the best practical tips that INSANELY work in 2019This is the list of the best practical tips that INSANELY work in 2019.

Why do you need them?
Be sure they will increase your company’s security today.

I separated them into 3 sections: for small business owners, for software and…

… keep on reading and you’ll be surprised by killer tips for employees!

So, let’s go!


Basic Security Tips for Small Business Owners

Firstly, we discuss some organizational aspects of developing an advanced team every business owner should notice.


1. Limit your Employees Internet Access

Does it sound crazy? Of course, it is not.

Look at the example:

A friend of mine is the owner of the outsourcing company.

When he started the business, he hired some people and totally forgot about the Internet access control. After five months my friend complained about the attempt of hacking the company’s system due to the accountant who surfed the Internet and agreed to the terms on an unknown website.

It cost him great efforts, time and money to fix the problem.

So, block the websites your employees don’t need for work with the help of a qualified specialist.

Then, give them a real example of how it can impact salaries and nerve system.

And don’t worry about troubles.


2. Organize Days of Cyber literacy once a Month

I tell you it will exactly work if you keep in mind some strategies to teach your team only twice a month to create cybersecurity culture:

  • Involve everybody, including cleaning staff;
  • Encourage your employees these days to combine the form of a simple discussion with interactive games creating puzzles or crosswords;
  • Run thematic lunches and suggest out-of-town trips;
  • Provide mini-tests at the end of a practical course;
  • Train the staff on the widest spreading security violations like phishing.

For example, in accordance with statista.com, in the 1st quarter of 2019 Brazil was ranked first as the most popular country with phishing attacks. Look at the graph to know more about other countries in the world:

Countries targeted by phishing attacks

As a famous Greek billionaire said:

The secret to success is to know something nobody else knows.

So, let the employees know all the risks.

And don’t think you waste the time because you boost a corporate spirit.

MY IDEA: If you are not sure to have enough time for the activity, the other more expensive way is to find a professional Cyber Security Consultant. He or she may effectively solve the issues by organizing short cybersecurity courses.


3. Create a Plan to Become a Winner

This tip is exactly for these small business directors who never think of an emergency plan in case of an attack.  Even if you use a VPN for Windows in the office, the company may still be at risk.

Let’s figure out what you should do to build it.

  1. Highlight a circle of trust. Develop the plan with most trusting partners and investors.
  2. Decide what information has to function and be protected primarily. For example, customer data, financial statements or insider information.
  3. Learn from the mistakes of other organizations. Ask appropriate IT companies about the reasons for cyber attacks and eliminate them.
  4. Describe the step-by-step solutions in your plan.
  5. Determine the terms of the recovery process for each possible threat.
  6. Finally, develop a checklist to be sure you covered all the processes. Like this:

Checklist for cyber attack

Anyway, you will stay calm…

…and win the challenge.


4. For Owners: Be Careful with Social Media Posts

Everybody likes Social Media Websites.

And you may ask yourself “Who cares about my private life?” I know exactly that hackers admire spying someone else’s lives.

I will give you a true example:

An ex-girlfriend of my brother had a bad habit to post everything she saw, including the time of business meetings.

(By the way, she WAS a manager in a small financial company)

And one day, she made a post about a 3-day vacation for the team her boss provided in Egypt where she mentioned the dates and a place. When employees came back, a security manager noticed that there are many attempts to hack the network. Unfortunately, after an investigation, her post became the matter of action.

Thus:

  • Never show your location.
  • Don’t mention the time of your absence.
  • Forget about making posts with essential documents and contracts.
  • Avoid private data on the pages.

5. Hire an Ethical Hacker

Of course, you are not mistaken.

Let’s think for a moment.

Who is the best specialist and can aware of major tricks and traps?

Exactly, it is a “good” hacker. And I’ll explain.

Do you remember an old movie with Tom Hanks and Leonardo DiCaprio “Catch me if you can” about a famous financial criminal? He was dealing with check frauds, got caught and finally worked for the FBI to help them with difficult cases. And why? He knew everything about it.

That’s why it would be beneficial for your company’s security. Moreover, a hacker will show you what cybersecurity services are popular and  which ones are cheap VPNs in 2019.


6. Know the Key Information about your Employees for Security

And now let’s dive into the data you certainly WANT to figure out when you hire a new member of a team.

My life example.

Some years ago my father was acquainted with the owner of a little cleaning company with 10 people in a team.

And one day he decided to widen his business. So, first of all, he needed 5 more employees for doing a particular job. A couple of months they were working absolutely perfect until the moment when expensive equipment failed. He didn’t even suspect anything if after a few weeks it happened again.

Of course, he made an investigation. It turned out that an accountant and her nephew who was a newbie faked the facts of crashes.

The owner simply didn’t check anything about them.

