Get in touch with us today! Call us toll-free at 1.866.754.4111 or email us at [email protected] Close button
Web Design Kitchener Waterloo Guelph Cambridge AODA Development
This is a headshot of Sanj Rajput.

Illustration of a digital shield and lock on a dark blue background

 

According to the Canadian Centre for Cyber Security, the Covid-19 pandemic presents an elevated level of risk for the cyber security of small businesses. Not only should you protect your website and email servers from attack, but you should also harden the security on your company devices.

 

Read the recommendations for the best cyber defense practices your business should be implementing below.

 

1. Enable security software

Your business should be protecting itself against malware–malicious software that is designed to infiltrate or damage computer systems. You should educate your staff about accessing non-work-related websites and content when on a company device, especially when they are working from home.

 

Your organization should enable secure anti-virus and anti-malware solutions and any software firewalls on all company devices that can access the Internet. These programs should also be configured to conduct automatic updates and regular scans and your IT admin should receive warnings if staff are disabling them.

 

2. Use strong multi-factor authentication (MFA)

Multi-factor authentication is a reliable and secure method of account or device login that requires more than just one verification that uses something you know (PIN or password) on something you have (a token), and something you are (a fingerprint). Whenever possible, multi-factor authentication should be used.

 

3. Improve your password use

More often than not, passwords are not strong enough to deter cyber threat actors. Organizations should be implementing cohesive guidelines around password creation and should instead opt for passphrases. A passphrase consists of a sequence of mixed words, numbers, and punctuation that contains at least 4 words and is a minimum of 15 characters in length.

 

4. Have an incident response plan

A cyber incident is defined as any unauthorized attempt, successful or otherwise, to gain access to, modify, delete, or destroy any computer network or system resource.

 

An incident response plan helps ensure that your business is properly prepared to detect, respond, and recover from a cyber-attack incident. An effective plan will limit any disruptions and reduce data loss. A written incident response plan should highlight an established set of guidelines that are in place so responders can be ready to carry out the tasks necessary to minimize damage and deal with the incident at hand.

 

The incident response plan should include contact information for every person involved in response activities, instructions for how to handle incidents, the roles and responsibilities of everyone involved, and the actions that are required for mandatory incident reporting.

 

5. Secure websites

Your company’s websites should be secured using the Application Security Verification Standard (ASVS). ASVS proposes a standard list of security requirements and controls to implement during each phase of website development.

 

REM clients have their websites stored on highly secured servers with back-ups and redundancies to minimize any downtime. Your webhost should also do regular backups of your site and store those backups for at least a couple of days just like REM does. In case of an attack, being able to roll back to a clean version of the site can save you thousands of dollars in downtime and lost sales.

 

Your business should be investing in the proper tools for security requirements on all websites that are developed. If you are worried about the security of your website, speak to an REM business website sales rep today.

 

6. Provide employee training

Making sure your employees are properly educated about cyber security threats can help protect your business and minimize any potential risks. Effective employee training includes the implementation of unique passphrases, safe use of the internet and social media in the workplace and identifying any malicious emails. Companies should be investing in security training and should consider creating a cyber security training policy if they don’t already have one in place.

 

7. Back up and encrypt data

All essential business information should be backed up regularly to a secure and external location. As well, back-ups should be encrypted and restricted to individuals who are responsible for testing and restoring functions.

 

8. Secure portable media

There are risks involved with portable media. If sensitive information is lost or misplaced, your organization’s data that is stored on these devices can be potentially gone forever. Information stored on portable media should be encrypted to prevent any unauthorized individuals from accessing sensitive data.

 

Conclusion:

All small businesses should be taking cyber security extremely seriously to be better prepared for any sort of attacks and to be able to spot, respond, and act as efficiently as possible in the face of any potential cyber threat.

 

Subscribe to this Blog Like on Facebook Tweet this! Share on LinkedIn

Contributors

Sanj Rajput
24
May 24, 2022
Show Sanj's Posts
Rob Matlow
117
February 17, 2022
Show Rob's Posts
Sean Sanderson
65
January 24, 2022
Show Sean's Posts
Haley Burton
1
December 7, 2021
Show Haley's Posts
Generic Administrator
1
December 3, 2021
Show Generic's Posts
Colleen Legge
1
November 26, 2021
Show Colleen's Posts
Christine Votruba
30
November 3, 2021
Show Christine's Posts
Sean McParland
18
August 20, 2021
Show Sean's Posts
Ryan Covert
48
July 26, 2019
Show Ryan's Posts
Matt Stern
4
July 16, 2019
Show Matt's Posts
Sean Legge
1
June 28, 2019
Show Sean's Posts
Todd Hannigan
47
November 13, 2018
Show Todd's Posts