Skip to main content

Thing to do this week to start protecting your customer data

Thing to do this week to start protecting your customer data

You have client or customer data in your possession. It is part of running your business in a digital marketplace. If that data is breached, it could permanently damage your reputation. We talked in an earlier blog about types of malware. There are many steps that you can take to protect your systems and data. Here are a few suggestions to protect your business from malware.

Consider a Managed Service Provider - Cybercriminals are very sophisticated and every day are releasing new, cutting-edge tools to attack businesses and individuals. Small- and medium-sized businesses do not have the resources to staff an IT department sufficiently to be aware of all the newest tools and technologies needed to protect a business. For example, a business owner cannot possibly keep up with the changes and details of tax laws. Doing it themselves, they would likely overlook important tax advantages or inadvertently break some IRS rule. As a result, tax preparation and accounting above the level of basic bookkeeping is outsourced to an outside accounting firm. You should consider looking at IT in the same way.

Updates - Always update your software. There will always be vulnerabilities in every bit of software that you use. Creators of software are constantly upgrading to close holes that could be exploited. Being attacked by malware because you are behind in upgrades is an avoidable error. That said, given the sheer volume of software applications accessing your network, you should consider outsourcing the administration and enforcement of this process.



Multi-factor authentication - Everyone is increasingly encountering MFA. This tool requires a second level of authentication in order to access an account or use a program. Generally, it involves entering a password then following up with a token you might be sent via text or email, or using a biometric measure, such as a fingerprint. An MSP can provide applications that can set up MFA to protect your data.
Access Control - You don’t give out keys to your house to everyone you know. Why allow all employees or vendors to access all of your databases or programs? Instead, follow the Principle of Least Privilege. That is, each individual only has the access to accounts, databases etc. that are absolutely necessary for them to do their assigned tasks.

Backups - Everyone knows they need to do backups, but handling these is more than just downloading data to a hard drive every evening. An MSP can provide you with the tools needed to handle backups appropriate to the needs of a business operation.

Employee education-This one cannot be emphasized enough. The individuals in your organization are your first and most critical line of defense against malware. As mentioned above, many types of malware need user action to get into your systems.

Here are some areas where training can help.

Phishing emails. These are mails that appear to come from legitimate sources, but are faked. Because the reader trusts the sender, they naively open a link that might be attacked which then downloads some forms of malware.

“Lost” USB. - Too often, individuals will find a USB drive left near a desk or dropped somewhere. The temptation to insert it into their computer to see what’s on it can be very hard to resist. ( This was part of what caused the Target data breach)

Password etiquette - Define standards within your organization about acceptable passwords. An MSP can help you set up programs that require employees to create passwords that meet your defined criteria. Also, consider fostering a culture that makes the sharing of passwords a performance issue that will be addressed by an individual’s supervisor.



Endpoint Detection and Response ( EDR): This is a solution an MSP can provide you with. At its basic level, EDR is a proactive approach to anti-malware software. EDR constantly looks at all of the endpoints in your network, tracks behaviors and identifies anything out of the ordinary. For an individual, anti-malware software may be sufficient. For a business that has multiple endpoints, this is not sufficient. ( Think dozens of employees connecting remotely via their own computer or smartphone). In a sophisticated business’s IT infrastructure, there are many endpoints which need to be evaluated.

In summary, there are many ways that an SMB can approach defending itself against malware. Some of these, such as employee training, can easily be done in-house. Others require a depth of experience that only your MSP can offer.

Comments

Post a Comment

Popular posts from this blog

Leveraging your business data to drive better business outcomes

Leveraging your business data to drive better business outcomes Smaller firms may hear about AI and how data is driving the big corporations of the world, but they often don’t realize that they can do the same. The size and age of your business doesn’t have to be a limiting factor in whether you use data. Today’s blog is a quick look at data management for the small firm. The first lesson is: don’t take your data for granted. The basic business model for some large IT companies is monetizing the data that they collect. While this may not be your goal, you probably collect a great deal of data about your customers, prospects, and operations. An MSP can help you make better use of that data. Here are just three examples: Marketing Data tells you who is interested, when they're interested, and in what they are interested. Data can tell you where each individual prospect sits in the sales funnel, so your marketing messages reach them exactly where they are. It can also track the...
Post a Comment
Read more

Why Migrate to the Cloud

Why Migrate to the Cloud If you haven't already considered migrating your data storage to the cloud, you are probably in the minority of businesses. While it may seem intuitive that somehow your data is safer if it is stored “ at home,” on location at the site of your business, that probably is not correct. Given the ability of skilled cloud service providers to provide redundancy and a level of security unattainable by a small business, storing all your crucial business data on site using in-house support is probably akin to keeping your money under the mattress instead of a bank. In this blog, we’ll explain what cloud data storage means, and some reasons why it may be a good business decision. In addition, we’ll quickly note some reasons some people get nervous about the security of cloud storage. What is cloud data storage? In an earlier time, a business would store all of its data on-site. Individual employees might keep all of their Word and Excel documents filed on their PC. ...
Post a Comment
Read more

Protecting Your Data on the Cloud

Protecting Your Data on the Cloud Cloud storage has transformed the way businesses store and manage data, but for some, it also raises concerns about data protection. This blog post discusses a few security measures that can be deployed when using cloud storage. Data Encryption One of the fundamental security features of cloud storage is encryption. It ensures that your data remains confidential and protected from unauthorized access. Cloud storage providers use encryption algorithms to protect data both during transit and when stored in their servers. This means that even if an attacker intercepts the data in transit or gains access to the storage servers, the information remains unreadable. Encryption adds an extra layer of security, ensuring that your data remains confidential and secure. Access Controls and Identity Management Concerned about access to data? Cloud storage providers offer access controls and other mechanisms to prevent unauthorized access to your data. These feature...
Post a Comment
Read more