CRA Business Cyber Security Explored
By Matt Hudson
Always stay vigilant with your cyber security because a general thing to consider is that big companies aren’t always the target of hacks and cyber threats.
Visit CRA’s industry news blog page for more relevant articles.
Today, an expert breaks down some basic ideas around keeping your systems secure.
Jon Vorisek is the founder of RepairSurge, a software-as-a-service platform and information provider for mechanics and independent repair shops. He and his team work in and around the web environment all the time, and his work with shop operators gives him a good perspective on common vulnerability points.
“I think a lot of people don’t realize that hackers don’t just go after big businesses,” Vorisek says. “We tend to think they’re going after juicy targets like major corporations or government networks. But the reality is that most breaches target small businesses. And unfortunately the majority of small businesses don’t have reasonable measures in place to protect themselves.”
Vorisek says that shops should go through threat modeling exercises to determine what systems and information need protecting, who might try to access that information and what the consequences could be for a successful intrusion.
From there, shops can take proactive steps to avoid those situations.
“Generally speaking, in terms of the measures that people should be taking: Keeping your software up to date. Making regular backups. And obviously a little common sense goes a long way,” Vorisek says.
Stay Updated
Modern software systems, like Windows, get constant updates to patch potential security flaws. Make sure that all your programs are set to automatically update and check them periodically to make sure.
“A large portion of the attacks out there take advantage of loopholes” in un-updated programs, Vorisek says.
When working with Windows, regular operating system updates are important because that will also upgrade the antivirus and defense software. There are third-party antivirus options out there, but newer versions of Windows come with the Defender software built in, which Vorisek says is a capable and effective program.
Don’t Use One Password for Everything
It’s perhaps the most common cybersecurity vulnerability.
“Even though everybody knows you’re supposed to create strong, unique passwords, it’s just so much easier to create one password that’s simple to remember and use it across all your logins,” Vorisek says. “But that’s a terrible idea.”
A good solution is to get a password manager, which is a program that secures all your different login passwords on its platform. The user creates one password for the password manager, which unlocks the rest of them. Newer programs make logging in a bit more seamless these days, and some will also generate super strong passwords for all your applications.
Make Backups (Even Backups of Backups)
If a hacker is able to get into your system and encrypts all of your files and information for ransom, you’ll be glad to have backups.
While a fee is typically associated with secure remote backup services, Vorisek strongly recommends them.
“For simplicity’s sake, if i’m trying to get someone to bite the bullet and adopt a backup solution, the main thing is remote backups to a backup provider that stores them offsite for you and keeps previous versions of files,” he says.
For a more robust solution, you can also keep a local backup on an external hard drive. Users will have to update that themselves periodically, because you don’t want the backup drive connected to a potentially vulnerable computer at all times. That would leave your backups vulnerable as well.
Check Your Router
Old routers can be another vulnerable point, particularly if it’s older. Vorisek suggests making sure that the router’s firmware is up to date (you can search the internet for specifics on your router model).
In addition, log into the router through your computer and change the default password. That’s where you might set up a wifi password or create a guest wifi. Separate form that, Vorisek says that all routers come with a default login to access the program, and it’s usually easy to guess.
Secure Your Browsing
There are all kinds of potential pitfalls while browsing the internet. Make sure employees aren’t clicking suspicious email links or downloading programs from odd websites.
One proactive step you can take is to install ad-blocking software into browsers.
“Not just because ads are annoying, but because there are malicious scripts—usually javascript—that can run through display ads on websites,” Vorisek says.
In general, he adds that shops need to take steps and be vigilant about their digital security. It’s not a bad idea to seek help from a third-party service, either.
“Be proactive,” he says. “Don’t sit back and think your shop isn’t an appealing target.”
Article Credit to Adapt Automotive.
Have you ever been the target of a cyber-attack? What’s your experience with cyber-attacks and what advice can you give other business owners how to avoid cyber-attacks? Let us know in the comments below. Also, if you found our content informative, do like it and share it with your friends.
Click HERE to join the CRA Industry Newsletter, it’s FREE
CRA is the innovative and trusted source for motoring information and the latest news to help entrepreneurs, business owners, managers and people working in the motor industry to stay informed and change their world. Get the advice your need to start, glow, and lead your business today. Get unlimited access to all articles.