Back from vacations, a good time to beef up cybersecurity

NEW YORK — As people return to work after summer vacations, it's a good time to make sure everyone in the company is sensitive to the need for computer security. Here are some basics that owners should emphasize to their staffers:


Start with creating a strong password. It's probably a good idea for the company to have minimum requirements for passwords used to access its systems. Those requirements should include a mix of upper- and lowercase letters, numbers and symbols. Many businesses are using two-factor authentication, which requires people to enter a code in addition to the login/password combination. They may also require staffers to periodically change their passwords.

The IRS has guidelines for creating passwords on its website, ; search for "Tax Tip 2018-129." While the information is intended for tax professionals, it is useful for anyone.


Bosses should remind everyone to be vigilant about phishing scams, which can plant malicious software on a computer or phone. Everyone should understand that they shouldn't click on any link or attachment in an email unless they're sure it's legitimate. It should be standard operating procedure to check a sender's email address to be sure it's correct and not suspicious, and the body of an email should be checked for any oddities that can be hallmarks of phishing scams.

As new staffers are trained, they should learn about the kinds of emails they can expect to receive. The more familiar they are with a company's customers, vendors and other contacts, the better they'll be at spotting suspicious emails.


Staffers who can access the company's systems including its email via smartphones and laptops — whether they're personal or company-provided — should be required to lock their devices with codes or passwords.


If the company has an information technology staffer or department, it should be aware of security and other updates issued by Microsoft and other companies. Each company device should be updated. If there isn't a dedicated IT staffer, the owner or another manager needs to be sure that all updates are downloaded.


A survey issued earlier this year by insurer Hiscox found that only half of small businesses said they had a clear cybersecurity strategy. Making systems as secure as possible often gets put on the back burner while an owner works with customers and staffers.

Companies without IT staffers should consider bringing in a consultant who can assess what's needed to increase security. Among the items companies need are anti-virus and anti-malware software, firewalls, encryption software and offsite storage that continually creates new versions of all of a company's data. Those versions will be critical if a company's computers are victims of ransomware attacks that render files and documents unusable.


For more small business news, insights and inspiration, sign up for our free weekly newsletter here:


Follow Joyce Rosenberg at . Her work can be found here:

People also read these

Astronauts take 2nd spacewalk in 2 weeks for radiator work

Sep 1, 2016

Space station astronauts take care of some radiator work on their second spacewalk in two weeks

Asian stock markets muted ahead of key US job report

Sep 2, 2016

Asian markets were listless Friday as investors awaited key U.S. job data that could influence the Fed's interest rate policy

Settlements totaling $12M-plus reached in minimum wage cases

Sep 1, 2016

Several companies that provide transportation and hospitality services at or near Seattle-Tacoma International Airport have agreed to settle back-pay lawsuits alleging that they ignored the nation's first $15 minimum wage law after it took effect

Walk The Biz welcomes all casual and easygoing readers who seeks to digest business travel to international trade policy to starting in the transportation & shipping industry.

Subscribe to our newsletter now!