Train Your IT For Peak Performance

In a short period of time your Small or Mid-sized business (SMB) probably had to ask its employees to work from home following the “social distancing” recommendations from health authorities brought on by the Coronavirus pandemic.

This seemingly overnight relocation of office workers to home offices placed dangerous cybersecurity risks on the SMB community since the number of phishing scams and malware/adware sky rocketed with the onset of the pandemic.  The majority of SMBs were not prepared for this abrupt change.  For the most part, they lacked policies, security tools, equipment, and technology services for employees to continue performing their jobs from a remote location.

SMBs need to address this new reality by implementing five critical practices which will help reduce the potential of losing data, sensitive or not, from malicious attacks. Here’s how you can protect your SMB:

1. Establish User Access Policies

Establishing User Access Policies is a good way to protect sensitive information, even when your staff operates from the office environment.  User Access Policies will limit the information a staff member is privy to in order to perform their daily tasks.  For instance, Human Resources data should not be accessible to staff not involved in this function.  This would also apply to information generated by Accounting, Finance, etc.

As a first step, SMBs are recommended to centralize the location of their data files and organize them by function.  Once this is done, the access policy needs to define how a specific staff member can gain access to the file, i.e. password, etc.  Make sure to include the Access Policy in the Employee Manual to make employees aware of the consequences of not properly protecting information.

2. Use Strong Password Policies

Password protection is the first line of defense against unauthorized access to business information that is critical and sensitive.  All SMB organizations should have clearly defined requirements for the creation of passwords. This could include the use of passphrases, which are easier to remember than a long string of letters, numbers, and special characters.  A passphrase can be a quote from your favorite movie, combined with cleverly switching out letters with characters. For example, “Hasta La Vista Baby” can be H@s7@l@v1s7@b@bY as your password.  To enhance the effectiveness of strong passwords, businesses should require they are refreshed every 90 to 180 days.

3. Implement Dual-Factor Authentication

To further strengthen the security line of defense, SMBs should implement Dual Factor Authentication (2FA) for when staff members log-in to the network.

The 2FA process will require users to enter a known PIN or a code provided to them via text, e-mail, or an Authenticator Application such as Authy, Google Authenticator, Microsoft Authenticator, etc.  An alternative would be to require that an assigned USB security key be plugged into the computer system before users can gain access to the business network.  Authentication methods may vary among applications and operating systems but basic access authentication to your computer is a great start. 

4. Install a Firewall with VPN Capabilities

A properly managed Firewall will greatly enhance the security of a business network and data.  Firewalls provide services such as Web Content Filtering, Virus and Malware Filtering, Intrusion Detection, Virtual Private Networks, etc.  These services prevent unauthorized connections into the business network and block malicious software from installing on computer devices.

In particular, the Virtual Private Network (VPN) establishes an encrypted connection from the remote employee’s computer to the business network.  This connection will allow the remote employee to operate as if they were in the office.  Remote employees connecting to the network via a VPN will be required to use a password to gain access to the network.

5. Provide Remote Workers with Business Computers

It is highly recommended that remote workers are assigned laptop computer systems that are patched periodically, have licensed anti-virus, and are configured for VPN connections.  These laptops need to be equipped with good cameras and microphones to allow employees to connect to virtual meetings.

Asking employees to use their own computers is risky since they may not have proper cybersecurity protections in place.  In addition, systems not properly equipped will result in poor interaction with other remote workers.

In-Closing

Your SMBs can avoid many security risks by implementing the recommendations presented here.  An additional gain would be to make your employees aware of the potential for malicious attacks from lurking hackers.  This awareness can be done during staff meetings, training sessions, webinars, etc.