How Nonprofits, Tech Startups or Creative Agencies can bullet proof your data in the cloud
Who doesn’t both love and hate the cloud?
It can make work so flexible, transportable and easy while also making us easier “hack.” Here’s the key takeaway: the cloud makes both your life and your hacker’s life easier.
According to Security Magazine, “These types of attacks [phishing, brute force login attempts or “pass-the-cookie”] frequently occurred when victim organizations’ employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services. Despite the use of security tools, affected organizations typically had weak cyber hygiene practices that allowed threat actors to conduct successful attacks.”
Why are your remote workers prime targets for cybercriminals intent on stealing your data?
Because:
- Their home Wi-Fi network isn’t adequately secured.
- They download company documents to their hard drive when your company’s VPN is down.
- They’re performing work on their personal devices, sans the company’s antivirus software.
- They take those same personal devices, the ones with work documents, to the coffee shop, the beach or even, on vacation.
Please know your team isn’t intentionally doing these things. They’re just trying to get their work done while facing the common challenges of working from home.
However, when they engage in poor cyber hygiene behaviors, they become the weak link in your company’s cybersecurity plan. They’re basically every hacker’s dream.
As a business owner or executive, you need to know:
- Best practices for cybersecurity in the cloud to protect your people, data and devices.
- Who’s accessing your data, from where and when.
- How to avoid data sprawl by regulating where your data is saved and stored.
- How and when your data and vital systems are getting backed up.
What can you do to protect your data in the cloud?
Here’s a list of things you can do yourself for relatively little to no cost today.
- Start by creating an excel doc where you track all of your apps and online services.
- Immediately implement Two-Factor Password Authentication ASAP for all your apps, software, online services and systems. Basically, for anything that requires a password. Typically, this is free.
What do you need an expert managed IT services partner (MSP) for?
For the following items, you’ll need an MSP partner to ensure they’re done correctly.
- Enable email encryption particularly when sending sensitive data.
- Monitor changes and logs in your cloud for suspicious log-ins or activities.
- Engage a 3rd party to test the success of your cybersecurity efforts annually.
- Ensure your DMARC / DKIM / SPF records are configured correctly. This makes it harder for hackers to impersonate your email domains.
- Get cloud backup and set up re-occurring backups to ensure you’re saving files longer than 30 days.
Looking for more information on cybersecurity?
Lastly, if you’re looking for more ways to stay cyber secure, we invite you to sign up for the replay of our Protect Your People, Data and Devices: Cybersecurity Roadmap for 2021 webinar or reach out to schedule a free consult with us via the form here.