This is a series of articles on Business Protection.
Learn more about protection for your business in the following articles:
- Why a disaster recovery plan matters
- Protect your data from “insider breaches”
- How to protect your intellectual property
- How to protect your business from cyber threats
- How to achieve secure remote working
Would you rather give up US$1 million than let a stranger gain full access to your laptop? According to a survey conducted by Norton, three quarters of Singaporeans would give up US$1 million to prevent strangers from gaining access to their personal data1. The survey also showed that Singaporeans were most afraid of losing personal financial information stored on personal computers.
Like individuals, businesses have similar fears but on a bigger scale. Businesses like yours want to avoid the costly consequences of being a victim of cyber threats. These consequences are not trivial; between 2005 to 2010, Cybersecurity reported that Malaysia lost S$1.13 billion to cyber threats, with the financial sector being the worst hit2.
To help your company prevent losses from external attacks, here are some proactive steps you can take to always know who, what, when, where and how your company data is accessed.
- Shut the door to malware. Install anti-malware solutions in your company computers, laptops and mobile devices helps. Practically any device that stores sensitive data needs to be guarded. You can also start by ensuring that the “protected mode” found on Internet Explorer, Firefox, Google Chrome or Safari is enabled to limit exposure to malware sites, and educate employees on the dangers of clicking on suspicious attachments/pop-ups.
- Authenticate your IT systems. Inform your employees on your company’s security policies. Encourage them to password protect any device, personal or company-issued, that contains company data. Also, you could make it part of mandatory company policy to change passwords frequently.
- Be watchful of what employees share outside the workspace. Cyber criminals can obtain confidential data on your company via identity theft, or by searching for social media updates that contain information shared by your employees. Ensure that you clearly spell out what is confidential and what is not so your employees will know the difference. You can set a company policy to hold employees responsible for keeping company data secret, such as a Secrets Act or Non-Disclosure Agreement clause. This lessens your chances of having your company’s security perimeter breached.
- Guard your data like it’s gold. Identify which data is critical, and control who is allowed to access it. If you are still developing IT capabilities as a start-up or growing enterprise, go ahead and seek a trusted IT advisor for advice. For example, you could adopt a VPN service on a private cloud, and give access only to a few critical staff.
- Have a back-up plan ready to go. Reporting incidents may be more important than losing it in the first place. Have a back-up plan in place just in case your company does lose encrypted data or if there is some data leakage. You may need to change all passwords, revamp your entire IT system, or even recreate lost data from scratch – should a breach occur.
Ask yourself today; is your company cyber crime-ready?