed often.
- Never share your passwords.
- Use a unique password for every account.
- Use password managers, such as LastPass, Keeper, Dashlane, etc.
If you have a difficult time remembering passwords, try using a password management system. This article by PCmag.com lists the top 11 password managers to use in 2022.
3. Don’t trust your email.
Once in a while, a malicious email may slip through even the best security programs. My rule of thumb? I don’t trust any email without taking a closer look.
Prevent phishing schemes by looking out for these email red flags:
- The email is from a colleague you rarely talk to
- The email is riddled with grammatical and/or spelling errors
- The sender’s email domain is something other than your company name. Pay extra close attention to this one, as sometimes hackers will snag a domain that’s indistinguishable from the one you’re used to at first glance, for example, @rightnetworks.com vs. @rlghtnetworks.com
- The email is asking you to do something, for example: buy gift cards for vendors
- The email implies urgency
4. Enable multi-factor authentication wherever possible.
“If companies just [implemented multi-factor authentication], they would be exponentially more secure…”
So—if multi-factor authentication is such obvious protection, why don’t more businesses implement it? According to Brian Grayek, either “A) They don’t know. B) They think it’s high-cost and it’s too hard to do.” ¹
Simply put: It’s not. It’s not complicated from an infrastructure setup perspective. And from a user perspective, it adds about three extra seconds to my normal login procedures, and I was able to set it up myself at home.
Tell your IT guys to implement it for an all-around, more secure workstation. Or enlist the help of managed service providers.
Duo—Cisco’s user-friendly, multi-factor authentication product—is a component in our QuickBooks Desktop hosting and Secure Workstation packages. The simple and effective method ensures that data and information can only be accessed by the user who is supposed to be accessing it.
We believe in Cisco’s product so much that we’ve implemented it for our employees, too.
Download our eBook, 3 Reasons Why You Should Use Multi-Factor Authentication Security, today.
5. Use the cloud’s built-in security.
- Reputable cloud hosting providers use advanced threat detection to notice unusual system behavior.
- With cloud hosting, if a malicious hacker were able to enter your system and gain access to your data, data would be unreadable to them (as long as the cloud hosting provider uses data encryption technology, as we do).
- Further—victims of a ransomware cyber attack wouldn’t need to worry about paying any ransom to get their data back from the thief. Why? Because providers like us back up your data daily in case of accidental loss or deletion.
The Most Important Data Security Lesson of All…
Maintaining data privacy is the responsibility of every employee, regardless of their title.
By following the tips included above (and leveraging cloud technology to make maintaining your business’s data even easier), you are doing your part to keep data secure.