How can you make your business computers and devices as secure as possible? Members of the Young Entrepreneur Council share their best cybersecurity tips and tools.
As 2018 gets moving, cybersecurity remains at the front of many business leaders' minds. Data breaches are a constant threat to your organization's customer data, which means organizations must remain vigilant in their attempts to prevent a cyberattack from breaking through or causing damage.
As attacks develop, so do awareness and defensive tools. To help you be more proactive in preventing these cyber-issues, we asked 12 entrepreneurs from YEC to weigh in on the best tips or applications to improve cybersecurity at your business.
1. Hardware security
"Most businesses pay due attention to cloud security, but hardware security is often ignored. With 100 employees, securing a single cloud structure would be simpler than securing 100 workstations, no doubt, although security-centered risk management gives you easy means to minimize risk. HP's Touchpoint Manager, for instance, lets you monitor protected systems and reduce security vulnerabilities." – Derek Robinson, Top Notch Dezigns
2. Data encryption at rest
"This is basic, but it is shocking how many applications do not do this. If you store sensitive customer data, you absolutely must encrypt your data 'at rest' when it is stored in your database(s) and in backups. This takes some extra engineering effort to be able to encrypt and decrypt data during database read/writes, but it protects you in the case of a breach." – Luke Liu, Albert
3. Around-the-clock monitoring
"You can have the best applications, great IT staff and the latest hardware, but unless you have someone watching your back around the clock, you are still vulnerable. Services such as Virtual Auditor remotely monitor your company from top to bottom and make sure you are secure. Further, these companies work to keep current with updates and patches as well." – Ryan Bradley, Koester & Bradley LLP
4. Cybersecurity education
"No matter how paranoid your IT department is, the people in your organization are going to make decisions every day that impact your risk level. The more you can educate your team on the concepts behind cybersecurity, like privacy, the less likely your team is to do something that could cause a problem (like picking up a USB drive in the parking lot and plugging it into a company computer)." – Thursday Bram, The Responsible Communication Style Guide
5. Blockchain technology
"Blockchain technology will add considerable security to your processes and transactions because it removes extra people and steps in the process where there can be vulnerabilities. Additionally, it is nearly unhackable." – John Rampton, Calendar
6. LastPass Enterprise
"We give each employee a single login to remember and install a browser extension to do the rest. LastPass can automatically log off when the browser is closed or after user inactivity. It can auto-fill passwords, logins and credit card info by giving access to the info rather than giving the information itself. The best part: when people turn over, we can lock them out with a few simple clicks." – Anthony Johnson, Attorney Group
"1Password is the best password manager where all passwords are stored inside a master password. The passwords are encrypted using AES-256 algorithm for best security. The encrypted keys are protected inside a strong master password. 1Password can also be used to generate new strong passwords. It's an all-in-one, safe, secure and reliable app to manage passwords for protection against cyberattacks." – Liam Martin, Staff.com
"We recently invested in Yubico's YubiKey software for our employees. This is a safe and inexpensive way to protect your company and employees from phishing threats. The software is simple to use, and we've implemented it through Gmail. I'd honestly recommend it to companies of all sizes." – Shawn Rubel, Vecteezy
"Duo provides an extensive suite of security solutions, including two-factor authentication. To verify identity, you will need something you know (like a password) and something you have (such as a mobile phone or token). Duo prides itself on simplicity and strength. In today's extremely hazardous cybersecurity environment, those are two qualities you can't live without." – Thomas Smale, FE International
10. Intrusion detection system
"Implementing an intrusion detection system, such as CrowdStrike and Cylance, helps aggregate real-time events from across your enterprise. This helps you respond quickly to any potential intrusion and keeps you from getting hacked." – Syed Balkhi, OptinMonster
11. Insider threat protection
"Protecting your data from external threats is a given, but something that doesn't garner as much attention in the realm of cybersecurity is the importance of protection from internal threats. A security threat from the inside can be caused by a malicious or careless employee. Constant monitoring and heavy encryption should be emphasized with special tools and a dedicated cybersecurity team." – Bryce Welker, CPA Exam Guy
"Use a secure web-hosted end-user password reset management platform that allows users to execute self-service account unlocks and password resets. This type of platform does not require users to have any IT experience. Since this platform is easy to use and it allows all business information to be stored in a secure database, it protects sensitive information and boosts staff productivity." – Blair Thomas, eMerchantBroker