We’re living in a golden age for cybercrime. Ransomware, phishing, business email compromise (BEC), malware, remote access trojans (RATs), the list of threats and threat actors is too long to describe. Unfortunately, each of these is a threat to your business regardless of its size. 

While there’s no one way to avoid getting hacked, there are several things you can do to make yourself a more difficult target. Here are some of the most common pitfalls of cybersecurity for businesses.

1. You’re not applying updates and patches.
   Every time a technology provider releases a vulnerability patch, a race begins between IT administrators and cybercriminals. One wants to fix the vulnerability, one wants to exploit the vulnerability before it gets fixed. The longer you wait to apply a patch, the more vulnerable your systems are.
   
   What to do: Confirm that your systems are up to date. Bear in mind that some updates and patches may break something else in your systems, so check with your IT administrator or provider before changing anything.

2. You’re not using licensed versions of software.
   Software licenses cost money. Many studios will opt to use pirated or unlicensed versions to cut a few corners and save a bit on overhead. These are often notoriously laden with malware that can cause damages far in excess of what the software would have cost you in the first place.
   
   What to do: Pay for the software you’re using. If expense is a factor, check with your IT administrator to see if there’s a cheaper option out there.
   

3. You reuse your passwords.
   The average internet user has at least a few dozen separate accounts out there, and it’s easier to use the same password rather than keeping track of multiple accounts. The trouble with this approach is that a single compromised account then provides cybercriminals with a skeleton key with every single account using the same password.
   
   What to do: Look into using a password manager or your default web browser’s password tool to suggest individual and strong passwords.
   

4.  You’re clicking on email links and downloading attachments.
   Phishing is still the primary attack vector for hackers, and with good reason: it works. It’s a standard practice for companies to give every employee at least one email address, and each one provides a point of entry. Phishing attacks are getting more sophisticated, but the old stand-bys still work, including “URGENT” subject lines, phony from addresses and cloned emails from actual companies.
   
   What to do: Educate employees on how to spot phishing emails and use best practices. Have your IT administrator implement security software to recognize phishing emails and anti-virus software to identify and prevent malware attacks. 

You’ll never be 100% safe from cyberattacks unless you give up on using computers, phones, vehicles, the electrical grid, or mass transportation entirely, but by following a few best practices (or asking for help doing so) you can cut down on the risks for your business.

Need help implementing a security strategy? Want a comprehensive anti-virus protection package installed? Contact Nodal today!