If you follow Cyber Security news, it seems there is a new breach every day. The cyber threat landscape has become extremely sophisticated over the last few years. There is no such thing as being too small to be a target. Below is information to help protect yourself and your business.
1. Utilize Multi-Factor Authentication
To help minimize risk of unauthorized access to your online accounts, you should implement Multi-Factor Authentication (MFA) for any online accounts that contain financial or personal information, such as your email accounts, VPN, online banking, social media and medical sites. MFA requires an extra step to log-in to your accounts, but this step will help minimize the risk of a compromise. We highly recommend using a software, like Google Authenticator or Microsoft Authenticator, that will provide random codes for your secondary form of authentication at each log-in. Another option is having a code sent via text to your phone.
2. Advance Email Security
Most breaches start with a malicious link or attachment that is clicked-on in an email. There are many native settings within email that will allow you to block certain attachments, languages, or locations that are known to be higher risk. In addition, you can utilize add-on services that look for more advanced threats. While these services will not stop 100% of malicious inbound email, they should significantly limit the number of malicious emails your employees receive daily.
3. Protect Against Business Email Compromise (BEC)
Business Email Compromise is a type of cybercrime where the scammer uses email to trick someone into sending money or divulging confidential company info. The culprit poses as a trusted figure, then asks for a fake bill to be paid or for sensitive data they can use in another scam. By implementing a call-back procedure to a known phone number for any request received via email, even from a known source, you can minimize risk of being a victim of this type of scam.
4. Use Dark Web Monitoring Services
As the threat landscape evolves and breaches occur, user credentials and company information are published and sold on the Dark Web. A dark web monitoring service can assist in being proactive when company account information is published on the dark web. Many of these services can assist in monitoring company email accounts for compromised passwords, company websites, social media and other areas to protect your brand and its reputation.
5. Train and Test Your Employees
Your employees are the first line of defense against cyber threats. If employees do not know what to look for or who to report suspicious activity to, this can lead to an insecure environment. There are many services that provide online training and tests for employees. Five Star Bank provides monthly training to ALL employees and tests everyone to ensure cyber security is top of mind. Additionally, we provide all new employees with specialized training to educate them on the cyber security culture at the bank. This process allows the bank to maintain a strong security culture that helps us keep our customers’ information protected.
We hope that these tips have been helpful in reducing your cyber security risk!