Keep Business Safe Online—Business Network Security Checklist
Cyberattacks are a real threat to SMBs. Keep the business safe with our easy-to-follow business network security checklist.
The NSA estimates that a staggering 300 million hacking attempts take place every day. A large number of those attempts are directed at business owners.
Why are business owners such a popular target among the hacking community? Businesses tend to house important data that can be ransomed and they also keep customer financial records that could translate into a massive payday for cybercriminals.
You might think that only big companies like Best Buy and Sony have to worry about being the victims of data piracy. The truth is though that thousands of small business owners experience cyber-attacks every year that don’t make national headlines.
To make sure that your company doesn’t follow suit, ensure that you have everything covered that’s listed on this business network security checklist.
1. Workforce Is Educated
Business network security starts with a well-educated workforce. If your employees don’t know how to properly handle your company’s data, you can be sure that it’ll eventually fall into the wrong hands.
Employee training is a great way to mitigate that risk. You can either have your internal IT department conduct training or you can hire an external agency to conduct security training.
2. All WIFI Access Points Are Secure
One of the lowest hanging fruits when it comes to business network security is ensuring that your WIFI connections are secure.
Routers that push your WIFI signal around your office should be locked by default. If that’s not the case or someone on your team has removed your router’s password protection, replace your password immediately.
Non-password protected routers let unauthorized parties access your internet connection. While that might not sound troubling, unauthorized access to your internet also grants people access to your “intranet” which means that skilled intruders can access your shared drives, documents, and other restricted data.
3. Ethernet Access Is Used When Possible
While WIFI is becoming more secure, using physical wires to connect devices to your company’s network is still preferable. So, where possible, have your employees hardwired into your internet connection rather than using WIFI.
If your office building is not structured for long-range Ethernet access, talk to your building owner. See if they’d be willing to run CAT cables through the ceiling or under the floor to better accommodate your company’s security needs.
If they refuse, let them know that their decision could affect your willingness to renew your lease.
4. Building Access Is Restricted
Using hardwired internet connections is a great way to reduce the risk of intruders intercepting data via WIFI. The flaw that hardwired connections have though is that if an unauthorized device plugs in, your network is 100% vulnerable.
The only way to prevent unauthorized users from psychically plugging into your internet connection is to not allow strangers into your building.
Take typical office precautions such as employee name badges or having security at your door. When authorized guests come in and want to access your internet, insist that they use your dedicated guest WIFI (your ISP can set this up as part of your existing plan).
Guest WIFI connections limit broad network privileges.
5. Work Laptops Are Secured
A staggering amount of employees are working at least part of their week remotely. If your office allows for your team to take their work on the road, ensuring that their work laptops get secured is important.
Work laptops should only be able to access your company’s share drives through encrypted portals (Citrix for example). Furthermore, your employees should be required to use a VPN at all times when accessing the internet. This will reduce the risk of bad-actors gaining access to your employee’s files through public WIFI.
6. All Software Is Updated
One of the most reliable pathways that hackers leverage to gain access to your data are software vulnerabilities. That’s why the vast majority of patches/updates pushed out for mobile applications and commercial software is to patch exploits.
Stay current on all of the updates that your software’s developer releases. Mandate that your employees do the same for any company cellphones.
7. Employee Passwords Are Changed Regularly
Billions of passwords are leaked online, get packaged and are then sold to the highest bidder on the dark web. Even the most sophisticated of people get fooled by fake authentication requests and lose their digital credentials.
The good news is that the time between a password being leaked and sold can be substantial. That means that employees who change their passwords often should be able to avoid the repercussions of their credentials falling into the wrong hands.
Require that your employees change the passwords they use to access their computers and business affiliated applications once every 3-months. Mandated password changes for 3rd party applications need to be mandated by the application’s developer.
8. Your Security Is Audited Annually
Everybody misses something when it comes to maintaining their business network security. Even if you don’t miss something, changes constantly occur in the tech landscape. Those changes could render your previous security protocols void.
To stay abreast on everything and to ensure that any holes in your security plan get plugged, hire IT advisors like Be Structured. They can analyze what you’re doing at least on an annual basis.
Closing out Our Business Network Security Checklist
Leveraging proper business network security is what stands between you and massive losses. Our tips above should protect you from the majority of hacking attempts so implement them today.
For more insight on modern technology topics, check out more of the content on our blog!