October is Cyber Security Awareness Month. In today’s world, we hear of new data breaches every week. These cyber attacks put the consumer at risk and harm the reputation and the financial stability of the company that was hacked or attacked. The following are important steps that you can take to protect your business, your data and your customers.
Unfortunately, hackers and cyber prowlers seem to get more sophisticated as time passes. Many companies are hacked despite putting many important protocols in place. It is important to consider adding Cyber Liability Coverage to your insurance resume to protect your business against major financial loss should you become the victim of a hacker. This is a fairly new insurance coverage, but Berkely Brokerage Corp. has the knowledge and information to help you make an informed decision on purchasing this product.
1. Secure sensitive customer, patient or employee data:
- Store paper files and removable storage devices in a locked drawer or cabinet.
- Restrict access to sensitive data. Give employees access to only the information they need to perform their jobs.
2. Properly dispose of sensitive data:
- Remove all data from computers and storage devices before disposing of them.
- Shred documents containing sensitive data prior to recycling.
3. Use password protection:
- Password protect your business computers, including phones and laptops.
- Require employees to have unique user names and strong passwords and change them at least quarterly.
4. Control physical access to your business computers:
- Create unique user accounts for each employee to prevent unauthorized use.
- Lock laptops when they are not in use.
- Limit network access on computer stations in public spaces, such as the reception area.
5. Encrypt data:
- Encryption helps protect the security and privacy of files both on the computer and during the transmission of data. Install encryption on all laptops, mobile device, flash drives and back up tapes.
6. Secure access to your network:
- Have a secure firewall in place on your network.
- Allow remote access to your network only through a secure manner such as a VPN – Virtual Private Network.
- If you use Wi-Fi, make sure it is secure, encrypted and hidden so that the network name cannot be picked up by the public. Also, require password access.
7. Protect against viruses and malware:
- Install and use antivirus and antispyware software on all of your business computers.
- Do not open email attachments or other downloads unless you are sure they are from a trusted source.
8. Keep your software and operating systems up to date:
- Install updates to security, web browser, operating system and antivirus software as soon as they become available. These contain patches that address security vulnerabilities within the software.
9. Verify the security controls of third parties that have access to your data:
- Make sure that third parties that have access to your data or computer systems have data protection practices that meet your standards. If a breach occurs on their watch, there is a good chance that you could be held liable.
10. Train your employees on the company’s security standards:
- Make sure that your employees understand your data protection practices and their importance. Document your policies and practices and distribute them to your staff. Review and retrain employees as updates and changes are made.