Security First & Associates states that when National Journal former Justice Department official Mike DuBose said, “Amidst all the concern and discussion over foreign hacking, what gets lost is the fact that the vast majority of serious breaches involving trade secrets or other proprietary or classified information are still being committed by insiders.”
As I’ve mentioned before, insider threats are on the rise—especially for smaller businesses and organizations. Here are 5 ways security professionals can help protect companies against an insider cyber attack:
Control Access
Limit access to data or use of business computers to anyone that doesn’t need it to do their job. Laptops, tablets and smartphones are particularly easy targets for theft, so make sure they are never left unattended and are always stored in a locked location. As soon as an employee has left the company, be sure to not only collect any technology he may have been using, but immediately prohibit access to servers, networks and content.
Secure Wi-Fi Networks
Always make sure passwords are required for access to your company’s Wi-Fi network—making sure you have changed the administrative password that was on the device when it was purchased. In addition, make sure the Wi-Fi network is hidden. Click here for instructions on how to do this.
Protect Against Viruses
The U.S. Small Business Administration site suggests installing, using and regularly updating antivirus and antispyware software on every computer used in your business. Such software is readily available online.
Don’t Ignore Software Updates
There is a reason software vendors provide regular updates to their products and platforms: to improve functionality and correct security problems. Make sure all software has been updated—you can actually configure it to install updates automatically.
Make Backup Copies
“Regularly backup the data on every computer used in your business,” says the SBA. “Critical data includes word processing documents, spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files.” Try to do backup information automatically. At the very least, make a point to do a backup every week.
While you may be the person responsible for managing cyber security, make sure all employees are knowledgeable about the overall rules and policies—including what they can and cannot post on social media. For more information, checkout the FCC’s Small Biz Cyber Planner.
If you have questions please don’t hesitate to contact Security First & Associates