Cybersecurity is critical for businesses of all sizes. These 18 tips can help you secure your computers and mobile devices from malicious actors.
- Hackers are criminals who gain unauthorized access to a network and devices, usually with the intent to steal sensitive data, such as financial information or company secrets.
- You can protect your computers by using firewalls and antivirus software and by following best practices for computer use.
- You can protect your mobile devices by turning off Bluetooth when it's not in use, being mindful of the Wi-Fi networks you connect to and using security applications to improve monitoring and protection.
The growth of the World Wide Web in the 1990s introduced new possibilities and spawned new industries, but it also brought about new downsides of connectivity. Tons of spam started to infiltrate email accounts, and computer viruses wreaked havoc on business networks. A new threat known as computer hacking extended the definition of thievery to include infiltrating your computer, stealing personal information, tricking you into revealing private data, and using that data to steal and extort personal information, such as business secrets, bank account credentials and even people's identities.
What are computer hackers?
Computer hackers are people who break into internet-connected devices such as computers, tablets and smartphones, usually with the intent to steal, change or delete information.
Just as other thieves have malicious intent, hackers usually find their way into devices for negative purposes. (However, one exception is so-called white hat hackers, whom companies hire to break into their devices to find security flaws that need to be fixed.) Hackers may want to steal, alter or delete information in your devices, and they often do so by installing malware (software used for malicious purposes) you might not even know is there. These thieves might get access to your most precious data before you're aware of a break-in.
Key takeaway: Hackers are interested in gaining unauthorized access to your devices to steal sensitive data.
Types of hacking
Here are some of the reasons computer hackers break into devices:
Financial crimes. We've all heard the classic story of somebody checking their credit card statement, only to find transactions they didn't make. These false transactions are often the result of computer hackers stealing your credit card numbers, checking account info or gaining access to other financial data.
Vandalism. Hacking has its own subculture, so some hackers may want to vandalize certain websites just to show off to other hackers. Does it sound ridiculous? Don't make the mistake of not taking this motivation seriously; it's fairly common, according to Malwarebytes.
Hacktivism. This portmanteau describes a form of hacking somewhat like vandalism. Some hackers may want to alter or destroy certain websites for politically motivated reasons.
- Corporate espionage. Spying existed long before the internet era, and hacking has only made espionage more accessible to the everyday person. With much of the world constantly connected to the internet, one company can hack into other companies' devices to steal their information and use it to build an unfair competitive advantage.
Key takeaway: Hackers have a variety of motivations, ranging from financial gain to political goals. Awareness of these intentions can help you anticipate attacks that could affect your small business.
How to secure your computer from hackers
Despite the prevalence of computer hackers, most businesses rely on the internet to track their financials, order and maintain inventory, conduct marketing and PR campaigns, connect with customers, engage in social media, and perform other critical operations. Yet we continue to hear about massive computer breaches, even at giant corporations with robust security measures in place.
Small businesses are often targets as well, especially because they may underestimate the risk of cybercrime and may not have the resources to employ expensive cybersecurity solutions. Follow these tips to protect your devices and safeguard your sensitive data:
1. Use a firewall.
Windows and macOS have built-in firewalls – software designed to create a barrier between your information and the outside world. Firewalls prevent unauthorized access to your business network and alert you to any intrusion attempts.
Make sure the firewall is enabled before you go online. You can also purchase a hardware firewall from companies such as Cisco, Sophos or Fortinet, depending on your broadband router, which also has a built-in firewall that protects your network. If you have a larger business, you can purchase an additional business networking firewall.
2. Install antivirus software.
Computer viruses and malware are everywhere. Antivirus programs such as Bitdefender, Panda Free Antivirus, Malwarebytes and Avast protect your computer against unauthorized code or software that may threaten your operating system. Viruses may have easy-to-spot effects – for example, they might slow your computer or delete key files – or they may be less conspicuous.
Antivirus software plays a major role in protecting your system by detecting real-time threats to ensure your data is safe. Some advanced antivirus programs provide automatic updates, further protecting your machine from the new viruses that emerge every day. After you install an antivirus program, don't forget to use it. Run or schedule regular virus scans to keep your computer virus-free. [Looking for antivirus software for your business? Check out our picks for the Antivirus software.]
3. Install an anti-spyware package.
Spyware is a special kind of software that secretly monitors and collects personal or organizational information. It is designed to be hard to detect and difficult to remove and tends to deliver unwanted ads or search results that are intended to direct you to certain (often malicious) websites.
Some spyware records every keystroke to gain access to passwords and other financial information. Anti-spyware concentrates exclusively on this threat, but it is often included in major antivirus packages, like those from Webroot, McAfee and Norton. Anti-spyware packages provide real-time protection by scanning all incoming information and blocking threats.
