The following information is taken from “11 Cyber Security Questions Every Small Business Should Ask” which appeared on Small Business Trends. This article was written by Shubhomita Bose, for small business operations.
Does Every Employee Have a Strong Password?
More than half of all data breaches caused by weak passwords and yet just 24 percent of small businesses have a strict password policy in place.
Are Your Employees Required to Change Their Passwords Regularly?
Despite having a password policy in place, 65 percent of businesses do not enforce it. It should be mandatory for your employees to change their passwords regularly to protect data.
When Possible, Do You Use Two-Factor Authentication?
Add an extra layer of data security by enforcing two-factor authentication wherever possible. For example, by adding SMS authentication.
Do Your Employees Use Their Personal Smartphones for Work Purposes?
Chances of malware attacks are greater when personal phones and devices are used in the office network. To prevent data theft, give your employees secure work phones with a passcode.
Are You Backing Up Your Files?
Cyber attacks can make your confidential files completely inaccessible. It is therefore a good idea to keep local backups as well as an offsite server.
Does Every Company Device Have Antivirus and Malware Software Installed?
Make sure the updated versions of antivirus and malware software are installed and check devices before use.
Have You Limited the Amount of Employees with Admin Access to Only Those Who Absolutely Need it?
Give access sparingly and only to those employees who really need it. Importantly, make sure those employees are well educated on security issues.
Are Your Employees Trained in Recognizing Phishing Emails?
Phishing accounts for 49 percent of all cyber attacks, and it can be tricky for an employee to identify it. It’s important to train employees to ensure they do not respond to suspicious emails.
Do Your Employees Know Never to Give Sensitive Information to Supervisors Via Email?
Sometimes hackers create an email address that looks genuine and is in the name of a colleague. Ask your team to double-check email requests for sensitive information.
Do You Encrypt Databases and Customer Information?
Without encrypting, your sensitive data is accessible to hackers. That’s why, you must ensure all your information is encrypted.
Are Your Websites Properly Protected?
Most attacks happen on WordPress websites. It’s therefore a good idea to install updates and stay updated on WordPress security best practices to avoid data loss.