How much do you know about cybersecurity? Small business owners often lack the resources to enact a strong defense against cybercrimes and take for granted that their IT systems are relatively safe. To better understand some of the common ways employees can unwittingly become a conduit for hackers, take the following quiz. This quiz was adapted from a resource offered as a public service by AFCEA, an association of data security professionals.
True or False
1. Mobile applications downloaded from major brand online stores are generally safe.
False: These stores may try to vet mobile applications for malicious behavior, but there's no guarantee they're safe. Some online stores may not assess the legitimacy of an app at all, or not adequately.
2. The address or URL you see in the link is always the actual website to which you're being directed.
False: Masking the real website address in links is a common way cybercriminals use to fool unsuspecting victims into visiting malicious websites. To see where a link actually leads, let your mouse hover over the link without clicking on it.
3. What you or your employees do on social media could have a negative impact on you or your organization.
True: Identity thieves, robbers and other criminals are adept at piecing together data bits from various social media sites, and using the information to plan online and physical attacks.
4. Your vendors maintain strict cybersecurity procedures.
Possibly false. In other words, don't count on it. When choosing vendors, ask how they protect their networks and train employees, and what kind of background checks they perform. Some of the large companies that have been recently hacked were infiltrated after thieves first broke into the databases of their vendors.
5. Most links to "phishing" websites are now sent through social media instead of through spam emails.
True: Social media is now the preferred phishing hole. Let's say your employee, while on a company computer, visits a social media site and clicks a link that appears real, but which actually connects to a phishing website. That action may open a door that allows malicious software to be downloaded onto your computer, or which may be used to steal the employee's username and password. This in turn can enable criminals to break into your system.
All it takes is for one employee to click on the wrong link and your business could be in jeopardy. After a thief hacks into your system, the rewards can be great, so there's a powerful motivation to keep trying. To guard against security issues and minimize risk, here are some tips to share with your staff.
Cyber Tips for Road Trips
Employees who travel for work need to be on high alert for hacking attempts. This is especially true if they travel to a foreign country that might have a high priority on looking for commercially sensitive data.
Don't expect any protection from hackers — including the government of the country you are visiting. In some countries, you can assume there's a good chance your digital communications will be monitored.
If you think there may be a high degree of risk, take only essential digital devices. Otherwise, back up all sensitive data, then delete it off the devices you'll be traveling with. Use full device encryption for sensitive data, set up strong passwords and make sure all of your applications are up-to-date. Also, you can register for the U.S. Department of State's "Smart Traveler Enrollment Program" to receive travel alerts regarding your destinations.
Safe but not Secure
Never assume your digital equipment is secure just because it's locked in a hotel room safe. Safes can be opened by certain hotel employees if they're determined to steal data from you.
Public computers in business centers, Internet cafés and kiosks are anything but secure, and shouldn't be used for any sensitive business or personal communications.
When you get home, be sure that your antivirus software is current and run a full system scan. It might also be wise to change all your passwords and throw away any removable media you bought or used on the trip.
Assume the Worst
When it comes to the security of your company's databases, you can't be too careful. In the interest of safety, you need to assume mistakes will be made. That's why it's critical to go over computer security issues with your staff regularly, alerting them to new scams and providing tips for avoiding them.
© Copyright 2019. All rights reserved.