Welcome to our new video series with Guide Star Senior Vice President, Evan Rice! We will be dropping new monthly videos on the Good, Bad, and Ugly of Cybersecurity and IT topics. Be sure to subscribe to our blog and YouTube channel so you never miss a new video!

As we are all too familiar with, data breaches and cybercrimes are on the rise and causing major headaches and financial loss for businesses of all sizes. Cybercriminals want us to believe that large corporations are the only businesses getting hacked, however, small to medium-sized businesses (SMBs) are just as susceptible to cybercrime. In fact, 43% of cyber attacks target small businesses, according to Verizon’s 2020 Data Breach Investigations Report.

As today’s technologies continue to change, small to medium-sized businesses (SMBs) should have a solid IT infrastructure in place to meet the demands of their business. At Guide Star, we assist SMBs maintain and support their IT infrastructure. We offer a set of services to keep your IT running up to spec and your IT users well supported.

The Importance of Saved Images At Guide Star, we have top-tier IT security practitioners, also known as our Blue Team, that engage with small and medium-sized business (SMB) owners and managers. Our blue team experts implement means and methods to mitigate cyber risk as well as arm your organization against future threats.

The systems development life cycle (SDLC) is a process any IT team member or software developer will be familiar with.

Every second, data is being transferred to and from your employees’ computers. The data can be anything from a simple Word document to highly sensitive information. Keeping sensitive data secure is a big part of having a cybersecurity program. How do you accomplish this? For starters, your IT team will need to implement strong technical controls. A technical control is a system-based protection to reduce risk and/or the chance of human error that can introduce risk. Let’s say one of your company’s cybersecurity policies is having a nightly backup of your data. The technical control is having a system to automatically back up the data, instead of having an employee do it manually. Employee Stock Ownership Programs (ESOP) need to have technical controls to protect their employee-owners’ assets. Guide Star understands the intricacies of an ESOP and the importance of protecting your company with technical controls and encryption.

In today’s workplace, ensuring only authorized access to your company’s systems is a key component of any cybersecurity program. Bad actors are no longer just lurking in the dark corners of the internet, they are everywhere your systems are, and may even be working inside your company. One of the main tactics hackers use to gain access to your systems by hijacking legitimate credentials. They do this by social engineering. Social engineering is the art of manipulating people, so they give up confidential information.

One of the main components to planning for disaster is cybersecurity. Being prepared for the worst is something every business needs to consider. Whether it’s a natural disaster, dangerous scenario, or a cyberattack, having a plan in place to protect your assets and your employee-owners cannot be overlooked. By starting your Business Continuity Planning (BCP), you will help protect your employees, especially for businesses with Employee Stock Ownership Plans (ESOP). A business continuity plan covers how to respond and protect your (your employee-owners) assets when disaster strikes.

Cybersecurity is one of the most important concerns for any business. Businesses with Employee Stock Ownership Programs (ESOP) need to pay special attention to keeping their employees safe from cyber-criminals. Cybercrime can be scary for any business, big, medium, or small. If your business doesn’t have the tools to protect your beneficiaries, Guide Star is here to help. In April 2021, the Department of Labor released cybersecurity best practices for fiduciaries to prevent vulnerabilities. Dive in deeper and learn about the first cybersecurity guideline recommended by the Department of Labor, which is how to create a formal program from scratch.