Cybersecurity evolved beyond a simple anti-virus application long ago. The modern threat landscape has grown in both scale and sophistication, and this requires small business owners to change the way they think about cybersecurity and take affirmative action, but what should you do and where should you begin?
The following advise and resources have been hand-picked by OK Computer in order to help small businesses begin securing themselves today. Many, but not all, of the recommendations are free (or relatively cheap) to implement.
Protect your Personal Credit
Identity Theft is real, and your personal credit rating can have a huge impact on your business credit. This is something a lot of small business owners overlook.
A Security Freeze (or Credit Freeze) prevents criminals from opening new lines of credit in your name using your Personally Identifiable Information (PII).
Whether or not you know it, your PII is most likely already available to criminals thanks to the endless deluge of breeches and mega-breeches that have been hitting major retailers, the military, government agencies, data brokers, and even the credit reporting agencies themselves (see Equifax Breech).
The good news is that this can be done in 20 - 30 minutes and provides strong protection for your credit. Best of all, it's now free.
Freeze your Credit
Freeze your credit with all four major credit reporting agencies.
Learn more about getting a credit freeze.
Protect your Accounts
Are you already exposed?
Probably. Breaches (1) are a fact of life these days. Whether you know it or not, there is a high probability that at least one of your online accounts, along with other personal information, has already been exposed in a data breach (2,3). Marriot (4), Wendy's (5), Target (6) , Home Depot, Yahoo, Citrix, etc., etc. ...the list goes on and on.
If you use the same password on multiple sites, a breach that exposes one account may end up exposing other accounts that share the same password.
Use Strong, Unique Passwords and a Password Manager
Weak passwords are surprisingly easy to guess using automated tools. Use a strong, unique password for important and/or sensitive accounts.
If you have more than a handful of passwords, using a password manager will make your life a lot easier and more secure by helping you generate strong, unique passwords and securely storing them for you so you don't have to remember them.
Enable Multi-Factor (aka 2nd Factor) Authentication
Because breaches and other forms of credential compromise are so common, it is highly recommended that you enable Multi-Factor Authentication wherever possible.
This is especially important to set up with your cellular carrier since anyone with control of your cellular carrier account could abuse that access to intercept SMS text messages containing 2FA codes for other accounts.
Verizon calls it Enhanced Authentication. See https://ok-computer-llc.itglue.com/2284026/docs/2890077
Use an Authenticator App
Authenticator Apps are more secure and more convenient than receiving 2FA codes via SMS or Email.
Protect your Computers
Very thick, very heavy books have been written on this subject. It can get complicated even for experienced system administrators. However, there are some very basic, very simple things you can do to keep your computers secure.
Use Modern Hardware
I'm going to give you a great excuse to get that new computer you've been wanting. Modern hardware typically has security improvements over older, legacy hardware, like Secure Boot, UEFI and TPM, to name a few.
If your computer is more than 5 years old, you should prioritize getting a new one as soon as you can.
A new computer will come with the latest version of Windows (or MacOS) installed, which will also make your computer more secure (see Use a Modern, Supported Operating System below).
So, buy a new computer, simple, right?
Leverage Modern Hardware Security Features - nsa.gov
Update your Firmware
Firmware updates for your laptops and PCs fix security vulnerabilities that can bypass all protections implemented at the Operating System level.
Use a Modern, Supported Operating System
If you're using Windows, this means you should be using Windows 10 if at all possible. Note that support for Windows 7 ended on Jan. 14, 2020. That means it's no longer receiving Security Updates. If you're using Windows 7, you should upgrade to Windows 10 ASAP!
In fact, if your computer came with Windows 7 on it, now is a good time to think about getting a new computer (see Use Modern Hardware above).
Use a Standard User Account in Windows
This is the single most effective thing you can do to protect your computer from malware infections, and it's free.
Backups and Disaster Recovery
A current backup can be a life saver in the event of accidental deletion, hardware failure, natural disasters, and ransomware infections. However, backing up is only half the battle.
Equally important is a sound Disaster Recovery plan that enables you to restore operations as quickly as possible when disaster does strike.
Many, if not most, of the updates Microsoft release for Windows are Security Updates that patch known security vulnerabilities, some of them being actively exploited by criminals in the wild.
It should go without saying that keeping Windows updated is a critical component of keeping your computers secure.
The good news is that Microsoft has largely automated this process for you in Windows 10.
The bad news is that Microsoft updates have, on occasion, broken Windows (e.g. rendering Windows unbootable or leaving the computer unable to connect to the network, etc.).
If this happens, System Restore or Windows Reset may be able to restore your system to a functioning state, but it's not guaranteed. If those methods fail, you may need to Reinstall Windows from scratch.
Endpoint Protection, Detection, and Response
This is what most people think about when they think about cybersecurity.
Endpoint Protection adds new protection features to traditional anti-virus software and usually incorporates cloud intelligence and AI and Machine Learning to help protect your systems from the latest threats.
Endpoint Detection & Response is the next evolution of the traditional anti-virus and adds new detection and response capabilities that aid in both recovery and forensics investigations.
SentinelOne - https://www.sentinelone.com/
Update your Applications
Built-In Update Utilities
Protect your Email
Exchange Online Advanced Threat Protection
Protect your Networks
You should think about ALL the networks you use; home, work, traveling, any other networks you or you employees might use.
Firmware updates for your router often fix severe security vulnerabilities than can expose your entire network to attackers.
RouterSecurity - https://routersecurity.org/bugs.php
Linksys - https://www.linksys.com/us/support/
D-Link - https://support.dlink.com/
OpenDNS - https://www.opendns.com/