It’s a frequent question at the Ōmokoroa Business Network meetings. Who is the local IT expert? Dan Hesson from Omokoroa IT answers a few questions about cybersecurity and what businesses need to know right now.
#1. What are the key cybersecurity threats that businesses need to be aware of right now?
Viruses and cyber scams by way of clicking on links are the biggest threats facing businesses right now and they are unfortunately on the rise. Viruses come in all different forms and are always changing which proves a very challenging task to keep businesses safe in the IT space.
#2. What are your suggestions regarding password policies?
Passwords are best to vary for every account you hold. This can be overwhelming for some to manage so a password manager (such as “Lastpass”) is very useful.
#3. Do you suggest multi-factor authentication? If yes, why?
We 100% recommend multi-factor authentication as it is an added layer of security which essentially uses your phone for authentication which makes it secure.
#4. What measures should a business have in place for phishing attacks?
People need to be extra vigilant about any phishing scams. You can also read more and get the latest advice on scams on the Netsafe website.
#5. What about data backup and recovery plans? What are your recommendations?
Generally speaking, every business should have automatic cloud-based backup processes in place. OneDrive is recommended as this integrates nicely with Microsoft Windows and automatically backs up files in the cloud. Your data is encrypted, secure, and safe in the cloud allowing you to access and recover files easily from any internet connection.
#6. How should business owners maintain control over sensitive information?
OneDrive does a great job of allowing users to share sensitive information both internally and externally. There are many other cloud-based secure file-sharing applications out there such as DropBox and Google Drive which are great.
#7. What are some suggestions for training employees in cyber security best practices?
We recommend you visit the Government cyber security agency CERT NZ.
CERT NZ provides practical guidance on how to keep your information safe & secure online. You can also report cyber security problems, large or small. Subscribe to the newsletter to keep up to date with the latest information.
#9. How do businesses monitor and delete suspicious activity?
With 2FA (two-factor authentication) in place, you can generally be rest assured your accounts are safe. In most cases, if there is suspicious activity on your account such as a failed login then you should be notified. If there are any emails you are unsure of it is best to either report them here or delete them.
Furthermore, a robust anti-virus software that will do the job in the background monitoring suspicious activity. We recommend ESET who are our Anti-Virus partner as they provide some of the best cyber security solutions and are very well priced!