Technology security easily tops the list of concerns for every business owner, and it’s no wonder why. Professional hackers work nonstop, searching for ways to sneak in and steal not only your data but your clients’ data, too.
In fact, according to a 2018 study by Ponemon Institute, 91 percent of the organizations that participated experienced at least one damaging cyber attack in the last two years, with 60 percent experiencing two or more attacks.
How are hackers getting in?
A large number of these data breaches result from employee negligence or accidental loss, per Shred-it’s 2018 State of the Industry report. Of the small business owners included in the report, 42 percent stated that human error or accidental loss by an employee was the cause of a data breach.
For employees working remotely, the risk of a security breach increases as workers log in without additional safety protocols in place (such as two-factor authentication), log in using public Wi-Fi or share company-owned devices with family or friends. And, according to the Shred-it report, only 35 percent of small business owners have a policy in place for storing or disposing of confidential information while working remotely, while 54 percent have no policy in place at all.
Where does your company stand?
So how well does your organization manage information security? That’s where our IT Security Scorecard comes in. The questions in this IT security assessment checklist help you evaluate such security risk categories as plans, policies and procedures, systems and device management and data security and backup.
It also examines cyber security awareness by looking at your passwords and access by your employees. This includes:
- How often do your employees complete cyber security training?
- Do employees lock their devices when away from them?
- Do internal IT administrators have separate logins for admin work versus day-to-day tasks?
- Can employees install new software on their computers and devices?
- Can employees connect remotely when using public Wi-Fi?
- Is two-factor authentication required when logging in remotely?
- Can multiple employees use the same user ID to log in?
The answers to these questions provide an overview of the cyber security you currently have in place. They also can highlight weak points with regard to your employee cyber security awareness training. Do they know what two-factor authentication is? Are they aware of the risks of downloading software to their computer or devices? Do they understand that public Wi-Fi networks are a backdoor for hackers, even if they log in with a password?
Educating your employees on the dangers surrounding cyber security and training them on steps to take to increase security are crucial to protecting your data, your employees’ personal information and your clients’ data.
If you’re curious about where your company stands on cyber security, complete our IT Security Scorecard. Once you do, contact us to see how we can create a custom IT security risk assessment checklist for your business that protects your operations.
And don’t forget to submit your score for a chance to win $50!