Software security
You can avoid a large portion of business-related cybersecurity threats by implementing good software security practices.
Quick tips
In today’s digital age, all businesses rely on some combination of software to properly function. This means that there are plenty of opportunities for your business to become compromised. It’s important that you and your employees take the necessary steps to secure the software you use.
Know Your Software
Software can include:
- Desktop applications
- Mobile device apps
- Web server and related software
- Operating Systems (OS)
- And more
Legitimate software
- Only use legitimate software for your business, ensuring that any free software you’re using is safe and widely used by other businesses in the same industry
- Avoid using unauthorized versions of software; software that’s downloaded illegally cannot be trusted
Set limits
- For apps that can be accessed and used by more than one person at the same time, make sure to give authorization to those who genuinely need it in your business
- Minimize the number of employees who have administrative access
Update
- Most importantly, accept updates (patches) to your software when prompted
Hosting and web security
Your business website is an important place to house information that’s critical to your company’s success. However, if not properly secured, it can also lead to severe consequences through vandalism, disruption of service, or theft of sensitive data.
Here are some basic tips to follow.
If you’re hosting your website(s) internally on servers your business owns:
- Only give access to authorized employees
- Make sure to always update your web server’s operating systems
- Make sure to always back up your websites to an external server
- Keep a history of server logins and have someone regularly check for any suspicious activity
If your business is paying for a third-party web hosting service, make sure your supplier offers:
- Regular scans and updates to your website
- Restoration services for your website in the event of an attack by fraudsters
Report an incident or suspicious activity