1. Change Your Password
It seems like a no brainer, but the majority of security breaches today are caused by compromised credentials and/or phishing. By changing your password immediately (through using your email address or email account) after you suspect you’ve been hacked, you greatly reduce the likelihood that the hacker will continue to have access to your systems.
2. Unplug the Impacted Devices
It goes without saying, but if a device has no power or access to the internet, then it’s awfully hard for it to continue to do damage. It’s easy enough for an IT professional to troubleshoot a security threat offline with a variety of software tools, so by immediately removing power and internet access from the device, it gives you some breathing room to get a pro working on the issue.
3. Run Multiple Security Scans
It’s great to have good security software, but nothing is 100%, especially at detecting new threats. Even if you’ve got a good, centrally managed endpoint security software package, if your device has been compromised, it’s good to run a secondary scan using a tool like Malwarebytes. Another great tool is VirusTotal, which is a website that allows you to run over 70 different anti-virus scanners on a specific file or URL. It’s a great option if you clicked on a link or file that you think might be malicious but your current security solution isn’t detecting it.
4. Update Your Firewall & Security Software
If you haven’t already read our IT Security 101 article, these are a couple of the basics that every small to mid-sized business should have. The problem is that they usually don’t update themselves on their own. They require a vendor to manage them centrally (or manually) to stay up-to-date. Ensuring that your firewall’s security subscription is current and that you’re using all of the necessary features usually takes a professional, since these systems are typically too complicated to be managed with a simple user interface. If you’re running standalone endpoint security software (aka anti-virus software), make sure that every device on your network has a current subscription and current security definitions.
5. Turn on Multi-Factor Authentication
Most current email platforms now support multi-factor authentication (sometimes referred to as 2FA or MFA). To explain what this is briefly, it’s a requirement to“authenticate”from another device by sending a text message or using an authenticator app. By turning it on, you’re preventing the hacker from gaining access to your systems, even if they have the password. It’s part of our Basic security level and it should be part of your standard operating procedures as well.
6. Seek Professional Help
No matter how small your business is or how insignificant of a security risk you think you are, you need an IT professional helping to guide and support you on your journey to protect your personal information. If you’re not aware of the types of options that are usually available to you, check out the section on the different IT support options available to most small to mid-sized businesses.
Have security questions or issues?
Drop us a line at email@example.com and let us know how we can help!
Making Financial Sense of IT
A little about us: Dynamic Computing provides managed IT services, IT support, IT consulting, & cyber security analysis services to top performing small to mid-sized businesses in the greater Seattle area. We're focused on being the premier managed IT services firm in the Pacific Northwest, and we act as a complete IT solution for companies who don't have internal IT departments. Our clients typically range from 10 to 200 employees and we work primarily with professional services firms in the Puget Sound Region.
About the author: Kevin Gemeroy is the President & CEO of Dynamic Computing, a company he founded while in Business School at the University of Washington. He's was recognized as a 40 under 40 honoree by the Puget Sound Business Journal in 2018 and as Washington State's Mr. Future Business Leader by FBLA in 1998. He resides in Seattle, Washington.