b'2019 Associate News Cybersecurity the same password for multiple accounts. This means that if our password is stolen for one system it can often be used to gain access to other systems. doesnt need to be hard, Consider implementing a password management but it does need to be an area system like 1Password or LastPass to help keep your of focus for your business! passwords secure and make using a separate pass-word for each account easier to manage.Did you know that 50% of cyberattacks inFirewallHow safe is your business from network 2018 were directed at small businesses,andintrusion attacks? Ensure your company has a good 66% of small businesses go out of business within firewall that is configured correctly to protect your 6 months of a cyber-attack? (VIPRE - 2018). business from an outside attack, and dont forget to Cybersecurity is an area that not too many smallschedule and budget for regular updates. Attacks are By Patrick Godfrey, businesses are focusing on, because they dont thinkever evolving, so its important to stay up to date.President of they are a target or that the data they have isnt valu-Slick Rock Security able. Let me tell you an all too familiar scenario thatEndpoint ProtectionIf ransomware infects a many small businesses are facing: computer, how far will it spread? Each computer on your network should have a good antivirus and Tim from sales receives an email from one of hisanti-malware client installed. Be sure your endpoint clients. The email is from an address that Timprotection software is being updated regularly. There doesnt recognize but the name seems legitimate,are many great products available today, but our cur-so he opens the email on his laptop while traveling.rent favorite is Sophos Business.The email contains a link to see a proposal but whenUpdate ScheduleWhen was the last time your he clicks the link nothing happens. He is busy andcomputers and network systems were updated? Most figures he will follow up with his client the next timecybersecurity breaches are because of old outdated he sees them and doesnt think anything of it. Timsoftware that hasnt been updated. Creating and comes back to the office, connects his laptop to thefollowing a patch schedule is essential to ensuring network, and goes to work. For a few days, every- youre not the victim of an attack. We recommend thing seems fine, but come Monday morning, everyperforming a monthly update of your network equip-computer in the office boots up to a ransomwarement, servers and workstations.messageTransfer $20,000 in bitcoin to an ac-count, and we will unlock your system. The entireIf you dont know where to start, find someone to company is locked out of their computers, cant gethelp you put together a cybersecurity plan. Consider into payroll, send emails, browse the internet or ac- looking for a consultant that will explain what they cess client files. Consider for a minute, how wouldare doing and how it will benefit your business. Hir-you proceed? What is your plan of action? ing a company to perform a cybersecurity assess-Lets stop making cyber security harder than it ment is a great place to start. A good cybersecurity needs to be. To help protect themselves from aassessment should be tailored to your business, show cyber-attack, here are 6 things every small businessareas of exposure, and focus on steps you can take to should be doing right now: make your business more secure.Data BackupsA computer is lost, stolen, or heldBottom line, you need to be actively engaged in for ransom; can business continue? New variants inprotecting your business, because you are actively ransomware are focusing on corrupting backups andbeing targeted by cybercriminals. connected shared drives. Be sure youre performingAbout the Author: regular backups of critical systems and data. MakePatrick Godfrey has consulted with WPMA for over sure that you are rotating backups off-site to avoid20 years and is a familiar face at our national con-being locked by ransomware. Dont pay the ransom.vention, helping with our WPMA app and present-Restore your data and get back to work. ing on technology in business. He recently started a Multi Factor AuthenticationAn employee compro- cybersecurity company focused on helping educate mised their login credentials; can the attacker getand protect businesses from cyber-attacks. Patricks in? To ensure your accounts are not compromised,company Slick Rock Security offers a variety of ser-enable multi-factor authentication wherever possiblevices from cybersecurity assessments to full cyber as and push vendors without it to develop it.a service implementation to help WPMA members. Patrick can be reached at patrick@slickrocksecurity.comPassword management - Do you or your em- or www.slickrocksecurity.com.ployees use the same password on multiple sites? Because we are creatures of habit, we often re-useS24 www.wpma.com / Autumn 2019'