cybersecurity risks holidays

‘Tis the Season for Holiday Scams: How Startups Can Prepare for Cybersecurity Risks

This year has created an unprecedented security landscape for small- and medium-sized businesses (SMBs), and the holiday season is no exception. E-commerce holiday sales are expected to grow between 25% to 35% year-over-year during the 2020 to 2021 holiday season.

StartupNation exclusive discounts and savings on Dell products and accessories: Learn more here

With this peak in online activity, and the continuation of employees working remotely, startups must ensure they are properly securing their workforce to avoid a cybersecurity disaster.

Improving security and staying safe during the holidays

The holidays are not only a prime time for shopping, it is also one of the best times of the year for cybercriminals to attack. Organizations large and small have become a greater target this year as employees work from home.

In fact, the threat will continue to challenge startups and small businesses as they consider future plans for their workforce, with 56% planning to have some of their employees work from home permanently.

The reality is, the line between one’s work and personal life has become blurred. Employees can be targeted for both their personal information and their company’s data. From phishing attacks and credential stuffing to the increasing number of COVID scams, employees are the gateway to potential organizational risks, even if they don’t know it.

With devices and applications introduced into workplaces that are not managed by the IT department increasing and people leveraging their work devices for personal online activities, it is more important than ever to ensure every access point to your business is protected. It’s vital that you enhance your company’s cybersecurity practices, starting with enforcing basic cyber hygiene and raising awareness of the risks employees face.

There are several steps entrepreneurs can take to keep their businesses running securely during the end of year rush, including:

  • Don’t overlook the basics. Start with cybersecurity hygiene. Make sure all software deployed to employees is updated and working correctly; regularly update firmware and anti-malware and ensure that all data backups are up to date. Tracking all applications being accessed should also be part of the cybersecurity program, as many threat actors target unattended apps.
  • Adopt single sign-on (SSO) and password management. There is no doubt that passwords are a hazard to your business. Employees tend to reuse the same weak passwords across accounts. SSO can simplify managing account access to work applications and provide employees with an easy and secure way to log in, no matter where they’re working from. SSO connects users to apps and systems without the need to create and remember passwords. Instead, a user only has one password to remember: the password to access his or her SSO portal. Of course, the goal is to secure all entry points to the business, which includes those apps that aren’t mandated by IT or can’t be authenticated through SSO. This is where an enterprise password manager comes into play, helping users manage all their other passwords.
  • Enforce multi-factor authentication (MFA). There are different types of MFA, but at its core, MFA adds an additional layer of security by requiring a further login step. MFA leverages different factors (such as a code) to authenticate who is accessing a device or application. The employee would complete two or more factors in alignment with the MFA policy, while IT can rest assured they are giving access to the correct people.
  • Create a security-aware culture. No matter what technology you have in place, you are still vulnerable if you do not bolster online security through employee awareness. Without security awareness and educational resources, employees may not understand how to identify a phishing email or malicious links on a webpage. Providing teams with cybersecurity training to help them recognize threats, understand their personal and corporate risks and what role they play within the security of the full organization, will help create a security-aware company culture.

Sign Up: Receive the StartupNation newsletter!

Getting cyber ready

As employees continue to work from home and the line between personal and work life continues to blur, especially during a holiday shopping season, protecting a company’s assets is more important than ever.

Cyber hygiene, security trainings and simplifying access and adopting the right tools to authenticate employee identities are key steps to maintaining control and securing company assets through the holidays and beyond.

Previous Article
Exit Rich excerpt

Setting These 3 Types of Goals is Essential to Your Startup's Success

Next Article
customer feedback

Why Your Startup Must Incorporate Customer Needs to Drive Growth

Related Posts
Read More

5 Ways to Leverage Crypto to Scale Your Business

For businesses to grow and scale, they need to find new and innovative ways to improve their products and services and make their business processes more efficient. One way that many businesses are achieving these goals is by tapping into the world of cryptocurrency. Cryptocurrency adoption among businesses and consumers has never been higher. It...
Read More

WJR Business Beat: Boomerang Employees, a Pandemic-Fueled Trend (Episode 404)

On today's Business Beat, Jeff Sloan sheds light on a new pandemic-fueled trend: boomerang employees. What are they and why are they significant? Tune in to today's Business Beat to learn more:       Tune in to News/Talk 760 AM WJR weekday mornings at 7:11 a.m. for the WJR Business Beat. Listeners outside of...
Read More

The Role of a Recruiter and HR in Small Business

You’ve launched your business and it’s humming along. Like most entrepreneurs, you wear plenty of hats, including chief human resources (HR) and recruitment officer. Here’s the problem, though: You can’t handle all your employee-related responsibilities forever. If you do, you could find yourself in trouble. The issue isn’t just that you’re going to spread yourself...