George Nellist | August 2022
Phishing scams are quite common and have come in many forms over the years. The current trend is phishing emails, where cybercriminals pose as legitimate people or companies to lure individuals into providing confidential information. Often the information these criminals are seeking is financial and if these individuals access this information, it leads to significant financial loss.
With phishing emails on the rise, you need to ensure that your company stays secure so you don’t become the victim of a cyber attack. Read on for strategies you can implement to protect your company.
Install and Update Security Software
Your company’s first line of defense against cyber attacks is security software. This type of software can include antivirus programs, firewall programs, or spam filters, which are very effective at preventing phishing scams. Your company can also choose to invoke website filters to prevent employees from accessing malicious websites.
Installing security software is not a one-time process. In order to continue being effective, the software needs to be updated regularly. After all, when it’s not current, you risk getting caught in a phishing scam because your protection is not as strong. “We failed to keep our security software updated and almost fell victim to a phishing scam,” shares Chris Gadek, Head of Growth at AdQuick. “We were lucky everything worked out as it did, but we’ll never make that mistake again.”
You’ll want to come up with a plan for backing up your cybersecurity software. Adam Bém, Co-Founder and COO at Victoria VR recommends putting updates on auto-pilot. “We keep our security software automated to update. It’s the best way to stay safe. We don’t want to risk leaving any gaps in protection. We also have our IT team regularly monitor the status of the software to ensure the utmost protection.”
Schedule Regular System Backups
To continue protecting your company information, you need to have a backup and recovery plan for your data and software. “Backing up your systems ensures you’re able to recover anything that’s lost, whether it’s from a cyber attack or from updating or installing software,” explains John Jacob, CEO of Hoist.
Your company needs to work with a technology team to strategize the best method for backing up your systems and keeping a consistent schedule. Charles Tichenor IV, Founder of Facebook Disrupter doesn’t take any chances in losing data. “We backup our data in cloud storage and an external hard drive. Our data is backed up in the cloud once a day and we back up to an external hard drive weekly. We don’t want to risk losing anything.”
Saving your data in multiple places is an excellent idea so you have a backup for your backup. It’s essential if you operate with data you can’t afford to lose or compromise.
Strong Password Policies
In some phishing scams, cyber attackers will gain access to company emails and utilize them to gather information. The best method for preventing this is to employ strong password policies. Passwords should be complex and include a minimum length and include numbers and special characters. The complexity makes the passwords more difficult to hack. In addition, passwords should be updated regularly and kept in strict confidence.
Scott Annan, CEO of Mycube Safe makes smart recommendations regarding the creation of complex passwords. “Passwords should be 20 characters or more in length and should include at least one of the following: an uppercase letter, a lowercase letter, a number, and a special character. In addition, passwords should not be a common dictionary word or a common name. In fact, it’s not recommended to use any names that are closely related to you as those could be easier to hack. Passwords should also avoid number sequences of 4 or more. The more obscure, the better.”
Creating passwords will take some creativity, as it’s also essential to keep passwords updated on a consistent basis. “Our software is set up to require password changes every 60 days,” shares Michael Burghoffer, CEO of PicoSolutions. “There are also criteria that require the password to be different from previous passwords used to reduce risk of hacking.”
Utilize Multi-Factor Authentication
Password protection is just one step in ensuring the security of company data. An additional layer of security includes multi-factor authentication. Benjamin Meskin, President of Cabrella explains, “Multi-factor authentication is an extra layer of security that requires two or more credentials to log in. This way, if a hacker were to gain access to your username and password, they would still face challenges trying to access company accounts.”
Multi-factor authentication steps feature two types of credentials. The first is information you have, such as a security key. The account is set up to deliver a passcode, typically to a phone number or other device, that you’ll use as a step to accessing your account. The other type of information that may be required is something only you can provide: you. This includes a scan of your fingerprint, your retina, or your face.
For Corey Ashton Walters, Founder & CEO of Here, multi-factor authentication is a must. “Every company account requires multi-factor authentication. It’s an extra step but truthfully, it’s not that inconvenient when you think about the risks. It’s just one of the ways we ensure the protection of company data.”