When you rely on computers to run your business, protecting against cyber-attacks is a must. Every day, nearly 2,200 reports of cybercrime are filed with the FBI’s Internet Crime Complaint Center. Hackers want to access your business computers to commit fraud, steal financial data and hold digital files for ransom.
Franchises are most at risk of business email compromise (BEC) scams. About one in four small- to medium-sized businesses is affected. Cyber criminals can hack into systems, sneak in to harvest credentials or trick employees into letting them in (social engineering) with fake email requests (phishing). These cyber-attacks cost businesses more than $4.2 billion per year.
While the thought of cyber-attacks impacting your business can be scary, these easy actions to prevent cyber-attacks can help minimize the threat against your business.
Easy Actions to Prevent Cyber-Attacks
The comprehensive list below will help you protect your franchise from almost any kind of cyber-attack. Yet each action alone is fairly simple to implement. Here’s how to get started.
Easy actions to prevent cyber-attacks: Policies and Procedures
- Make sure to have a documented cybersecurity policy for your business.
- Ensure employees understand the cybersecurity policy and its importance.
- Follow the cybersecurity policy guidelines for all business devices.
- Have a documented policy for if and how employees can use their own devices for work.
- Make sure employees understand and follow your policy for personal devices at work.
Easy actions to prevent cyber-attacks: Facility Security
- Restrict physical access to employee-only areas using swipe badges or locks.
- Have a documented policy prohibiting propped open doors and unauthorized access.
- Use a sign-in log for visitors and vendors needing access to employee-only areas.
- Escort visitors and vendors in employee-only areas.
Easy actions to prevent cyber-attacks: IT Protection
- Grant each employee only the amount of network access needed to do their jobs.
- Keep computer systems updated and patched each week.
- Ensure updates and patches run automatically and can’t be overridden by employees.
- Turn on Multi-Factor Authentication (MFA) for business email accounts.
- Activate spam filters on all business email accounts.
- Set up flagging alerts for external emails.
- Use security software to scan incoming emails and downloaded files for threats.
- Place restrictions on internet usage and prohibited domains.
- Monitor your business social media accounts for any suspicious links or activity.
- Remove or deactivate network services and webpages that are not in use.
- Enable encryption for network traffic.
- Perform data backups on a weekly basis.
- Preserve and secure data backups.
- Perform and document system firewall testing.
Easy actions to prevent cyber-attacks: Password Safety
- Require passwords with a mix of at least 8-12 numbers, letters and symbols.
- Make sure passwords are kept confidential and not shared.
- Prohibit recycling of old passwords within 90 days of use.
- Ensure employees use MFA logins for all accounts where it is available.
Easy actions to prevent cyber-attacks: Online Safety
- Help employees feel important and included in protecting the franchise’s digital assets.
- Ensure employees understand what business information is considered confidential.
- Stress the importance of franchise cybersecurity at all levels of the organization.
- Train new hires on policies, social engineering hacks, fake email scams and phishing.
- Conduct yearly refresher training on social engineering hacks, fake email scams and phishing.
- Include cybersecurity refreshers in monthly reminders and trainings.
- Test employee understanding of training and policy compliance with internal phishing exercises.
- Share results of internal phishing exercises and train employees on any weaknesses.
- Train employees to scrutinize email messages before opening or downloading attachments.
- Prohibit employees from using personal email accounts on company computers.
Easy actions to prevent cyber-attacks: Financial Security
- Have a documented wire transfer and payments policy for the business.
- Verify all payment requests, from both non-employees and internal parties, regardless of rank.
- Review financial safety policies and procedures regularly in reminders and trainings.
- Require greater involvement and seniority for payment approvals as dollar value increases.
- Confirm the accuracy of vendor payment requests directly by a method other than email.
- Check the initiation and authorization of payments verbally with the payment requester.
- Ask banking partners to verbally confirm requests over a specified dollar amount.
- Configure online bank safety features to restrict usage and require transaction approvals.
- Have policies and procedures in place to handle any emergency or urgent payment needs.
The risk of a cybersecurity incident at your business can be greatly reduced by taking these easy actions. Determine what actions you are already taking to protect your computer systems and data, then identify others that need to be done.
The right actions can help ensure hackers find it much more difficult to cause problems for your franchise. Even still, there’s no guarantee a determined hacker won’t get through. To protect against this risk, consider adding CyberLock Defense Cyber Liability insurance coverage from Lockton Affinity. With CyberLock Defense, you are protected against cyber-attacks, cyber theft, social engineering loss, phishing attacks, ransomware and more.
Protect your franchise business today at CyberLockDefense.com or (844) 868-7144.