Safer Internet Day: Protect Your Business Against ‘Cybercrime Pandemic’
By Dr. Andre Alfred: From family-run businesses to Fortune 500 companies, knowing internet safety protocols to keep data secure is critical.
As we celebrate Safer Internet Day on Feb. 8, it’s more important than ever to ensure everyone in every business understands the risk our digital platforms create.
It’s no secret cybercrimes can hammer any organization, causing significant damage to their reputation – and their bottom line.
The pandemic changed a lot for Washington businesses and businesses across the world. One of the changes was the need for employers to build more robust digital access to their files – for employees and customers – creating a more pronounced cybersecurity threat to every company.
In light of the quick move to a digital footprint, a top cybersecurity expert warns that data snoops are busier than ever, and now is the time to check the locks on every digital door that leads to business and customer records.
“There’s a rule of thumb for businesses of any size – if you’re not thinking about internet safety and potential cybersecurity, you’re at risk,” said Dr. Andre Alfred. “The time to take precautions to protect your data is before you have a breach.”
Alfred is the Partner Group Program Manager in the Cloud + AI Security Division of the Microsoft Corporation. He believes the need for organizations to protect data is more critical than ever – and a strong defense against cyberattacks starts with the right mindset.
“Just like families lock their doors and secure their windows to protect the things inside their home, businesses need to do the same when it comes to cybersecurity,” Alfred said. “As we move more services and daily activities online, employers need to think about cybersecurity in the same way they do the physical security for their property and belongings.”
Alfred said companies also need to look beyond their own walls and consider the security measures of the organizations with which they work.
“The whole chain has to be safe and secure,” Alfred explained. “Understanding your cybersecurity posture as a business owner, as well as that of the folks you do business with, is very important in this day and age, particularly because everything moved online rapidly over the past year.”
Once a business prioritizes protecting data, Alfred suggests a set of cybersecurity safeguards for employers – and anyone with a digital footprint:
- Educate employees: The leading cause of security and data breaches is email phishing campaigns, which are emails to employees that seem innocuous. Because the emails look “safe,” an employee who clicks on a link in the email may inadvertently leak credentials out into the world. If your business doesn’t have a program around employee cybersecurity awareness, it should create one as soon as possible.
- Keep IT security patches up to date: If you have IT in your business, make sure to have a program that ensures patching and security updates are installed on a regular basis. If you hire an outside firm to handle IT and security patches and updates, be sure to revisit the timing and schedule often to ensure all the latest patches are installed in a timely manner.
- Bring in an expert: At a minimum, there should be some regular assessment of IT security within the business. Depending on the size of the business and the current cybersecurity posture, hiring an outside firm to come in and look at the features already in place and assess whether any breaches have already taken place is a good step to get a baseline for where the company stands and any improvements that can be made.
- Check vendor digital security measures: If the business hires out for functions like payroll or other services, always have the vendor supply their cybersecurity protocols to ensure your private information remains private. Vendors should be able to prove this information to their customers through the purchasing process or whenever it is requested.
Alfred also recommends organizations bring their IT operations in-house, if possible – though he acknowledges there aren’t enough trained and educated cybersecurity professionals to meet demand.
That’s why he created the Sheila Guillory Memorial Scholarship at Western Governors University (WGU) Washington, the university where he earned a bachelor’s degree in IT management and serves on the advisory board. He created that scholarship in honor of his late aunt to make the cost of a WGU Washington degree even more affordable – and encourage more people to consider careers in IT and cybersecurity.
“I encourage anyone thinking about getting into the growing field of cybersecurity to go for it,” Alfred said. “Employers will need all hands on deck to ensure the safety and protection of sensitive data.”
Dr. Andre Alfred is Partner Group Program Manager in the Security, Compliance, Identity & Management (SCIM) Division of the Microsoft Corporation. In his role, he is responsible for Cybersecurity Initiatives & Governance for many of Microsoft’s Cloud Services.