June is Internet Safety Month, as designated by the US Congress with support from the National Cyber Security Alliance (NCSA). While Congress started this initiative in 2005 with a focus on Internet safety among children and teens, the goal broadened to promote awareness among all ages of Internet users. Today the NCSA declares safe online business practices as one its 4 key pillars.
At most small businesses, Internet safety starts and ends with employees. From email to Internet browsing to password practices, informed employee behavior is the best way to protect your business from unwanted problems. In honor of Internet Safety Month we pulled together 4 core tips to keep your employees informed:
1. Build Internet safety guidelines – The first step for a small business is to have an opinion on what is safe and what’s not, and make it known throughout the company. Put these rules and regulations into a document that you share with employees on their first day of work and post it where it can be found at any time.
2. Promote good password practices – More than 30% of adults have over 10 passwords to remember. Whether or not you use a password manager, your employees hold the key to a great deal of valuable company data, and you want it to be safe from hackers. Require employees to change their password every 30, 60 or 90 days, and give them guidance to create strong passwords with tips such as:
- Don’t use obvious names, dates or numbers like your birthday, anniversary or hometown
- Include both upper and lowercase numbers
- Include symbols and characters
- Use at least 8 characters
3. Create awareness of email fraud – Prepare employees to look for potential phishing attempts that are designed to steal personal and valuable information. Safeguard your company by understanding the key signs of a fraudulent email and communicating them to employees. Have employees ask the 5 questions below if they suspect a phishing attempt. If they can answer ‘yes’ to one or more, the email might be suspicious.
Does the email in question…
- Want you to verify account information beyond email address?
- Ask for your password?
- Contain personal information like social security number or age?
- Include links or required attachments?
- Ask for financial information?
Also look for a message from the company to offer validity to the email. For example, LogMeIn adds this notice to the footer of every email it sends:
Important Security Notice: LogMeIn never asks for your password or other sensitive information by email. Do not click links or respond to a suspicious email! For details, visit blog.logmein.com/products/avoiding-phishing-attacks.
4. Encourage two-factor authentication – As the use of cloud apps in SMBs continues to rise and more employees are introducing their own apps to get work done, it’s important for SMBs to stay in control of their data. Encourage employees to use a two-factor authentication app that adds an extra layer of security to valuable company information. Many two-factor options, including the LogMeIn Authenticator App, allow you to enforce this practice company-wide if desired.
These four tips are just a start to safe, secure Internet practices for your business. Learn more about how to protect your business at the NCSA site. Happy Internet Safety Month!