With the use of information technologies in daily life, the cyber attacks companies from different industries around the world. However, it is the medium or small businesses that are most exposed to being compromised, because many times they do not have the budget or knowledge of large companies that have specialized areas to protect the security of their information.
Federico Nager, Product Manager of Entel companies, has analyzed various cyber risk scenarios, common attacks and fraudulent tactics that mypes have been facing and provides some recommendations to start organizing a security plan for this type of business, starting with these simple 7 steps:
- Safety equipment: Regardless of the size of your business, you should assign a lead person and team responsible for business cybersecurity. This team must have an external or internal IT security specialist and include people from key areas of the company.
- Analysis and response: Once you have a computer, the next step is to analyze the various crisis situations that can be generated as a result of security incidents such as: information leaks, identity cloning, malware infection, false deposits, identity theft , etc. After that, it executes and continuously improves the response plan through real tests, defining the step by step to follow to manage the crisis.
- Secure your WiFi: It is very common for a small company to share the network over WiFi, but we must make sure to configure the wireless access point or router, so that it is encrypted and hidden from outsiders.
- Security filters: Remember that it is necessary to have a security policy from the registration of your clients to the sales process. Use strong alphanumeric passwords, implement SSL security certificate to your website and implement antivirus and licensed software for all your computers.
- Train your collaborators: Because many frauds can be carried out due to human error, it is necessary to train staff, especially the areas that are in charge of financial transactions, payments to suppliers, digital sales, and know how to act in possible cases of cyber fraud.
- Providers: When contracting mobile services, data, internet and/or telephony, it is best to inquire about the complementary security services and security certifications they have. Recently, Entel was one of the few companies in Peru to launch a portfolio of cybersecurity solutions and/or services for mypes during a pandemic, in addition to receiving the FIRST certification for its CyberSOC, which guarantees an effective and efficient response to cyber incidents.
- Backup: Backing up information is essential, so it is advisable to use the cloud to create backup copies of your critical information and information database.
RECOMMENDED VIDEO
