Back from vacations, a good time to beef up cybersecurity

NEW YORK — As people return to work after summer vacations, it's a good time to make sure everyone in the company is sensitive to the need for computer security. Here are some basics that owners should emphasize to their staffers:


Start with creating a strong password. It's probably a good idea for the company to have minimum requirements for passwords used to access its systems. Those requirements should include a mix of upper- and lowercase letters, numbers and symbols. Many businesses are using two-factor authentication, which requires people to enter a code in addition to the login/password combination. They may also require staffers to periodically change their passwords.

The IRS has guidelines for creating passwords on its website, ; search for "Tax Tip 2018-129." While the information is intended for tax professionals, it is useful for anyone.


Bosses should remind everyone to be vigilant about phishing scams, which can plant malicious software on a computer or phone. Everyone should understand that they shouldn't click on any link or attachment in an email unless they're sure it's legitimate. It should be standard operating procedure to check a sender's email address to be sure it's correct and not suspicious, and the body of an email should be checked for any oddities that can be hallmarks of phishing scams.

As new staffers are trained, they should learn about the kinds of emails they can expect to receive. The more familiar they are with a company's customers, vendors and other contacts, the better they'll be at spotting suspicious emails.


Staffers who can access the company's systems including its email via smartphones and laptops — whether they're personal or company-provided — should be required to lock their devices with codes or passwords.


If the company has an information technology staffer or department, it should be aware of security and other updates issued by Microsoft and other companies. Each company device should be updated. If there isn't a dedicated IT staffer, the owner or another manager needs to be sure that all updates are downloaded.


A survey issued earlier this year by insurer Hiscox found that only half of small businesses said they had a clear cybersecurity strategy. Making systems as secure as possible often gets put on the back burner while an owner works with customers and staffers.

Companies without IT staffers should consider bringing in a consultant who can assess what's needed to increase security. Among the items companies need are anti-virus and anti-malware software, firewalls, encryption software and offsite storage that continually creates new versions of all of a company's data. Those versions will be critical if a company's computers are victims of ransomware attacks that render files and documents unusable.


For more small business news, insights and inspiration, sign up for our free weekly newsletter here:


Follow Joyce Rosenberg at . Her work can be found here:

People also read these

In drought, drones help California farmers save every drop

Aug 29, 2016

In the drought-stricken West, where every drop of water counts, some California farmers are using advanced drone technology to save the scarce resource

Asian stocks mixed ahead of US jobs data

Aug 31, 2016

Asian stocks are mixed Wednesday in listless trading ahead of jobs data later this week and continued anticipation of higher interest rates in the U.S. Japan's benchmark Nikkei 225 gained 0.8 percent to 16,857.07 in morning trading

Asian stock markets muted ahead of key US job report

Sep 2, 2016

Asian markets were listless Friday as investors awaited key U.S. job data that could influence the Fed's interest rate policy

Walk The Biz welcomes all casual and easygoing readers who seeks to digest business travel to international trade policy to starting in the transportation & shipping industry.

Subscribe to our newsletter now!