4. Use complex passwords.
Using secure passwords is the most important way to prevent network intrusions. The more secure your passwords are, the harder it is for a hacker to invade your system.
More secure often means longer and more complex. Use a password that has at least eight characters and a combination of numbers, uppercase and lowercase letters, and computer symbols. Hackers have an arsenal of tools to break short, easy passwords in minutes.
Don't use recognizable words or combinations that represent birthdays or other information that can be connected to you. Don't reuse passwords, either. If you have too many passwords to remember, consider using a password manager, such as Dashlane, Sticky Password, LastPass or Password Boss. [See related article: How to Create a Strong Password]
5. Keep your OS, apps and browser up-to-date.
Always install new updates to your operating systems. Most updates include security fixes that prevent hackers from accessing and exploiting your data. The same goes for apps. Today's web browsers are increasingly sophisticated, especially in privacy and security. Be sure to review your browser security settings in addition to installing all new updates. For example, you can use your browser to prevent websites from tracking your movements, which increases your online privacy. Or, use one of these private web browsers.
6. Ignore spam.
Beware of email messages from unknown parties, and never click on links or open attachments that accompany them. Inbox spam filters have gotten pretty good at catching the most conspicuous spam. But more sophisticated phishing emails that mimic your friends, associates and trusted businesses (like your bank) have become common, so keep your eyes open for anything that looks or sounds suspicious.
7. Back up your computer.
If your business is not already backing up your hard drive, you should begin doing so immediately. Backing up your information is critical in case hackers do succeed in getting through and trashing your system.
Always be sure you can rebuild as quickly as possible after suffering any data breach or loss. Backup utilities built into macOS (Time Machine) and Windows (File History) are good places to start. An external backup hard drive can also provide enough space for these utilities to operate properly.
8. Shut it down.
Many businesses, especially those operating a web server, are "all systems go" all the time. If you're not operating a complex internet-based company, however, switch off your machine overnight or during long stretches when you're not working. Always being on makes your computer a more visible and available target for hackers; shutting down breaks the connection a hacker may have established with your network and disrupts any possible mischief.
9. Use virtualization.
Not everyone needs to take this route, but if you visit sketchy websites, expect to be bombarded with spyware and viruses. While the best way to avoid browser-derived intrusions is to steer clear of unsafe sites, virtualization allows you to run your browser in a virtual environment, like Parallels or VMware Fusion, that sidesteps your operating system to keep it safer.
10. Secure your network.
Routers don't usually come with the highest security settings enabled. When setting up your network, log in to the router, and set a password using a secure, encrypted setup. This prevents intruders from infiltrating your network and messing with your settings.
11. Use two-factor authentication.
Passwords are the first line of defense against computer hackers, but a second layer boosts protection. Many sites let you enable two-factor authentication, which boosts security because it requires you to type in a numerical code – sent to your phone or email address – in addition to your password when logging in.
12. Use encryption.
Even if cybercriminals gain access to your network and files, encryption can prevent them from accessing any of that information. You can encrypt your Windows or macOS hard drive with BitLocker (Windows) or FileVault (Mac), encrypt any USB flash drive that contains sensitive information and use a VPN to encrypt web traffic. Only shop at encrypted websites; you can spot them immediately by the "https" in the address bar, accompanied by a closed-padlock icon. [See related article: A Small Business Guide to Computer Encryption]
Key takeaway: Combining security tools and best practices can protect your computers and your network from unauthorized access.
How to secure your phone from hackers
To secure your mobile device, you may need to take different security measures than you would to secure a computer. Follow these tips from Webroot to help you protect your mobile devices from hackers:
13. Turn off Bluetooth.
When you're not using Bluetooth, turn it off. Keeping your Bluetooth on but dormant opens another back door for computer hackers.
14. Don't use unsecured public Wi-Fi.
Password-free, widely used Wi-Fi networks have no security features. As such, they're prime targets for computer hackers.
15. Get a security app.
Install a security app on your phone, just as you should install a firewall, antivirus software and an anti-spyware package on your computer. Popular options include Avast, Kaspersky Mobile Antivirus and Bitdefender.
16. Use a better passcode.
Unlock codes like 0000 and 1234 are easy to remember, but they're also easy to guess. Instead, opt for a randomly generated, six-number passcode.
17. Switch off autocomplete.
Autocomplete is the feature that guesses what you're typing and completes the word, phrase or other information for you. While convenient, this tool all but hands your email address, mailing address, phone number and other important information to hackers. Switch it off.
18. Clear your browsing history.
Your mobile web browser has a browsing history, too. Clear it often – including cookies and cached files – to give hackers as little information as possible to work with if they do break into your phone.
Key takeaway: Mobile devices require additional efforts to protect, including deactivating certain features when they're not in use and installing security applications.
Additional reporting by Jackie Dove.