Free is enticing, but all too often free comes at the price of life wasted on a five-hour time-share presentation. Or better yet, the free thing is not something you ever wanted. Maybe it's a free tip, like “don’t eat the yellow snow” or free hugs from a stranger.
We feel the same way you do. Free should actually mean free, and if someone is going to take the time to promote something they receive no margin on, they should at least promote something worthwhile. So, this one is for you – small business with a lean cyber security budget, and all you other companies who are simply interested in free (quality) security advice. You’ve come to the right place. Here are four free ways you can improve your business’s cyber security. No strings attached.1 - Protect passwords
Storing passwords in one location, failing to refresh passwords and keeping default passwords assigned by manufacturers are mistakes. Cyber criminals will thank you for providing such easy ways into your network.
Consider establishing a time each quarter or even each month when all the passwords for company devices and programs, such as emails, will be changed. Make sure you also change passwords for new devices, such as access points, as soon as possible. Cyber crooks love a good default password.
2 - Recognize social engineering
Social engineering methods, such as malicious phone calls and emails containing malware, are becoming the most prominent tactics used against businesses and individuals. This method requires less expertise, but more research on the part of the hacker. The sad truth is this method is dependent on human error. Perhaps more sad is that human error accounts for nearly ninety percent of cyber-attacks. It’s time to tighten up, folks.
One sure fire way to resist social engineering is to avoid clicking links within emails. For example, if an email is directing you to your bank’s supposed website, in a search engine type in the bank’s website URL or the establishment’s name, rather than clicking the provided link. It is possible that the link in the email is fraudulent and will take you to a look-alike site that then steals your password and username. Delete that filthy phishing email and send it back to the wild where it came from.
3 - Separate guest Wi-Fi from business Wi-Fi
Most enterprise wireless access points (WAPs) will allow for multiple Service Set Identifiers (SSIDs), which lets businesses create more than one Wi-Fi connection with one WAP. If having multiple SSIDs is an option, just turn the “Guest Network” on, assign a new name and create security limitations that only allow guests to use Wi-Fi for basic Internet and NOT access the LAN. This will limit access to the company’s network.
An extra word of advice to you, don’t assign names to your Wi-Fi that could be potentially incriminating. Names with the word “bomb” or anything that can be offensive are better left unused.
4 - Conduct software updates
Often, newly released software updates carry critical measures for defending your data against newly discovered vulnerabilities. Unfortunately, viruses and malware do not wage a fictional gentleman’s war. When you opt to “update later,” because life is just too busy to restart the computer, the bad guys do not say, “Let’s give them a moment to recuperate, so it’s a fair fight.”
By completing updates immediately after they are released, you are ensuring that any loopholes found in your software are getting patched. The rebuttal is often that new updates have bugs that have not been worked out. While this is possible, bugs will not steal your data and money and wipe out your computer. In addition, fixes for these bugs are usually sent days after the previous update.
Have any free tips we missed? Add them in the comments! For any questions about cyber or network security, feel free to contact Hummingbird Networks.