As always—and especially in today’s increasingly competitive environment—businesses cannot afford disruption caused by breaches of their cyber- or physical security. Implementing some key best practices can help to minimize the risk.
Cyber-Security Best Practices
Check on compliance
Ensure that your payment processing system complies with the Payment Card Industry Data Security Standard (PCI DSS) and, if your business accepts card-present credit and debit card transactions, with the Europay Visa MasterCard (EMV) payment technology standard. Any other solutions should be compliant with applicable information security regulations, like the Health Insurance Portability and Accountability Act (HIPAA).
Increasingly, criminals are hacking into business’ email to steal information and cause other problems. Some of these problems can be minimized using encryption software that plugs into your email client or installing a certificate that lets employees share a public key with any known entity who wants to send them an email and decrypt emails they have received using a private key.
Stay up to date on technology
Keep computer systems “clean” and defend against viruses, malware, and other online threats with the latest security software, web browser, and operating system. Program antivirus software to run a scan following each update, and install any other software updates as soon as they become available.
Don’t put out the fire(wall)
A firewall—or set of related programs that prevent outsiders from accessing data on a private network—is an essential security tool for your Internet connection. Ensure that all employees who work from home use firewall protection on their home system(s).
Set device security rules
Mobile devices are an enormous cyber-security challenge, especially when they house confidential information or can access the corporate network. Insist that users password-protect their devices. For mobile phones, install security apps that prevent information from being stolen while the device is being utilized on public networks. Instruct employees to lock up laptops when unattended. Require that employees refrain from sharing passwords for laptop and desktop computers alike, and initiate password changes at regular intervals. Restrict access to devices (and databases) to those whose job necessitates gaining it.
Watch that wireless network
Make certain that your business’ Wi-Fi network is secure, encrypted, and hidden. Hiding your Wi-Fi network is easy. Just set up your wireless access point or router so it does not broadcast the name of your network (also known as the “Service Set Identifier, or SSID). Password-protect access to the router.
Physical Security Best Practices
Crank up the cameras and security system
Seeing surveillance cameras inside or outside your premises will likely deter acts of theft and vandalism. Additionally, security camera footage can be used not only to document a loss, but also to reveal unnoticed physical vulnerabilities that could put your business at greater risk of physical compromise (and potential disruption).
In fact, regular use of a security system that includes a camera is essential. Select one that is monitored by an outside company so that police are automatically notified in case of an incident. Provide the code to this system only to employees—preferably, those whose jobs compel them to arrive first or leave last daily. Set a new access code whenever an employee leaves the company.
Lock it tight
Changing the locks on your business when it first takes occupancy of the premises is just the beginning. Wherever possible, place high-security locks on doors to areas where expensive equipment and equipment that contains sensitive files. Locked cabinets, locked drawers, and tethered tables work as storage for valuables in areas that have some employee or customer traffic.
Note to D-I-Y-ers: The highest quality locks and better lock installation are available through a commercial locksmith. Using commercial-grade locks on outside doors is also of the utmost importance for operations that are located in areas where there is a lot of foot traffic.
Set access parameters
Restrict physical access to certain areas (such as back-office areas where computer systems are kept) with locks or a key card entry system. Train employees to remain observant while working, as well as when arriving at and leaving your operation’s premises. Instruct them to stop and question anyone who does not work for the company or clearly isn’t a customer, especially if that person attempts to enter back-office areas.
Light it up
Adequate outdoor lighting is a must when it comes to deterring potential perpetrators from gaining unauthorized entry to your business’ premises or committing acts of vandalism. For best results, consult an outside company that specializes in commercial lighting to suggest the right solution.
Cyber- and physical security strategies aren’t just for small businesses. Large businesses, too, must take precautions against all types of crime to keep perpetrators—and subsequent disruption—at bay. To find out how E-Complish can help with the payments component of cyber-security, click here.