Businesses are more vulnerable to cyber attacks now than ever before because of the abrupt shift to remote work. Not only is your data at risk, but cyber attacks cost companies more than $2 million on average. In order to protect your data and save your money, follow these nine best practices.

Your strongest defense system against cyber attacks is your employees. This means they should always be updated on the latest security training initiatives to keep them aware of new cyber attacks as they develop. You should also have established training sessions for your company that cover topics such as:

• What to do if a cybersecurity incident occurs
• How to identify phishing emails and other social engineering tactics
• Security best practices

In addition to regular trainings, prepare every new employee to protect valuable data and have them sign your information policy. Arming your employees with the knowledge needed to identify and combat cyber attacks will help prevent data breaches and other losses of important, and often confidential, information.

Email and web browser filters will help prevent spam and block users from browsing risky websites that pose malware risks. Additionally, pay attention when accessing websites. A website that uses HTTP protocol sends “plaintext,” which means nothing encrypts the data between you and the target server. However, HTTPS protocol does encrypt your data so that your information is hidden and your connection is secure. If you are going to log into a website, it should show HTTPS in the URL.

Using full disk encryption will protect the sensitive business information on your computers, tablets, and smartphones. Disk encryption protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Full disk encryption is applied to the entire hard drive, including data, files, the operating system, and software programs. Be sure to save a copy of your encryption password or key in a secure location separate from your stored backups. 

Additionally, email recipients typically need the same encryption capability in order to decrypt, but employees should provide it to them via some other method because the password or key should never be sent in the same email as the encrypted document.

While all of your employees should be trained to handle a cybersecurity threat, you can further reduce your risk by limiting access to your company data. Employees should only have access to the systems and specific information they need to do their jobs. Limiting access reduces the chance for human error, which is the number-one information security threat. This applies to those leaving your company, as well. Take protective action once an employee leaves by deleting passwords and accounts from all systems and collecting company ID badges and entry keys.

Firewalls monitor and control incoming and outgoing network traffic based on security rules. It provides a barrier between a trusted network and unwanted visitors. Every employee computer, smartphone, and networked device should have firewall systems installed and updated. This will help deter malicious hackers and stop employees from browsing inappropriate websites. It is also a good idea to test this system regularly to ensure unauthorized connections can’t get through. A vulnerability check can help you identify any leaks and target areas that are weak.

Remote work necessitates secure access to IT resources and the internet itself. Typically this is provided by a virtual private network (VPN) solution. To ensure security, employees should generally never do any work for your company without the VPN turned on because it ensures a higher level of security and safety between remote work and whatever service is being used.

However, if your company has not invested in a VPN, follow these best practices to ensure secure wireless networking:

• Use WiFi Protected Access 2 (WPA-2) with the Advanced Encryption Standard (AES) for encryption.
• Set the wireless access point so that it does not broadcast its service set identifier (SSID).
• Change the administrative password on new devices.
• Avoid using Wired-Equivalent Privacy (WEP).

All software on every device used by your employees should be regularly patched and updated. Every new app can open the door to a cyber attack if systems are not kept up-to-date. Even new computers or software should be checked for updates. Keeping on top of the newest version of software can be difficult, though, so relying on a managed service that can deploy those patches for you can help you stay updated and secure on top of saving time and money.

Accidents and disasters happen, but that doesn’t mean you can’t be prepared for them. You can prevent data loss by utilizing uninterruptible power supplies (UPS). UPS can give you enough battery life and time to save your data in the event of a power disruption, so every computer and networked device in your company should be plugged into one. Less-sensitive electronics and non-networked equipment can be plugged into a standard surge protector, but you will want to use UPS for all of your most important data.

Finally, if you are planning to get rid of any old computers or other equipment, wipe all valuable hard drive information. Any sensitive business or personal data stored on flash drives or other devices should be deleted to prevent theft. These items should then be destroyed or taken to a company that will shred them for you. Similarly, sensitive paper information should be destroyed with a crosscut shredder or an incinerator.

As you can tell from the list above, ensuring your network is secure is time-consuming and complicated. It is also easy to make a mistake if the team doing the testing does not have IT experience. To ensure your company’s data is protected, rely on an expert IT team that can devote time and resources to monitoring your network and providing desktop and user support.