It’s a well-known fact that cyber criminals often go for the low-hanging fruit. Here are 3 simple strategies that you can implement to add an extra layer to your business’ security to avoid becoming the next victim.

  1. Implement 2 Factor Authentication on your business accounts

Banks have had this right for years. To access your account at the branch, you have to have the debit card (something you possess) with the pin code (something you know). This is 2-factor authentication. And this easy to use formula is now available for a lot of your business applications like email, databases, online document storage, and more.

It’s easy to configure and the smartest way to protect your data.

 

 

 

 

  1. Craft a policy for verifying and issuing wire transfers

A lot of the cyber-attacks we’re seeing lately have to do with what the FBI calls Business Email Compromise (BEC). That happens when fraudsters steal thousands of dollars from businesses by compromising their official email accounts and using those accounts to initiate fraudulent wire transfers. All it takes is someone spoofing your company’s domain and your CEO’s email.

That can be stopped by putting a simple policy in place. Whenever receiving unusual financial or sensitive data requests, users should verify the identity and authority of the email sender via standard (non-email) channels. That could be easy enough as a phone call or a text message.

We have also heard of companies that included in their policy that no wire transfer requests should be made while the CEO is traveling. That is also a smart move considering that an important piece of these attacks involve social media research to look for CEOs that are posting vacation pictures, as this would make their business an easy target for these types of attacks.

  1. Train your staff on Security Awareness

More than ever, your users are the weak link in your network security. They need to be trained by an expert, and after the training stay on their toes, keeping security top of mind.

 

 

 

Here are some things to watch out for:

  • Users should always hover over any suspicious links in an email, to verify where it’s going to take them. They actually don’t have to click to know what is the destination page.
  • Poorly crafted emails with spelling and grammar mistakes that include a note specifying that the only way to contact the sender is through email could pose a huge risk.

Need help in implementing any of this? Email us at joy@pinkhattech.com or call (424) 789-8208