So, don’t repeat the mistake and try to:

  • Figure out a family status, address, the date of birth and phone number of a new employee;
  • Check his or her social media profiles to prevent troubles;
  • Ask them about the past, including work experience;
  • Speak to his or her previous employer to be sure in reliability;
  • Avoid trusting super important information during the first couple of months.

7. Take Care of Strangers Don’t Have Physical Access to the System

That’s a really sharp question today.

And I have an example for you.

A friend of mine work on the 10th floor of a small IT firm. Surprisingly, neither his boss or other staff followed who came or went out of the office. And one day my friend noticed an unknown man who was walking in their kitchen. When he paid attention to him, this man runs away.

Nobody still knows what he did there. Maybe it was a competitor or a dissatisfied customer…

BUT agree – this is a very dangerous situation.

So, how can you control the outsiders?

  • Enter employee card ID system;
  • Don’t allow using external storage, like USB flash drive or external cables;
  • Don’t permit an unauthorized person to log in;
  • Keep an eye on your employees to lock the computers or other gadgets after leaving them.

8. Check Your Accounts Regularly

I doubt you pay attention to your accounts every day. But I recommend you some simple rules to do it more frequently.

  • Notice every unfamiliar activity in your accounts;
  • To prevent unpleasant situations, add a two-factor authentication. Where can you use it?

Where you can use a Two-Factor Authentication

According to statista.com, the most secure forms of authentication in Europe and North America are security tokens.

Secure forms of authentication

  • Tell your employees that it’s a great way to avoid compromising the accounts.

And that’s all! All of your data is protected.


9. Backups are your Best Friends

Of course, it is a high risk that your business will become a victim of cybercrime as many other businesses face.

And you likely WANT to be ready for this event and keep all the information you’ve already have.

Let me begin with a quick example.

Last year a friend of mine who is the owner of a little sewing factory got into trouble. It was an ordinary day after the weekend when he came to work and found out that the whole customer database was erased! He was totally upset because he DIDN’T make an additional copy. Indeed, he still doesn’t know who was guilty.

He’s shared with me the actions he does today.

And I’m going to tell you about them either. BACKUPS are everything you need. What do I mean?

Step #1. Spend money on an external hard drive to backup information to a physical device and keep it at the safest place, for example, in a vault.

Step #2. If you don’t have a vault or absolutely don’t trust a physical device, and want an additional place for saving, use a cloud-based backup service. You may read that this service is different from simple Cloud storage.

Step #3. Do backups twice a week. Believe me, it’s not so often for total security.


Cybersecurity Tips to Protect your Software

We’ve learnt about everything a small business owner should know. And now let’s focus on how the software MUST be protected.

Your success also depends on it!


10. Test your Vulnerabilities Today

Okay.

You may also call this action “pen testing”. How can it correctly be provided? Do you remember tip #5? The first who will responsible for testing is your personal company hacker. Ask him for:

  1. “Attack” the network. You can simply stimulate a real attack but go easy on it – it must be controlled.
  2. Analyze the weaknesses the system has.
  3. Determine what kind of malicious activity is possible with them.
  4. Get rid of soft spots with “patches” – additional coding for computer programs.

Steps of pen testing


11. Update the Software for your Company’s Security

We’ve already found out how it is NECESSARY to monitor your backups. The same situation with updates.

  • Regularly (every two weeks) check updates for an operating system, drivers and other important programs for employees;
  • Monitor automatically option of checking the software.

Why? It must be sound crazy but I have another life example.

I knew an IT manager of a small accounting company. It had a strict updating policy and everything worked well.  But one day my pal was sick and couldn’t control the updating procedure. Ironically, this time someone tried to hack their database. Luckily, the network was protected great and hackers failed.

But don’t test the system this way.


12. Use a VPN to Protect the Data

I hope you are not tired because this tip is the most IMPORTANT on the list.

Most of you know how a good VPN can become a helpful assistant for your business. All staff must connect to a VPN without exceptions.

A VPN’s basic functions

So, how and where can you choose an excellent VPN in 2019?

I’ll tell you what you should take into account.

Step #1 A VPN must successfully fulfill the tasks I’ve listed above. You don’t want anybody knows your IP or service keeps logs.

For example, NordVPN has a strict “No logs” policy:

NordVPN’s “No logs” policy

Step #2 Find a VPN with great discounts, with a free trial or a money-back guarantee.

It sounds GREAT, is it? Many VPNs are ready to offer flexible terms. So, your company may easily save money on system protection.

Step #3 Think of extra services a VPN can suggest.

I mean, your business is connected with collecting marketing data of movies’ views. So, you will want a VPN with extended features.

How about using Netflix or Kodi to make the researches more relevant and outstanding? In this case, you may consider a VPN that can offer these functions additionally.

Step #4 Install a VPN for all devices the office possesses.

I open you a secret – a good VPN can support up to 7 devices simultaneously. And it would be enough for a tiny office.


13. How to Make Mobile Devices More Private Right Now

And I’m going to continue the topic of privacy.

