Episode Transcript
[00:00:00] Hello and welcome to another episode of Financial Snickens. I'm your host, Elisa McCabe, and today we are going to be talking about cybercrime and if you're at risk. Now, I was just on a webinar and The owner, the person who started Siri, um, was talking about how this happens everywhere. And it was really interesting because a lot of times people think they're too small for this to happen.
That's not the case at all. Anywhere it can happen. If you store any kind of digital information, you can become a victim of cybercrime. Now, why are we talking about this? Because it is so incredibly important to small businesses to make sure that you have defenses against this. And look, the odds of having an [00:01:00] issue with these digital crimes has increased dramatically.
So there are several different types of ways you can be attacked. One of them is social engineering. Yes, when thieves try to get your employees to provide confidential information, either through an email, um, or through the phone, it's called social engineering, and you can reduce your risk by developing procedures and training with your employees.
If you take this line of defense. It is your best line of defense. So you train your employees to identify different situations and what that, what that looks like. So you would ask them to have a things that are identifying information, such as like a pin code or a phrase or something. Now, look, when my kids were little, I had a phrase that I used for [00:02:00] them so that no strangers could come pick them up from school.
It's the same. thing that you do with your team. If someone gets a phone call and says, Hey, I want you to transfer X amount of dollars out of an account. Then you say, well, you know, do you know the passcode? What's going to happen there? Make sure that you create these things so that your team has good training and can do this for you.
And it keeps you. and your clients safe. The next thing is passwords. So passwords are super inconvenient, as we all know, and remembering them are even worse. So, and everyone I know, including myself, used to be, are guilty of using the same password because we can remember it. But using different usernames and passwords will keep you safe.
Now, We [00:03:00] at First Steps actually use a password software, and there's lots of them out there. So, you should install a password software for your devices, and this is the safest thing you can do. Because if you want to give
somebody access, you don't have to give them the password. You can give them a link that they can use, and they never can see the password.
And... It is always encrypted, and that helps you keep your usernames and passwords safe. So, another, another way that, uh, cybersecurity can happen is receiving and delivering information through email. Now look, at First Steps, we will never, ever ask you for any kind of sensitive information through email.
Ever. [00:04:00] We use a secure link from Sharefile, which is encrypted. Sharefile is owned by Citrix, and it is their job to keep this information safe. They store, we have cloud storage with them. If they were ever, uh, disrupted or anything happened with them, it would be an issue. So they put a lot of money into keeping it safe.
There are other programs out there too. There's, um, SharePoint does it and other places. There are special portals that store information securely. They put a lot of money into this securely. So use it. And this is another tool that you can use for safeguarding information delivery and using encrypted email is highly suggested.
You don't ever want someone to be utilizing your information because they [00:05:00] intercepted your email. Um, this next one seems kind of basic antivirus. Does everybody have antivirus on your computers? It should be on every device that you use. And it is almost a no brainer at this point to have, um, antivirus on all your devices.
If you don't please seek out an I. T. company that can help you do this. So, anti spam also is a huge protection for email, and this is something that it'll protect your devices from bad links in emails, and users need to be trained on how to detect and avoid phishing emails, PHI. Fishing email. So what happens is we have it on our Gmail.
It actually automatically filters out all the spam stuff that comes in. If I ever look at my spam file, it's hilarious. The [00:06:00] things that are in there and thank goodness. Google does such a great job of doing this, but. There are things that get through. You need to train your team and a good I. T. Company actually can provide training for your team.
And what happens is you get an email that has a bad link in it. And if the I. T. Company is taking care of you, they send you these, they send you these emails. And if your team clicks on it, you know that they clicked on it. Um, and so it's great training. But we actually have done this with an I. T. company and we do it all the time.
When we meet with our teams, we talk about any phishing emails that have come through. So. And our team is trained to not click on any links. And if you have a question, get on the phone and call somebody. You don't ever use a link in an email and you don't use a phone number in an email. We go to an outside source, go to a separate website to check it, make sure it's okay.
[00:07:00] Those things are training. Your best line of defense is training your team against any of these issues. Any of cybercrime, that is your best defense. You can also find malware protection. So malware can be installed on your computer without your knowledge. And to protect against these threats, you can actually, um, really avoid any file sharing as possible and do not download anything that you don't recognize.
And be super careful, like we just talked about with phishing, about the links in emails. So, there's firewalls you can put up and there's other preventative solutions. You really need to talk to your IT company to make sure you are downloading what you really need. So, one thing that sometimes we forget about, the software we use.
Has upgrades and these [00:08:00] upgrades patch vulnerabilities so that you are safer with every new upgrade you install. How many times have you got a Windows upgrade and you're like, uh, I'm going to wait on that. Don't install it because the reason why they do these updates is because they may have found vulnerabilities in what they have.
And now they're giving it to you to fix. So. All these things are trying to reduce your business risk. These are just security tips. And they are really just the tip of the iceberg when it comes to having good data security practices in your business, develop policies, train and monitor your employees.
And also, please set a good example yourself by avoiding these growing threats to your business. If you want to talk more about cyber security or have questions, we have tons of IT companies that [00:09:00] we work with that we love and really do a good job of this. Head over to our website, firststepsfinancial.
com and we can talk more about how you can protect your business and who we recommend to help you with it.