cybersecurity risks holidays

‘Tis the Season for Holiday Scams: How Startups Can Prepare for Cybersecurity Risks

This year has created an unprecedented security landscape for small- and medium-sized businesses (SMBs), and the holiday season is no exception. E-commerce holiday sales are expected to grow between 25% to 35% year-over-year during the 2020 to 2021 holiday season.


StartupNation exclusive discounts and savings on Dell products and accessories: Learn more here

With this peak in online activity, and the continuation of employees working remotely, startups must ensure they are properly securing their workforce to avoid a cybersecurity disaster.

Improving security and staying safe during the holidays

The holidays are not only a prime time for shopping, it is also one of the best times of the year for cybercriminals to attack. Organizations large and small have become a greater target this year as employees work from home.

In fact, the threat will continue to challenge startups and small businesses as they consider future plans for their workforce, with 56% planning to have some of their employees work from home permanently.



The reality is, the line between one’s work and personal life has become blurred. Employees can be targeted for both their personal information and their company’s data. From phishing attacks and credential stuffing to the increasing number of COVID scams, employees are the gateway to potential organizational risks, even if they don’t know it.

With devices and applications introduced into workplaces that are not managed by the IT department increasing and people leveraging their work devices for personal online activities, it is more important than ever to ensure every access point to your business is protected. It’s vital that you enhance your company’s cybersecurity practices, starting with enforcing basic cyber hygiene and raising awareness of the risks employees face.

There are several steps entrepreneurs can take to keep their businesses running securely during the end of year rush, including:

  • Don’t overlook the basics. Start with cybersecurity hygiene. Make sure all software deployed to employees is updated and working correctly; regularly update firmware and anti-malware and ensure that all data backups are up to date. Tracking all applications being accessed should also be part of the cybersecurity program, as many threat actors target unattended apps.
  • Adopt single sign-on (SSO) and password management. There is no doubt that passwords are a hazard to your business. Employees tend to reuse the same weak passwords across accounts. SSO can simplify managing account access to work applications and provide employees with an easy and secure way to log in, no matter where they’re working from. SSO connects users to apps and systems without the need to create and remember passwords. Instead, a user only has one password to remember: the password to access his or her SSO portal. Of course, the goal is to secure all entry points to the business, which includes those apps that aren’t mandated by IT or can’t be authenticated through SSO. This is where an enterprise password manager comes into play, helping users manage all their other passwords.
  • Enforce multi-factor authentication (MFA). There are different types of MFA, but at its core, MFA adds an additional layer of security by requiring a further login step. MFA leverages different factors (such as a code) to authenticate who is accessing a device or application. The employee would complete two or more factors in alignment with the MFA policy, while IT can rest assured they are giving access to the correct people.
  • Create a security-aware culture. No matter what technology you have in place, you are still vulnerable if you do not bolster online security through employee awareness. Without security awareness and educational resources, employees may not understand how to identify a phishing email or malicious links on a webpage. Providing teams with cybersecurity training to help them recognize threats, understand their personal and corporate risks and what role they play within the security of the full organization, will help create a security-aware company culture.

Sign Up: Receive the StartupNation newsletter!

Getting cyber ready

As employees continue to work from home and the line between personal and work life continues to blur, especially during a holiday shopping season, protecting a company’s assets is more important than ever.

Cyber hygiene, security trainings and simplifying access and adopting the right tools to authenticate employee identities are key steps to maintaining control and securing company assets through the holidays and beyond.

Total
1
Shares
Previous Article
Exit Rich excerpt

Setting These 3 Types of Goals is Essential to Your Startup's Success

Next Article
customer feedback

Why Your Startup Must Incorporate Customer Needs to Drive Growth

Related Posts
top Detroit startups
Read More

Top Detroit Startups and Tech Companies to Watch in 2022

Michigan is now the state with the highest growth in VC investment. Now many Detroit startups are on the fast track to growth. Whether it’s new funding, expansions or IPOs, it’s been an eventful year in Detroit startups. Next year is looking even better. Here are the top Detroit startups and tech companies to watch in...
HTTPS
Read More

The Impact of SSL and HTTPS on a Website’s SEO

In today's time, maintaining the security of your website is one of the most important ways to boost SEO and conversions. This also comes after Google announced its intentions to build a more secure internet platform for users. To stay on top of Google's list and rank high, marketers need to ensure that their site...
business insurance
Read More

When Do You Need Business Insurance?

A few weeks ago, I bought a new car. It was a stressful experience because of the shortage of vehicles at dealerships across the country. Incredibly, I was able to work out a sale price my wife and I were comfortable with, but we still purchased the car in a seller’s market. Worse, unlike homes...
VR technology
Read More

Why VR Technology is 2022’s Must-Have Business Tool

Facebook’s Mark Zuckerberg made headlines this year with his ambitious plans to build a metaverse, a world in which social and professional interactions are mediated by immersive digital technologies. But away from the front pages, these technologies are already being enthusiastically adopted by forward-thinking companies. And while the past year has seen a plethora of...