Actually, mobile phones are tracking devices number one. They also need to be protected.

There are many stories about how Google records a location and how, for example, the police could solve the crime to ask Google company for the data of a person’s location because it knew where a criminal was.

Of course, it concerns both your private mobile devices and those you use in the office – working mobile phones, tablets or laptops. Some ways to make them more secure:

Way #1 Stop synchronizing Google accounts with gadgets where it’s possible.

Way #2 Prefer Internet video calls rather than ordinary calls.

Way #3 Don’t pass a device to unknown people.

Way #4 Pay attention to background noise while speaking on the phone. In the case of danger, interrupt a conversation immediately.

Final Way #5 Use a VPN for mobile devices. You may consider the same basic features of a VPN I’ve told you in the previous chapter.


14. Protect Wi-Fi Network from Hackers

Imagine a situation when an angry hacker connected to your company Wi-Fi network and start sending spam to clients, partners or disclosing confidential information in the public. It’s awful!

Have you ever tried to get access from the free Wi-Fi of a company?

You can’t believe but I did it last year. Fortunately, I didn’t need any services what this firm could offer me.

You are lucky to read the article because you can protect the network today:

  • Give the name of Wi-Fi network isn’t connected with the name of your company.
  • Encrypt wireless access point in the settings.
  • Change an administrative password by default.
  • Disable access from the outside network.

15. Get rid of Unnecessary Accounts Promptly

Many small business owners even don’t realize how it is important.

Fortunately, you don’t need much time or additional resources for this action.

As usual, I have an example again.

I’ve recently asked my friend’s brother who works in a firm if they take this measure. And he answered that an IT manager deleted permanently the data belonged to former workers within ONE hour.

So, make a list of all former workers (I’m sure it’s not a great figure).

Then, DELETE all their accounts because hackers can use their old credentials to get involved in the system.

And that’s all!


16. Firewall Will Help to Avoid Troubles

Small business Firewall creates supplementary protection for the whole network.

Thus, a formed barrier can decide what traffic is allowed.

How Firewall protects the system

I offer you some elementary steps to make devices more reliable:

  • Install Firewall on office computers or laptops
  • Be sure an IT manager turned it on
  • Monitor set up process carefully
  • Ensure Firewall updating system works well
  • Ask for online “Help” if something goes wrong

Sometimes Window Firewall already exists in your system. You need only activate it:

Step #1: Choose Start > Control Panel > Windows Firewall to activate the Windows Firewall screen.

Step #2: Check the ON option to switch on the Windows Firewall as you can see below:

Activation of Windows Firewall


Cybersecurity Team Building Tips for Small Businesses

It is time to know about how the team’s behaviour may increase the security of your company’s internal network.


Bonus Tip 1. How to Set up a Strong Password

Believe me, you need this as air.

Weak passwords are a clear purpose for hackers who are looking for spots in the security system.

I offer you the step-by-step guide on how to create a confusing password:

Step #1. Think of 16 symbols.

Step #2. Keep in mind that it must include small and capital letters with digits.

Step #3. Add to your password some bizarre symbols, like “#@_$%” if it’s possible.

Step #4. The password must not contain any private information, like the date of birth, wedding, your name, phone number, etc.

Step #5. Remember the result and DON’T write down – so, nobody can read it.

Step #6. DON’T try to use the same password everywhere.

And one more advice: use a random password generator if your fantasy suffers.

BUT! It’s very difficult to memorize a complicated password.

What about this idea?

Make a phrase that is known only for you. For example, “My first kiss experience was at the age of 13”.

Then decorate it with “#@_$%” and figures, like “@My first_58kiss#experience was!!!at the age of%13”.

It’s simple!


Bonus Tip 2. Don’t be Afraid to Learn More About Cyber Attacks

To avoid the same story, I told you earlier the employees should also recognize the security risks.

Some elementary facts that a member of a team in any company should bear in mind to be aware of this sphere of life:

  • Read the materials about how to recognize the attack;
  • Never agree with doubtful activities on the Internet suggested from both a known or strange person;
  • Don’t mix work and pleasure and don’t try to keep important data on your personal devices. If sometimes you need it, make your gadgets more reliable by choosing and installing a VPN;
  • And NEVER forget to avoid passing on your password details even for the boss or friendly colleagues.

Bonus Tip 3. Share Ideas with the New Colleagues

You must be surprised by this advice. But imagine how it’s great to explain everything you know with those who never think of it. Here’re the points you may focus on:

  • Teach newbies how to use a VPN and where they may find a good VPN for themselves;
  • Make a quiz to find out who knows more about cybersecurity;
  • Choose the winner and suggest your boss to reward his or her;
  • Ask about difficult questions they faced;
  • Be honest to tell them about the danger of cyber attacks.

In particular, you guarantee for yourself to work at the most secure place on the Earth.


Conclusion

Was my information clear? Useful?

Hope it was 🙂 Keep your business safe online!