10 Cyber Security Tips to Keep Your Business Safe During the Holidays

Your best bet for protecting your business against threats during the holiday season is, of course, to operate under the protection of a top cyber security service provider. Doing so will not only give you 24/7 monitoring but will also give you access to the most cutting-edge tools and knowledge on the cyber security front. 

Outsourcing to a cyber security service provider can be a one-stop solution. However, there are many other things you can do to support this central strategy. From training to backup and disaster recovery, here are ten ways to ensure your business remains safe during any holiday.  

10 Ways to Boost Your Cyber Security Over the Holidays

Conduct annual cyber security training

You may wish to schedule these training sessions outside the holiday period, holding them during your usual seasonal lulls. However, they will certainly come into play over the busy holiday period, when cybercrime often peaks. 

One of the most important topics to cover is phishing and related attacks. By doing this yearly, you’ll keep your team up-to-date on the latest attack vectors and ensure they have a sixth sense for recognising everything from phishing emails to watering hole attacks. 

Other cyber security training modules worth covering include: 

• Cloud security;
• Password and authentication best practices;
• Staying secure while working remotely;
• Security steps around removable media;
• The nexus of physical and cyber security. 

Conduct a holiday cyber security review

You may prefer to save training sessions for quieter times of the year. However, conducting a quick review of your cyber security policies in the lead-up to the holiday season is still a good idea. In addition to refreshing staff on best practices, this gives them the opportunity to ask questions and fill knowledge gaps that could otherwise present weaknesses in your security. Humans are a vital link in your cyber security defence system, so it’s crucial to ensure they’re well-armed and well-informed. 

Update Passwords and Add Multi-Factor Authentication

Before heading off on holidays, it’s a good idea to have employees update their passwords and, where possible, enable multi-factor authentication (MFA). So long as you follow the recommended procedures for setting strong passwords, the first step will reduce the likelihood of their accounts being hacked in their absence. The second step will ensure that, even if an account is hacked, the criminals likely won’t get past the MFA step. 

When creating passwords, make it company policy for employees to: 

• Use at least eight characters, with a combination of upper and lower case letters, numbers, and symbols;
• Avoid sequential numbers and letters (e.g. asdfg, 1234);
• Avoid names, words, birthdates, and addresses;
• Ensure every password is unique (this also means not changing a password from p@ssw0rd to something similar like p@ssw0rd!);
• Never recycle passwords;
• Use a reputable password manager or vault to store these complex passwords;
• Consider “peppering” stored passwords – saving part of the password and having a small sequence only the account owner knows to add in. For example, the password bank may have e#F&ohf7bsGH* saved, but the account holder knows that they always add a7S to the end of their passwords.

These steps not only boost your security but also make it easier for staff to manage the many complex passwords they need to remember. 

Disconnect Any Device That Doesn’t Need to Be Online

Apple computers function at their best when put in sleep mode overnight rather than being shut down. Because of this, many people get into the habit of just letting their devices sleep rather than shutting them down entirely. Over a holiday, this can be a big mistake. 

Any device switched on and connected is a potential portal for cybercriminals to access your system. So, if you’ll be shutting up shop, even just for a long weekend, it’s best to disconnect any devices that don’t absolutely need to be online. 

Ensure Your Software is Up-to-Date

Another crucial pre-holiday check to add to your list is actioning any software update notifications. Doing so will ensure any recently discovered vulnerabilities are safely patched, keeping your system safe while you’re away. If you work with a Managed Service Provider, they should take care of this step for you. However, it never hurts to make a quick call to confirm everything is up-to-date never hurts. 

Be Cautious When Posting on Social Media

Many business owners share posts on LinkedIn or Facebook around the holidays. With the four-day workweek and other work-life balance strategies gaining popularity, it’s common for those posts to centre around the fact that everyone in the team will be enjoying a well-earned break. While this is a positive phenomenon in many respects, such posts can sadly also alter cybercriminals to the fact that your system might be a prime target. 

So, be careful about what you post. If you do want to promote a healthy approach to taking time off, consider giving your MSP or IT security provider a shout-out in the same post. That way, you’re making it abundantly clear that your network protection never skips a beat. 

Conduct a Workplace Wi-Fi Audit 

If you have wi-fi in your business, the holidays are an excellent time to conduct an audit and ensure it is hidden from public view and well-protected. Password-protect your router, and check that it’s not broadcasting the network name, also referred to as the Service Set Identifier (SSID). Your MSP or in-house IT team will be able to help you with this step. 

Conduct a Physical Security Audit 

Physical security and cyber security are interconnected. After all, it’s your physical security that keeps your devices and much of your IT infrastructure safe. So, before heading off for the holidays, conduct a thorough physical security audit. If you work with a security company, have them check your cameras, video surveillance system, door locks, and alarm system. Let them know your holiday business hours, and have them adjust their monitoring service to suit. 

Ensure you have a backup and disaster recovery plan

If you don’t already have a backup and disaster recovery strategy, the holidays are an excellent excuse to develop one. You can work yours up in-house or opt for Disaster Recovery as a Service (DRaaS). The key is to ensure that, should a worst-case scenario occur and you experience data loss or a data breach, you can quickly get back up to speed. 

Lock Up Thoroughly 

Though this is a rather obvious point, it’s still worth mentioning. If you’ll be away from your business for any extended period, even if it’s only a long weekend, it’s crucial to be thorough when locking up on the last day. It’s easy for this task to become automatic and unconscious, so don’t let yourself slip into autopilot. Instead, pay close attention to each step, perhaps even using a checklist to ensure you’ve covered everything. 

IT security is crucial year-round, but it should be even more of a priority over holiday periods. Whether you’re taking time off or not, holidays generally come with an uptick in cybercrime. Even long weekends are lucrative times for bad actors. 

To keep your business safe, follow the steps outlined above, and if you have any questions or concerns, feel free to contact us. Our IT experts are dedicated to providing the highest level of service, and we’d be more than happy to help you protect your business – over the holidays and beyond.