All businesses face a number of cybersecurity challenges, like being the target of cybercriminals, having intellectual property stolen or being attacked to disrupt our way of life. Cybersecurity must become a priority for every business and every industry. Companies need to proactively protect their most vital assets, employees and customers. If a cybersecurity incident does occur, businesses need to readily respond, recover and collaborate with law enforcement by sharing threat information and aiding investigations.

Grand River Bank offers these tips and advice from StaySafeOnline.org to help our valued business customers take a risk management approach to cybersecurity:

STOP. THINK. CONNECT. Make it as difficult as possible for criminals and others to use your digital technology against you.

Keep a Clean Machine

• Keep security software current: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
• Automate software updates: Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
• Protect all devices that connect to the Internet: Along with computers, your smartphones, gaming systems and other web-enabled devices also need protection from viruses and malware.
• Plug & scan: USBs and other external devices can be infected by viruses and malware. Use your security software to scan them.

Protect Your Personal Information

• Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site.
• Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
• Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals.
• Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer.
• Own your online presence: Set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit how and with whom you share information.

Connect With Care

• When in doubt, throw it out: Links in email, tweets, posts and online advertising are often the ways cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark as junk email.
• Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your machine.
• Protect your $$: When banking and shopping, check to be sure the sites are security-enabled. Look for web addresses with “https://”, which means the site takes extra measures to help secure your information. “Http://” is not secure.

Be Web Wise

• Stay current. Keep pace with new ways to stay safe online. Check trusted websites for the latest information, share with friends, family and colleagues and encourage them to be web wise.
• Think before you act: Be wary of communications that implore you to act immediately, offer something that sounds too good to be true or ask for personal information.
• Back it up: Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely.

Be a Good Online Citizen

• Safer for me, more secure for all: What you do online has the potential to affect everyone -at home, at work and around the world. Practicing good online habits benefits the global digital community.
• Post only about others as you have them post about you.
• Help the authorities fight cybercrime: Report stolen finances, identities and cybercrime to www.ic3.gov(the Internet Crime Complaint Center) and www.onguardonline.gov/file-complaint(the FTC).

1. Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
2. Log out completely when you finish a mobile banking session.
3. Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
4. Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary permissions.
5. Download the updates for your phone and mobile apps.
6. Avoid storing sensitive information like passwords or a social security number on your mobile device.
7. Tell your bank immediately if you change your phone number or lose your mobile device.
8. Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you are punching in sensitive information.
9. Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturers recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
10. Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you do not know. And be wary of ads (not from your security provider) claiming that your device is infected.
11. Watch out for public Wi-Fi. Public connections aren’t very secure, so do not perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
12. Report any suspected fraud to your bank immediately.

1. Keep your computers and mobile devices up to date. Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
2. Set strong passwords. A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters.
3. Watch out for phishing scams. Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with.
4. Keep personal information personal. Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc. Be wary of requests to connect from people you do not know.
5. Secure your internet connection. Always protect your home wireless network with a password. When connecting to public Wi- Fi networks, be cautious about what information you are sending over it.
6. Shop safely. Before shopping online, make sure the website uses secure technology. When you are at the checkout screen, verify that the web address begins with https. Also, check to see if a tiny locked padlock symbol appears on the page.
7. Read the site’s privacy policies. Though long and complex, privacy policies tell you how the site protects the personal information it collects. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.

1. Educate your employees. You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
2. Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
3. Partner with your bank to prevent unauthorized transactions.
4. Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.
5. Understand your responsibilities and liabilities. The account agreement with your bank will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities.