Get All Access for $5/mo

Going Beyond Passwords: 4 Ways to Keep Your Company's Information Safe Beyond requiring complex passwords, here are four digital security measures that should be part of your company.

By Gary Davis Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

Q: Besides having employees use passwords, what are other ways to keep your company safe?

A: A great question about digital security for entrepreneurs is: Where do I start? For most early stage or startup companies, it's everything you can do just to have your vision play out with minimal distractions. That said, the last thing you want is to have your business sullied by being a victim of an attack.

Over the past year we've seen a dramatic increase in ransomware, a type of malware that freezes certain files on computers and smartphones then requires a ransom to unlock the files, targeting small companies. Being a victim of ransomware can have a crippling effect on your business and your fledging reputation.

Related: 6 Reasons Smart Small Business Owners Invest In Security

Beyond requiring complex passwords and that they be changed, at a minimum, once every quarter, the top four digital security measures that should be part of your company include the following:

1. Install anti-virus on every PC and smartphone and keep it current.

This may seem obvious, but I'm surprised at how often I hear about companies that do not have active anti-virus software installed. Most anti-virus software includes a firewall capability which should be turned on as well. Having both active is the first line of defense against bad actors targeting your business.

2. Teach employees how to determine if an email is part of a phishing or spear phishing campaign.

Phishing or spear phishing is when scammers use email to elicit sensitive information to be used for malicious activities. This year we have seen several instances in which employees received an email from scammer posing as their CEO requesting the employee's user name and password. It was surprising how many employees sent that information. Last year at Intel we launched a phishing quiz. More than 40,000 people took the quiz and 97 percent got at least one wrong.

Related: Here's How to Build a Strong Security Team to Keep Your Company Safe and Sound

In the most recent Verizon Data Breach Investigation Report, phishing was a top attack vector. Find tips here on how to determine if an email is part of a phishing attack.

3. Have all employees install and use a web reputation tool when browsing.

Implanting malicious software into a website to infect devices that visit the website is a popular technique used by cybercriminals. We refer to this type of attack as a "drive-by download." There are several free tools available to everyone that will alert them if they are about to go to a website that is known to contain malicious code.

4. Implement a comprehensive backup program.

This, much like installing AV on every device, should be apparent, but again I'm surprised by how often companies lose everything when they are the victim of a cyberattack because they don't have its critical data backed up. You have two choices here. You can use a cloud-based storage option or you can use on premise storage. My preference is to use a physical hard drive that I keep under lock and key when not actively backing up my systems. I also back up everything at least weekly. There are several options for both cloud and on premise backup systems that have very flexible scheduling capabilities. Choose which works best for your business and be disciplined about ensuring everyone adheres to your backup policy.

I envision a day when being able to demonstrate your security posture will be table stakes for businesses or consumers who choose to use your product or service. You will be much further ahead by taking these simple steps today than have your security posture evolve as your business grows.

Related: 12 Tips to Protect Your Company Website From Hackers

Gary Davis

Chief Consumer Security Evangelist at Intel

Gary Davis is Intel's chief consumer security evangelist. He works closely to drive strategic alignment of products with the needs of the security space, as well as overseeing Intel Security online safety education to educate businesses and consumers by distilling complex security topics into easily understandable and actionable advice. During his more than five years at Intel Security, he has held leadership roles in the consumer and enterprise divisions where he has helped shape various product portfolios and strategic direction along with advocating for cybersecurity education.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Starting a Business

He Started a Business That Surpassed $100 Million in Under 3 Years: 'Consistent Revenue Right Out of the Gate'

Ryan Close, founder and CEO of Bartesian, had run a few small businesses on the side — but none of them excited him as much as the idea for a home cocktail machine.

Franchise

The Top 10 Coffee Franchises in 2024

From a classic cup of joe to a creamy latte, grab your favorite mug and get ready to brew up success with the best coffee franchises.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

'Jaw-Dropping Performance in 2024,' Says a Senior Analyst as Nvidia Reports Earnings

Nvidia reported its highly-anticipated third-quarter earnings on Wednesday.

Business News

Looking for a Remote Job? Here Are the Most In-Demand Skills to Have on Your Resume, According to Employers.

Employers are looking for interpersonal skills like teamwork as well as specific coding skills.