Best Practices to Maintain Cybersecurity of Your Business from Anywhere

September 23, 2020
CCB_CommunityHero_6022020_Best_Practices_to_Maintain_Cybersecurity

The ongoing COVID-19 pandemic has changed the way companies large and small carry out their business. One of the most dramatic changes affecting the workplace was an almost-immediate shift to remote work.

Unfortunately, the sharp uptick in the number of remote workers created more opportunities for cybercriminals: Remote workers have fewer security measures on their home networks than they would likely have in the office. IT staff are still likely running skeleton crews and don't have the same level of visibility into what employees are doing and threats to the network. And with more time spent online, everyone is more susceptible to social engineering tactics associated with phishing attempts, which are on the rise across the board.

Small businesses are not immune to cyberattacks — on average, two-thirds of them have experienced some sort of hacking attempt. But good cyber hygiene habits can help prevent an attack from causing damage, even when the threat level is elevated. Here are a few strategies to help you stay secure:

Educate Your Team

Education is key to addressing the human element of cybersecurity. Raising user awareness of cyber dangers should be a priority for all businesses. Cybersecurity training is most effective as an ongoing effort, ideally combining in-person sessions, online courses, and awareness campaigns with email reminders and posters. Topics to cover should include the following:

  • Identify and avoid suspicious emails. This will help users avoid phishing attempts with URLs or attachments programmed to download malware into your network.
  • Set and enforce strong password policies. Teach users to come up with strong passwords or passphrases, enforce policies to change passwords frequently and prohibit password sharing.
  • Set browsers to warn users when visiting a site that has been flagged as containing malware.
  • Block downloads from suspicious or unsanctioned sources.
  • Prohibit users from sharing company-owned laptops and mobile devices.
  • Teach users not to access sensitive company data through public WiFi networks.

Enact Common Sense Policies

Technology alone cannot guarantee the security of a company’s data. User education must be supported by common sense policies. If you train users and do nothing to enforce security rules, chances are users will fall back on bad habits that can lead to a breach.

Security policies are multidimensional. Password policies are a good starting point, but businesses also need to address who gets access to which systems. Employees should be granted permission only to those systems they need to do their jobs. Businesses also need rules on whether employees are allowed to use their own mobile devices for work (BYOD). If so, those devices need to be monitored, secured with endpoint protection, encryption and — in case of loss or theft — wipe capability.

Set a Strategy

End users are often the weak points that enable cybersecurity breaches, but educating your employees is only part of the battle. Understanding the threats and what cybercriminals are after is essential to building strong cybersecurity defenses. If you know your enemies, you have a better chance to defeat them. In addition to user education, here are some other essential components of a comprehensive cybersecurity strategy that will grow with you:

  • Implement advanced tools: Businesses need a multi-layered approach to cybersecurity and should consider implementing a combination of tools that includes an antivirus program, firewall, and network security solutions that proactively protect all devices connected to your network.
  • Invest in expertise: It’s hard to have a full grasp of cybersecurity without expert help. For smaller companies, working with a managed security services provider (MSSP) is the best bet, though even businesses with in-house experts can benefit from tapping a provider.
  • Secure mobile devices: As computing becomes more mobile and cloud-based, companies must include mobile devices in their security strategies or risk leaving a door open to cyberattackers.

Comcast Business SecurityEdge can help protect the Internet-connected devices that employees and guests use from malware, ransomware, phishing, botnets, and more. Comcast Business at Home provides a dedicated business-grade Internet connection with the option of added security for remote workers.

Get more insights, advice, and best practices to keep your business protected here.

Keep your small business secure from wherever you are.

This article is available exclusively to
Comcast Business Community Members.

Join the Comcast Business Community to read this article
and get access to all the resources and features on the site.

It's free to sign up

Sign Up

to get our newsletter

network-security

Help your business Bounce Forward™

Take on whatever’s next with technology solutions and services to help you Bounce Forward.

to get our newsletter