The 2018 State of Cybersecurity in Small and Medium Size Business study stated that small businesses face stronger chances of cyber-attacks than larger companies in 2019. In fact, only 28 percent of SMBs are capable of mitigating threats and attacks effectively. Last year alone, 67 percent of the survey respondents experienced a cyber-attack and 58 percent experienced a data breach. From this group, 47 percent of the victims did not know how to protect their companies from these cyber-attacks. These attacks included phishing, advanced malware, zero-day and ransomware attacks.
One of the reasons SMBs have become more vulnerable to cyber-attacks was due to their employee’s and vendor’s negligence. 60 percent of the businesses surveyed cited that a negligent employee or contractor was the root cause for a breach. From this group, 40% said their companies experienced an attack involving the compromise of employees' passwords. The cost to repair the breach was $383,365 per attack. As a result, IT and security professionals have recommended that password protection is the number one priority for small business this year. To help you get started, here are three tips on how to protect user accounts and passwords from threats.
Create a Strong Password
Create a password that should be at least 8 characters. Use a combination of letters, numbers and special characters. Avoid using words from the dictionary as hackers use “Dictionary Attack” on decrypting passwords. Do not use words or names that are already part of the username. Passwords should not be related to any personal information and should not be made up of names, words or dates. Use passphrase on creating a password.
Protect your Password
Do not share your passwords to anyone. Do not write down your password on a paper or a sticky note. Only save passwords on an encrypted file. Avoid using the same password for all systems and websites. Do not store passwords on anywhere that is accessible by anyone aside from yourself. Only use your password on secured websites and trusted computers. Change your password regularly.
Add another layer of Authentication (Multi-Factor Authentication)
Adding a second layer of authentication helps your user protect their accounts from unauthorized access. It strengthens the security of the account as the system will not only rely on the username and password of the user. One example of Multi-Factor Authentication is verifying the login attempt of the user through call, text or a pin. Setting up Multi-Factor Authentication reduces the risk of the user account to be compromised.
These are simple, but effective ways to protect your company’s user accounts from cyber-attacks. A data breach can be very difficult to manage and extremely costly to repair. To reduce the risk of these attacks, please consult a licensed IT professional. To learn more about cyber security, please subscribe to our monthly newsletter.