How Safe Is Your Data? Time for a Cybersecurity Checkup

Cybercrime cost the global economy $450 billion dollars last year, according to a report from Hiscox Insurance. Protection from threats such as malware, hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks is a top concern for companies of all sizes.

But the threat is just as real for small businesses, which are frequently the ones in the crosshairs. The impact can be devastating: Not only can a cyber attack bring business to a standstill, the National Cyber Security Alliance found 60 percent of those that suffer an attack go out of businesses within six months.

What’s a small business to do? Here are articles from Upwork that explain more about some of the risks and best practices you can follow to address them.

“95% of all attacks involve some form of social engineering.”
— Thomas Koulopoulos, Founder, Delphi Group

1. Start with cybersecurity best practices

Keeping your software up-to-date and learning to avoid potential threats online are among the defenses explained in “Cybersecurity Tips for Upwork Users.”

Since so many threats depend on individual people to slip up, a proactive defense can do a lot to keep you protected. Some of the other steps you can take include:

• Use reputable antivirus software to keep an eye on your email as well as your IT setup.
• Keep your web browser, operating system, and software up-to-date.
• Be cautious about anything that seems odd, whether it’s a pop-up ad, suspicious email, or USB drive you receive in the mail.
• Beware of phishing emails, which aim to trick you using what may appear to be legitimate correspondence.

2. Consider your specific needs

A growing number of platforms and applications are moving to two-factor authentication (2FA, TFA, or multi-factor authentication)—a layer above your password that requires additional information such as an authentication code you access via text message or an app.

“While passwords alone grant access by asking for ‘something you know,’ 2FA requires both this and ‘something you have’ in order to grant access,” Carey Wodehouse wrote in “All Things Authentication: Why You Should Use Two-Factor Authentication For Better Mobile Security.”

“This means that even if someone has acquired your password, unless they’re you and have your phone or other trusted device in their hand, it will be much more difficult for them to gain access to your accounts,” she said.

Another potential vulnerability is cloud computing, a move that enables businesses to scale more easily through hosted services delivered via the Internet. But the cloud comes with its own security challenges—some comparable to traditional data security, and some unique to the cloud.

In “Cloud Security: Keeping Data Safe No Matter Where It Is,” Tyler Keenan explains some of the top considerations, including physical security at data centers, multitenancy (i.e., your information will be stored alongside information from other companies), API vulnerabilities, and insider threats.

“Security in the cloud falls on both providers and the organizations who use their services, though ultimately it’s the responsibility of each organization to ensure that its data is secure,” Keenan wrote. He notes that multifactor authentication and encryption are recommended as best practices for anyone transmitting to or storing information in the cloud.

3. Learn how to avoid attacks, such as ransomware

WannaCry is ransomware that infected 200,000 computers worldwide; in May 2017, it locked up England’s National Health Service (NHS) and impacted corporations such as FedEx, Deutsche Bahn, and KPMG.

“The attack is a perfect example of the ‘head in the sand’ approach to cyber security taken by too many organizations,” Ben Rose at Digital Risks said in an explanation of what happened and what small businesses can learn. “So-called ‘cyber-hygiene’ requires constant vigilance to the latest threats and there is a tendency for companies to ignore or neglect this fact until it’s too late.”

But WannaCry isn’t the only ransomware out there; this type of attack alone can net a hacker as much as $1,000,000 a day. Outlining tips to help protect yourself from a ransomware attack, Keenan says your best bet might just be to pay the ransom.

However, as with cybersecurity in general, your best approach is to be proactive: Avoiding suspicious links and regularly taking steps to backup your information and update your software are among the things you can do to help keep your data safe.

Want to learn more about your cybersecurity options? Learn more by checking out the IT security information in Upwork’s Hiring Headquarters…

The post How Safe Is Your Data? Time for a Cybersecurity Checkup appeared first on Upwork Blog.

from Upwork Blog http://ift.tt/2urVYIM