Avoidable Cyber Security Mistakes: Prevent Vulnerabilities

Security is the top concern of every IT professional. Damaged data and information systems can mean lost customers, money, and intellectual property, cessation of business operations, and even lawsuits by affected customers and vendors. Many threats to security and security vulnerabilities can be protected with a reasonable amount of research and common business sense.

Some of the more common security mistakes companies make are avoidable by employing these measures:

•       Use the right password. Most companies know enough not to use birthdays and social security numbers. Still company passwords should include a combination of letters, numbers, and symbols that do not reference any part of the company.
•       Passwords should be routinely changed. It’s good practice to change passwords on a weekly or monthly basis.
•       Use antivirus software. Anti-malware software is a layer of protection every company should use.
•       Firewalls. Firewalls provide network security. Firewalls can be in hardware or software form. There are different types of firewalls, which offer different layers of protection.
•       Install the patches that come with the software. Many operating systems and applications release software patches specifically to respond to any known security issues. Many security patches are automated.
•       Secure data properly. Do not store information on devices and then leave those devices or use them on public sites.
•       Have a sophisticated permission system. Organizations should have a plan in place for deciding which people have permissions for which parts of the business. When people switch departments, new passwords should be required.
•       Use secure Wi-Fi networks. Networks should be encrypted with proven software. Encryption software should be vetted before it is used.
•       Companies using cloud services should understand where the data is hosted. Many data centers have multiple locations. The company IT department should know which location is being used for their data.
•       Security should be aligned with business needs. Companies should prioritize what information must be protected by law, what information is essential to running the business, what information cannot afford to be disclosed to competitors, among other business concerns. Companies should understand exactly all the financial and technical harm a breach can do
•       Understanding what email servers are being used and what content is being sent. Sensitive information should be protected. There should be proper notices about disclosure of sensitive information.
•       Have proper backup plans. Even with the best technology and the best planning, breaches can happen. Companies need to have a disaster recovery plan in place. Backup plans and disaster recovery plans should be tested. Don’t just assume they will work.

Some other security issues companies should address include informing and training employees and management about cybersecurity and addressing mobile security issues, including what happens if mobile devices are lost or stolen.

Don’t let a security breach ruin your company; make the call to a skilled IT security professional

Security planning should be part and parcel of every company IT department. The best time to address security breaches is before they happen – not afterward. To learn the security steps your company should be taking, call Volico today at 888-865-4261.  Our knowledgeable IT security professionals are ready to help your company prepare for internal and external threats.