You may be thinking, "My business is small. No one would find anything of value in my files! Why would anyone hack me?!" Your digital files are valuable to you and that is all a hacker needs to know. Recently, several construction contractors have reported they have had their data, websites, and other important business information held hostage for payment. Don't let this happen to your business!

Here are some simple steps you can take to protect yourself and your business

• Check that all devices on your network have anti-virus and anti-malware software installed and the software is being updated regularly.
• &Think twice when emailing sensitive information.
• Use complex passwords for everything on the network. A complex password contains a lower-case and upper-case letter, number, and a special character. Passwords that use at least 15 characters are the most secure.
• Protect your business with a password policy that requires password updates by all users on a regular basis.
• Change the default passwords for all devices. (Printers, storage devices, Wi-Fi, firewall, etc.) Anything with a login can be hacked!
• Use caution when connecting business devices to public Wi-Fi. Also, consider updating your office Wi-Fi password on a regular basis.
• Talk to your insurance broker about a cyber insurance policy. (Do you have one? Now is a good time to check.)

Here are some simple steps NOT to do:

• Use your work email and password combination for non-work-related 3rd party systems. Don't make it easy for hackers to find ways to access your network and files.
• Click links without thinking. Does that email you received even from someone you know seem off in some way? Or does that article on Facebook link to a weird page? Take a moment, pause and think before opening that attachment or clicking that link.
• Disregard the need for a cloud-based data backup. If you’re ever in a ransomware situation, these files will be critical to getting your business back on track.

Questions to ask your IT professional

• Is my firewall up to date? Ensure your business is protected and you have some level of spam and virus filtering in place.
• How do I know if devices on my network need software updates and/or patching? Windows and other applications need to be updated when critical vulnerabilities are found. How many devices does your business own and use daily? Hint: It's probably more than you think!
• Can all of our business-owned devices be wiped remotely? Ensure all mobile devices can be accessed by IT or your staff.

Other business considerations

How would your business continue functioning if you lost access to your business information overnight? If you've never thought about it, now is the time. Your business needs a disaster recovery plan and written policies in place... just in case.

Do you have a record of all the usernames and login information for devices and accounts across your organization? Consider assigning someone in your organization the responsibility of gathering, maintaining, and storing a master list (securely, of course!).

While these recommendations are good advice, not all situations are the same. Talk with your IT professional about your personal business vulnerabilities.