Cyberattacks are becoming increasingly more common – and small businesses tend to be the victims. Studies suggest that one in five small firms have been hit by a cyberattack. As a result, having good cybersecurity measures in place is essential.
Most companies understand the basics of cybersecurity. However, many companies fail to do enough. Here are just some of the most common cybersecurity mistakes that companies make.
Using outdated software
If software isn’t regularly updated, it won’t be secure against the latest threats. Some people fail to update software simply by never shutting down their computer – most updates require you to restart your computer and if you’re constantly leaving it on standby, your software will never have a chance to update. However, another more dangerous problem is using old versions of software that are no longer supported. Such software may no longer be receiving updates and could be vulnerable to every new threat that is developed.
Migrating software can be complicated, which is why some companies put it off and continue using old software. It could be worth looking into a database migration service to help you. When choosing new software, make sure that it receives regular updates and is well supported.
Using weak passwords
You can have the most robust firewall and anti-virus software in the world, but it will all be for nothing if you’re using weak passwords like ‘1234’ or ‘password’. Cracking passwords is still one of the most common forms of entry for hackers. It’s therefore important that you use strong passwords.
The best passwords are over 14 characters and consist of random strings of number and letters (upper and lower case). Such passwords aren’t easy to memorise of course, which can be an issue as it often results in people writing down these passwords somewhere where they could be stolen. Fortunately, there are a few tricks that you can use to create memorable complex passwords. This could ensure that your passwords are as secure as possible.
Having no backup
Hackers may try to steal, encrypt or delete information. This is particularly the case with ransomware attacks, in which a hacker may effectively take your files hostage. Having data backed up could allow you to continue business as normal afterwards. If your data isn’t backed up, you could end up losing valuable information, which may even make it impossible to continue operation.
There are many different forms of backup that you can use from external hard-drives to the cloud. Start backing up your files now if they’re not already backed up. You can read more about forms of data backup online.
Not scanning websites and emails
One of the most common ways in which viruses enter computers is via attachments on malicious emails and automatic downloads on unsecure websites.
Many antivirus programs come with scanning tools that allow you to check if an email or website is potentially dangerous before clicking on it. If you don’t have these scanning tools activated, it could be worth looking into them. While email servers and search engines can offer some warning, these scanning tools could help to offer a more effective warning before clicking on emails and sites, so that you’re less likely to download a virus.
Failing to use a VPN
If you often work from different locations, you may be logging on to many different wi-fi connection. Some of these connections may not be secure and could result in your information being stolen.
A VPN (virtual private network) can keep your connection secure so that hackers can’t infiltrate your system. VPNs are relatively easy to set up and aren’t particularly costly. You can compare various VPNs on the market online.
Having no cyberattack response plan
When a cyberattack happens, you and your employees needs to know how to react. In some cases, you may not have much time. For this reason, it can be worth putting in place a cyberattack response plan and drilling it with your employees.
Going on a cybersecurity course might help you to implement such a plan. Alternatively, you may be able to talk to a business IT expert who may be able to help you put in place a plan.