The ways of doing business have drastically changed because of the revolutionizing digitization. And like every revolution digitization has its pros and cons. Enhanced productivity and improved efficiency are a couple of its advantages. Whereas its most significant disadvantage is its susceptibility to cyber security vulnerabilities. These threats are not large business concerns; it affects small and medium business equally.

Here are some of the top cyber security best practices that your organization can implement to protect your organization’s valuable data:

Below are two tips that can help the small & medium business defend themselves from cyber attacks:

1. Backup Your Data

According to a Google-led study, only 37% of users backup their data. Cyber criminals in recent times have used this failure of users to backup their data to launch cyber attacks via ransomware. The study also found that ransomware victims paid over $25 million to cyber criminals between the first quarter of 2016 to the second quarter of 2017.

Ransomware is malicious software that locks out users from their computers. Attackers typically leave a ransom notice on the locked computer monitor, demanding that certain amount should be paid for the computer to be unlocked.

By backing up, your data ransomware attackers will have no leverage against your organization. Backing up your corporate data will help your organization survive data loss, not just as a result of a cyber attack, but also data loss as a result of human error, hardware failure and natural disasters, including fire and flood. If your organization has more copies of your valuable data, losing one to cyber attack or other causes of data loss will have no catastrophic effect on your organization.

2. Keep Operating System and Software Up-to-Date

Another essential cyber security practice is to keep your operating system and all software updated. Recent major worldwide cyber attacks are a result of the failure of organizations to upgrade their operating system and software.

An operating system or software update, also known as a patch, is a piece of code that is added to the system or software to fix one or more security vulnerabilities. Once the security vulnerabilities are discovered, an update is released by the operating system or software creator. Failure to apply the update or if the software creator stops providing an update will leave your organization’s operating system and software vulnerable to cyber attacks.

A report from Better Business Bureau (BBB) – a non-profit organization focused on advancing marketplace trust – found that only one out of five small businesses reported that it had been the target of a cyber attack. One possible reason offered by the BBB report why smaller companies are less likely to report a cyber attack is that they may be unaware that they have been attacked. About 10% of the respondents of the BBB study could not tell if they were a target of a cyber attack.

At GigE, we pride ourselves in providing services that are based on compliance with some of the few security best practice such as:

1. Careful and thorough threat analysis reports determining the most pressing issues regarding your company’s I.T. security
2. The centralization of company security systems, streamlining and tightening security operations
3. Update of employee computers to more secure operating systems, and installation of antivirus software
4. Destruction of unwanted or sensitive data, through physical means or software deletion
5. Continued security services, including 24/7 monitoring services, and ongoing security assessments

Implementing these top cyber security best practices is even more important with the upcoming implementation of the Digital Privacy Act, a law that amended Canada’s private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).

Under the Digital Privacy Act, cyber attacks cannot anymore be swept under the rug as all Canadian organizations are required to do the following in case of a data breach: notify the Privacy Commissioner of Canada, inform the affected individuals and maintain a record of the data breach. Failure to report the Privacy Commissioner of Canada and affected individuals, under the new law, could result in a fine of up to $100,000.