7 cybersecurity resolutions for 2020
In a recent study by Cisco, a stunning 71% of executives said concerns over cybersecurity had impeded innovation at their companies.
"Many organisations view cybersecurity as a daunting, complex task that requires an immense budget and workforce," says Daniel Markuson, a digital privacy expert at NordVPN Teams. "Such entities often lack effective means to protect their data."
According to the report, the majority of organisations do not believe they are ready for a cyber attack. If you want to prevent your company from potential risks, there are some simple steps you can take.
Start by committing to these cybersecurity resolutions for 2020.
- Educate and empower your employees
Employees are the most vulnerable part of your whole cybersecurity infrastructure. Research shows that most Americans don’t understand digital technology, let alone cybersecurity. The lack of even basic digital knowledge makes it hard for average tech users to make the right decisions about how to protect themselves online or what data to share. Therefore, training and a comprehensive understanding of the digital basics are vital for protecting your company.
Employees are the human shield in the company's firewall, and they need to feel empowered to take ownership of cybersecurity. Whether that's noticing a coworker who writes down their passwords on a sticky note or questioning outdated and insecure practices, people need to feel like they have a right to point out security flaws.
- “Change your password” day
According to recent findings, many people don't put enough creativity into their passwords. It's shocking, but the most common ones are still '12345' and 'QWERTY.' To make it worse, many people also recycle their passwords and use the same ones for their enterprise and personal accounts.
A 'change your password' day once a quarter or every six months would be a good way to encourage employees to think about strong, complex passwords. Another good idea is to use a password manager and train your employees on how to use one.
- Accurate list of inventory and accounts
Make sure you have the most up-to-date inventory and account list. Then review it – are all of those in use and actually needed? Many employees receive dozens of accounts for various tools and then never use them. Such unattended accounts can leave security gaps as no one is checking for suspicious activity. If the account is not being used, delete it.
- Have backups and test them
While it's pretty common to have backups, some companies forget to test them. Then, when push comes to shove, they wonder why it didn't work. Make sure to test your backups and do it frequently – perhaps schedule them for the whole year in advance.
- Legislation and its impact
Although the most famous and most struggle-inducing was the GDPR law, industries such as healthcare, finance, or manufacturing have separate legislation concerning data and breaches. Review current and upcoming legislation and set up some time to understand your responsibilities. Also, create a roadmap to make sure you and your customers are complying with laws.
- Use a VPN
Although your organisation might use an intranet for private internal communications, more and more people are choosing to work from home or public places.
In this instance, it is essential to use a VPN. It creates a secure encrypted tunnel between your employee's device and the internet — or your company's server. NordVPN Teams, for example, is a business VPN solution protecting your connection from third-party access, should there be hackers ready to breach the system.
- Encrypt your files
You should start encrypting your company’s documents – whether they are stored on a computer or in the cloud. When you use file encryption tools even if hackers manage to steal important documents, they will not be able to access their content. Moreover, the safest way to share your company files with clients or within the organisation is by encrypting them first.