There are 2 indispensable cyber-security steps that are available to you and you can take them today!
I had a recent discussion with my friend who is the Chief Technology Officer for a 500 person prescription management company about the new age of cybersecurity. One inevitable conclusion he pointed out is that clever Cyber-criminals will forever be formulating new strategies to surprise their intended victims, making it fallible (at the present) to rely on technology alone to protect your business from malicious threats. There are common-sense technologies that should be in places such as Enterprise-class anti-virus & anti-malware, or a firewall that filters traffic and spam. If you work with Upward, you can rest assured that these are actively managed by default. But even with these measures in place, you cannot expect to be safe without an educated and savvy workforce. The bad news about cyber-security: it’s not a matter of if your business will face an event, but when your business will face the event. The good news: You can take some of the most effective steps towards protecting your business right now and with a small investment of time. The following are 2 indispensable cyber-security steps you can take today, with little to no investment:
Training for Users
Take time in an upcoming staff meeting to have an open-forum discussion with every staff member about the types of cyber-security risks that exist out there: spear phishing, ransomware, and malware, etc. and the ways those threat vectors are introduced and appear in your environment.
If you don’t know how to facilitate this discussion, invite your IT provider to lead the meeting. This is perhaps the most meaningful information you can give your people to help protect your company. It is their common-sense vigilance that is your best line of defense against cyber-crime.
Policy for Disaster Response
You can prevent a disaster to your heart’s content, but it will still be “when” not “if”. So the question becomes, what will you do if something bad happens? This is the simple question that should be thoughtfully considered, reviewed, documented and trained to. After the malware is discovered and reported by your staff, and you determine that client data was compromised, will you call your clients to let them know something bad happened, or not tell them at all? Will you call in an outside forensics company, a PR company, a cyber-response firm? When will you make an insurance claim? This “who, what where, when, why” are critical questions. The ramifications if you get them wrong can be a PR nightmare, a devastating lost trust or even a lawsuit.
Just as with training, there is a huge amount of free information available online and your IT resources should be able to facilitate the creation of a clear plan that you can document and train your people to adhere to. If you need to talk more about how you can help you and your staff be better prepared when it comes to risks in cyber-security contact Upward Technology today!