[Approx. 5 minutes reading time]
2021 is swiftly coming to an end and organizations of all types are starting to take stock of this rather strange year and plan their strategies for the year to come.
This is the perfect opportunity to make some preparations in terms of operations, market positioning, and crucially – cyber security.
Because the field moves so quickly, cybersecurity best practices are constantly shifting as they adjust, taking into account all the new cyber attacks that have become more common.
To help your organization prepare itself, here are 6 cybersecurity best practices that you should be implementing now to give yourself a head start for 2022.
1. Backup your data
This might sound like an obvious one but it’s scary how many companies neglect this on a regular basis.
In the wake of any cyber attack, it’s a huge help to have a recent backup of all your important company data so that you can get things back up and running as quickly as possible.
It’s one of those things that you only truly realize the value of when something goes wrong and you need it [1].
Use this time towards the end of the year to create a comprehensive backup and set in place a regular backup procedure for the year to come.
It will give you tremendous peace of mind and will serve as a failsafe in the case of any cyber crime.
2. Insist on multi-factor authentication
In any company, the highest risk nodes are those where your employees interact with sensitive data.
Typically, we rely on passwords and access control to manage these risks but there is a better way to do this – and that is multi-factor authentication [2].
What this does is require an additional set of verification, typically through a mobile phone or something similar, that ensures that even if a malicious actor has access to a password, they aren’t able to get into the system.
By making this a company policy and educating your staff about the value, it can make a significant difference to your overall cyber security risk.
An additional benefit is that it forces employees to reckon with cyber risk regularly which can expand their awareness well beyond the authentication itself.
3. Audit third-party access to your data
During the year, you might have allowed various data access points to external stakeholders like contractors, business partners, remote employees, vendors, and the like.
Now is a perfect time to audit those third-party access points and ensure that they are necessary and managed correctly [3].
If any of them are no longer required, you can remove them or amend the associated permissions.
This gives you a clean slate for 2022, which you can then add to as you check this regularly through the year.
You’d be surprised at how many access points are left open much longer than they were actually needed.
A good spring clean will do the job here.
4. Update all your hardware and software
As things slow down towards the end of the year, it’s a perfect opportunity to run through your entire hardware ecosystem and do any system updates that haven’t been kept up to date.
Each update helps to patch holes and mitigate risks within your systems and so it’s a very low-friction way to improve your overall cyber security.
Similarly, with your software, it’s worth checking in with your suppliers and vendors to check that you’re running the latest version and if there are any updates that are required – be sure to get them in before the new year rolls around.
5. Educate your employees
We mentioned above that your employees are often the weak links in the chain when it comes to cyber security.
So, it’s worth spending some time with them to educate them on the latest cyber crime trends and what they can do to play their part [4].
It would be very useful to do a review of your cyber security policies for 2021 and what they achieved before taking them through the lay of the land for next year.
This really should be part of a regular educational program, so make sure that it’s not just an afterthought.
This needs to be something that is routinely done throughout the year.
6. Document your cybersecurity policies
Speaking of, it’s a great time to make sure that your cyber security policies are well documented.
Having your policies clearly articulated and available for everyone to use makes a big difference when it comes to defending against day-to-day cybercrime.
It allows you to build a living document that codifies your best practices so that they can be leveraged by the entire organization [5].
Take your time to get this right and keep updating it as you go along.
If it becomes stagnant, then it loses its relevance entirely.
Conclusion
As you can see, implementing some common cyber security best practices can make a significant difference in how well your company is prepared for 2022.
Instead of letting this time slip through your fingertips, work on implementing some of these and you’ll be in a great position going forward.
If you’re not sure where your cyber security holes are, then we’d really encourage that you try out our THREAT CHECK which will give you a thorough audit of how you’re doing so you can prioritize how you move forward.
And as always, if you want to work with a professional cyber security provider to take care of this for you, check out our managed cybersecurity services here at Continuous Networks.
But otherwise, make the most of the rest of 2021, and let’s set ourselves up for success in the new year.
References
[1] ‘Why Data Backup Is Important For Your Business’ from Acronis. https://www.acronis.com/en-us/articles/data-backup-for-business/
[2] ‘Two Factor Authentication (2FA): Definition, Methods, and Tasks’ from Ekran. https://www.ekransystem.com/en/blog/multi-factor-authentication
[3] ‘How to Conduct a Third-Party Risk Management Audit’ from RSI Security. https://blog.rsisecurity.com/how-to-conduct-a-third-party-risk-management-audit/
[4] ’10 Tips for Educating Employees About Cyber Security’ by Ash Klemm. https://suretyit.com.au/blog/10-tips-for-educating-employees-about-cyber-security/
[5] ‘8 Cybersecurity Best Practices for Your Small to Medium-Size Business’ by Chelsea Segal. http://www.coxblue.com/8-cyber-security-best-practices-for-your-small-to-medium-size-business-smb/