As a business owner or exec, the time to scale up is a major milestone — and it also comes with a checklist of things to think about. While you’re figuring out how to grow the company, it’s important to learn about the new cybersecurity challenges and concerns you’ll run into as you expand.
To get business cybersecurity advice and find out which areas we should focus on, we turned to ESET. These are the 3 cybersecurity considerations leaders should keep in mind when they’re scaling their business, according to the experts.
#1 Assess your current cybersecurity system
Before you do anything else, audit the cybersecurity infrastructure you’re working with. Chances are, you’ll have some gaps to fill now that you’re starting to grow the company, and this step will help you to identify those.
Ideally, you want to make sure you have these security measures in place to protect small businesses against cyber threats as you scale up:
- Set up multi-factor authentication. Two-factor authentication is good, multi-factor authentication (MFA) is better. This means your employees will need to provide a password plus one more piece of information — such as a code sent to their phone or email — before they can log into things like GSuite, Slack, Zoom or the intranet. This step might be time-consuming, but according to Google, it stops 100% of automated cyber attacks.
- Use iron-clad email filters. Often, businesses fall victim to ransomware attacks launched via spam or phishing emails. A simple way to prevent this from happening is to activate email filters that scan all emails for spam, viruses and malware that could infect your devices.
- Create unique, complex passwords. Instruct your team to come up with a different password for each account they use at work, and to make sure it contains a mix of letters, numbers and special characters. Eventually, you might invest in a premium password manager. These software programs store, organise and encrypt passwords so you don’t need to commit them to memory. Think of them as a password vault.
- Require employees to use a VPN.
- Back up your data frequently. If possible, maintain two backups of all business data: one on an external hard drive or flash drive, and the other on an encrypted cloud storage platform like Google Drive. You’ll already have access to this if your company uses Gmail. By keeping two backups, you’ll be able to quickly recover any data if you do get targeted in a cyber attack.
- Strengthen your cloud security. Some cloud services can’t distinguish between authorised users and unauthorised users trying to access stored data. If you find out that your cloud service isn’t as secure as you like, tap into third-party software like ESET Cloud Office Security. It configures your cloud security so hackers can’t skip past your company policies and see sensitive information.
- Run regular security audits. Now that you have a cybersecurity checklist for companies, it’s worth setting a reminder to check in on your systems every few months to make sure there are no weaknesses. As you grow, you could also consider outsourcing your cybersecurity or hiring in-house professionals.
Once you’ve shored up your own cybersecurity for growing companies, it’s worth checking in with any contractors or vendors you work with and asking about their security practices. It’s important that they take cybersecurity seriously to avoid a supply chain attack, which is when a hacker accesses your system through the “weakest link.”
#2 Train your employees on cybersecurity
Unfortunately, many cyber attacks can be traced back to human error. For instance, an employee might accidentally click on a malicious link in a spam email that infects their computer. Or, they might use the same password for everything, which makes them more susceptible to hackers.
Cybersecurity can be confusing. Rather than assuming your team has a good handle on it, set up a training session to walk them through cybersecurity best practices for growing businesses and give them an opportunity to ask questions.
These are key points to cover:
- Don’t open emails from unknown senders. Explain how to spot a suspicious email, as well as what to do if they receive one. Depending on your company, they could mark it as spam or forward it to your IT department.
- Stay on top of software updates. Software developers frequently release patches to fix flaws in their programs. It’s essential to install software updates as soon as they pop up — or even better, switch on auto-updates so you never miss one.
- Connect to a Virtual Private Network (VPN) at home. Do you have staff members working from home? A VPN strengthens their WiFi connection, encrypts the data they send and receive and allows them to stay private online, which can give your business peace of mind.
- Turn on your router’s firewall. Remote employees should also enable their firewall, which will filter the traffic trying to enter and exit the network and stop potential hackers in their tracks.
- Encrypt WiFi networks. To do this, go to your router’s console settings and choose WiFi-Protected Access 2 (aka WPA2) for the network and AES for the algorithm. This makes it much harder for hackers to access your network.
- Avoid work devices for personal use. The computer, laptop or smartphone you provide your employees should be used for work purposes only. And if your team is using their own devices, ask them to use different browsers when they’re working.
#3 Invest in antivirus and anti-theft security software
As a growing business, good security software is one of the most important investments you can make. It will significantly reduce cybersecurity risks for large companies, including malware, ransomware and identity theft.
ESET Protect Complete and ESET Protect Advanced provide a multi-layered defence against cyber threats, safeguards WiFI networks and webcams, and scans attachments and images for viruses. They also strengthen cloud email, collaboration and storage systems, and offer endpoint protection. This encrypts your data across wireless devices, which is helpful if you have employees working from all over. These premium software programs also have a remote management feature so you can easily monitor your company’s WFH security.
Protect your business while you innovate
Scaling a business is exciting, and it’s essential to keep cybersecurity top of mind as you grow. Questions? Reach out to ESET’s team and learn more about digital transformation now.