12 New Year Cyber Security Resolutions for 2021

for company leaders

Posted by CyberWiseSpace on January 13, 2021

The year 2021 is here. Holidays are over and it’s time to be back to work. We hope this year your business will grow and stay cyber safe. But it’s not just a matter of luck, it’s work and strategy. In the same way, as you create a business plan, you can build a cybersecurity strategy. Our team prepared 12 resolutions that will help you build this strategy and teach you how to keep digital cybersecurity under control.

1. Website security

Website is the first thing of your presence in the digital world. The first place where clients will learn about your company. But not only clients, for attackers as well, your website and social media are the first source of information. Thinking of the website and social media you have simultaneously two goals: keep it attractive for the clients and secure from attack. Also, if your company is located in the EU or provides products and services for clients in the EU, keep in mind GDPR requirements, such as having a privacy and cookie policy.

2. Data database security

If you were thinking when is a good time to clean up the database, now is this time. And it’s also a good time to make a backup, in case you don’t have it or make an update. From a security perspective, check that your databases are properly protected from data breaches and required technical and organizational measures are implemented. From a privacy perspective, review if there is outdated information in your databases. Make sure you are not storing data, for example, information of your clients, longer than necessary. If you have users that inactive for a certain period (you should establish this period in policy and internal documents) their personal data shall be erased.

3. Employees awareness

Speaking of organizational measures, maybe it’s time to refresh your and your employees' knowledge of cybersecurity.

4. Update your passwords

Yes, we know it’s annoying. Nevertheless, it’s better to be annoyed them facing the consequences of password leakage. Just to remind you that password must be long enough and not easy to guess, however not too complex - you need to remember it. A strong password is unique, contains numbers, letters, both upper and lower case, and special characters. If you are tired of passwords, there is an alternative solution as two-factor authentication and password managers, where instead of remembering all passwords you need only one master password.

5. Subscribe for cybersecurity news

There are plenty of resources that will help you learn about cybersecurity. You can read, listen, watch, whatever you prefer. Learning about recent attacks and vulnerabilities will help you to be informed and as result stay safe.

6. Take an external cybersecurity check

You may have in-house IT and cybersecurity experts, but it’s always good to have a second look. An external check can provide a new vision on how to improve security. Penetration testing can help you find existing vulnerabilities and fix them. It’s always better if you find vulnerabilities in your system, not the attacker.

7. Audit access control

It’s a good idea to start a year by reviewing the level of access for your employees. People in different positions, like admin, accountant, and office manager will have a different level of access based on their job description. Also, think about freelance and outsource work you had. If those employees had access to companies databases, networks, source code it is strongly recommended to double-check if the access was canceled after the work was delivered.

8. Secure connection

Virtual Private Network (VPN) will hide your IP and help remain anonymous. VPN provides additional security to the transferred data. However, you need to make sure that first of all, VPN is properly established and that the VPN provider is trustable.

9. Use updated software

The software, including antivirus, shall be regularly updated to provide a proper level of security. It’s a good practice to set it on automatic update. In addition, after the update check system for viruses and malicious code. Same as with VPN, software provider must be trustable, avoid installing software from an unknown source.

10. Secure devices

Smartphones and tablets are an essential part of the work and they may store very valuable data, for example, contacts of your clients and conversation with them, including sharing financial data. It is important to protect this data and communication. Use different secure authentication methods like two-factor authentication or PIN whenever possible. Also, keep in mind that downloading and installing apps outside the official app store is not secure, that may contain viruses or in other way disrupt the work of your device.

11. Monitor your network

You simply may get an illusion that you are safe in the internet space, especially if you run a startup or small company. If you still have doubts that your business is interesting for attackers, we recommend you to read this article. The tricky thing that you may not even know about the attempt of attack unless it is successful. Nevertheless, some hacks may not be obvious and are not easy to detect. Hackers may have access to your files for days or months without you knowing about it. For this reason is important to monitor traffic and detect unusual and suspicious activities. This can include some manual work, be time-consuming, and require a lot of knowledge in cybersecurity. Our team wants to make this process easier for you and that’s why we building an expert system that will monition traffic and detect suspicious and malicious activity in real-time. Click here to subscribe for updates and get free early access.

12. Implement all required measures

Remember, partial security is not security. Cybersecurity is always the implementation of comprehensive measures and to achieve the proper level all must be good on the technical and human side. It may seem a lot and overwhelming, but with a good strategic plan, it is feasible.

Those were our tips to help you stay secure in 2021. If you want to learn more about cybersecurity and how to implement it into your working routine, join our webinar on the 1st of February. For more information and to register click here.