Ryan Barrett has spent the majority of his career consulting with organizations where data is critical to their business. He’s seen technologies evolve into one of the most critical components to ensure a viable and scalable operation. With the current climate, and with so many businesses that have transitioned their employees to work from home and are transitioning them back, there’s a lot to think about when it comes to keeping your company data secure. Ryan is sharing what businesses need to know right now about cybersecurity.
What do business owners need to know about cybersecurity threats?
The biggest thing that businesses need to know is that your information that you think is private – it really isn’t.
There are many different instances out there – for example, with passwords for your everyday activities, your email, Facebook, LinkedIn, whatever – that have most likely have been compromised in the past.
You don’t realize that the nefarious actors out there already know that password, and so, multifactor authentication is the absolute way it has to be.
What does that mean? Here’s something that we’ve all done. You log into your bank account, and they send you a text message to make sure it’s really you signed into the bank account. What that allows for is that if your password does get compromised out there on the dark web, and nefarious actors then try to use that password, you’re always going to get that second-factor text message that asks you to please enter this code that we’ve sent you.
I would say that as a business owner, you have to realize that your passwords may have already been compromised from many different services, not because they’re trying to hack your computer. But LinkedIn has been compromised. Staples have been compromised. Facebook has been compromised. So, change your password often. Always use multi-factor authentication and keep your information as secure as possible.
LastPass is our favorite password reader/manager.
And what’s so great about LastPass? What’s so great is that I don’t know any of my passwords. Why is that? Why can someone say that they don’t know their passwords? With something like LastPass, I know one password to unlock my LastPass or to unlock my password generator. And that allows me to create a Facebook password that I don’t know – it creates a 16-digit password of all different characters and numbers, and it auto-fills it on my iPhone. It auto-fills in on my web browser, and I don’t need to know it. And therefore, even if it does get asked or guessed in some weird fashion, it doesn’t matter; I can change it in an instant.
LastPass can auto-generate a password for you really quick.
“We can take simple steps to help protect our data. And the first step is really being mindful about our passwords. It’s about being mindful about changing them and using things like a password generator to make sure that we’re secure.”
What should we be looking at for ourselves or our employees beyond the first level of protection for data?
We’ve discussed a password manager and multifactor authentication. Next, I would say dark web monitoring.
My email address is one piece of this password. So, whatever your email may be, I would monitor the dark web to see what they know about me. So, if I use the password “yellow,” or “Google” or “green,” or whatever it may be, and I do some variations of that, I have to be mindful that if I use that password, people already know that – so that’s one key thing.
We always use our email addresses as the first token, and the second is the password, so anything that you can do to augment that would be ideal for a business owner today.
“Are you monitoring your information on the dark web? Do you know how to do this? It may be time to reach out to an expert who can assist you with these things in order to protect your data and your business.”
What should we be monitoring for? Is there something beyond our data that we should be looking at for security purposes?
It’s not about if you will get hacked; it’s when you will get hacked.
What we need to envision are layers of security. So, your network, your firewall, and your router should all be updated to the latest firmware or revisions. Your computer should have antivirus and antimalware software. You should be using multifactor authentication for all the apps that you use on the web.
All of these little layers allow for a penetration to happen to your network or computer, but what you hope will eventually happen is that one of these layers will catch it before it gets to you and your family and your business. And that’s what we always want to layer it up. It’s like a bulletproof vest. There are multiple layers of that vest that help prevent a bullet from hitting the target.
“What layers do you have in place to protect your data? And when was the last time you had them updated or reviewed to make sure you are doing all you can to keep your company safe from hackers?”
3 Action Steps
- Protect your passwords with a password manager, such as LastPass, and multifactor authentication.
- Monitor the dark web to see what is known about you and your business.
- Create multiple layers of security to protect your business and your data from an inevitable hack.
Be sure to connect with Ryan Barrett on LinkedIn.
Please comment below. I would love to hear from you.