How to easily protect yourself and your work-from-home business against hackers for free. (Part 1)
Owning a business can be very time consuming and intense, you have to take into consideration not only your business model but also taxes, compliance regulations, and currently, one of the most disastrous troubles you can suffer from is data loss. If you or your employees started working from home due to lockdowns then there are new scenarios you have to take into consideration, such as one of your employees “getting hacked”. So what are some important steps you can take to enhance your company’s cyber-security posture? If you are a small business owner or employee who wants to secure his company’s data, without the need to hire a professional or spending any additional resources, please read this simple 10 step guide.
1. Update your OS and antivirus.
The Operating System is the platform on top of which every other program in your computer runs, and hackers continuously find ways to get access to your computer through weaknesses found in your OS, but luckily patches are released by vendors every now and then to prevent these weaknesses from being used against you, and securing your OS is vital and easy.
According to Statcounter Windows is the most popular OS running on laptops and desktop computers, so make sure to update your Windows computer following these instructions.
If you own an Apple computer then you are running Mac OS. In order to update it follow these instructions.
Windows 10 luckily includes Windows Defender, which will protect you against most types of viruses. Make sure you have only 1 antivirus program protecting your computer, or else your performance will suffer. For a list of free antivirus software click here.
2. Change your Wi-Fi password and disable WPS.
Hackers can crack weak Wi-Fi passwords in minutes and exploit WPS weaknesses to hack into your Wi-Fi network, and they can use your Wi-Fi router as a bridge to further hack into your work laptop or any device connected to your Wi-Fi. Having a long and complex password with WPA2 instead of WEP and disabling WPS is very important to secure your network. This will vary depending on your home Wi-Fi router, contact your ISP for directions or use Google to find out how to do this.
3. Scan your computer for viruses.
After installing or updating an antivirus program, make sure to scan your computer for viruses, and perform a deep scan to find sophisticated hidden viruses.
4. Don’t use your work computer for other activities.
Many employees tend to allow their children to play games on their work computers. Whilst games aren’t harmful to your computers, children are more prone to fall for scams where hackers set up fake game software that include viruses in them. After they install these games, computers become zombies remotely controlled by hackers and hackers do their best to hide their malicious activities, and sometimes years can pass without realizing that your computer has been hacked and is being used by hackers. In case you have no other choice but to use the same computer for different purposes, make sure to create non-administrator user accounts and secure the administrator account with a strong password (12 characters at least, upper and lower case characters, special characters, and numbers). For Windows click here and for Mac click here.
5. Use VPN.
Sometimes we go to cafes or hotels and connect to a public Wi-Fi device. Hackers tend to exploit this to their advantage by launching network-based attacks against you when you connect to a public Wi-Fi network. The best way to protect against such attacks, which can be very dangerous, is to use a VPN client on your phones, laptops, tablets, or PCs. Click here for a list of free VPNs.
6. Beware of social engineering attacks.
The weakest link in the chain of security for any organization is the person working for the given organization. No matter how sophisticated, expensive, and powerful cyber-security tools you use, if you or your employees aren’t aware of social engineering attacks, you will “get hacked”. What social engineering simply means is trickery, scams, and sometimes targeted deceptions against CEOs or other high ranking employees. Sometimes hackers even go to the extent of hacking a forum you use to find valuable information to deceive you into installing malware, or just send you a link for you to click. The best defense against social engineering is spreading awareness and training of your employees.
7. Don’t insert any USB flash-disk or external storage device into your work computer.
Antivirus software CANNOT protect you against rubber duckies or highly sophisticated custom made viruses that spread through USB flash-disks. Hackers will often prepare such USB drives and throw them around parking lots or in places where their targets will pick them up and insert them into their work computers and thus they will “be hacked”.
8. Use a password manager with different passwords for each of your accounts.
It’s very important to have unique, complex, and long passwords ( 12 characters at least, upper and lower case characters, special characters, and numbers) for each and every account you have online. Hackers will always breach popular websites and somehow crack your password, and then try the same password to log in to other websites where you have accounts because they know you are using the same password for everything. But memorizing different passwords for different accounts on websites is impossible, this is where password managers come to your rescue. Click here for a list of the best password managers to use for free.
9. Enable Multi-Factor Authentication.
Passwords sometimes can be guessed, and they aren’t enough to protect us against hackers who constantly try to break into our accounts by guessing our passwords. This is why having MFA enabled protects you against hackers since it’s very unlikely that they have access to both your password and your MFA device, which can be your phone or PC. For a free list of MFA apps click here.
10. Don’t install anything unnecessary on your work computer.
Downloading and installing unnecessary software will slow down your computer and increase the “attack surface” of your system, and sometimes even contain viruses, so before you install any program think twice.
Please note that taking these steps will greatly enhance your cyber-security posture but there is no magic formula to stop hackers with a click, it’s all about how well protected you are. Most small businesses lack the knowledge of these cyber-security practices and following these 10 easy steps will greatly benefit your business and protect it against common attacks. Share this article to spread awareness and help people protect themselves, and please make sure to comment your thoughts and questions.
