Cybersecurity advices from Benjamin Dynkin and Atlas Cybersecurity today? And then there’s the not-insignificant concern of lost smartphones. A lost business phone in the wrong hands could be a complete disaster. At the very least, all phones used to conduct business should have password protection, whole-disk encryption software and a remote lock-and-data-wipe app. That way, you can erase all the information on a lost phone and prevent anyone else from using it. The rise of flexible work-from-home policies has been a major trend in recent years, which is generally great for employee morale but not so great in terms of security. It’s tricky but obviously crucial to keep up security measures when employees are doing their jobs remotely. The guidelines about smartphones apply here, but you also need to ensure that strong safeguards are in place on all company computers and devices, no matter where the employee is working. Discover additional details at Benjamin Dynkin.

Form an Incident Response Team. While you should always have one head person in charge of making sure the incident response plan is being followed, you will need a team to help that person follow through quickly. For example, a PR person to release any communications and a sales person to speak to customers. Depending on the size of your organization and the possible size of the attack, you want to ensure the right people are managing the response.

Be Cautious of Public Wi-Fi. The laws and regulations that govern cyber security in other countries are typically not going to be the same as those found in the US. Free Wi-Fi access can be very appealing for business or leisure travelers but is also particularly vulnerable to security issues. Avoid unencrypted Wi-Fi networks; ask your hotel about its security protocol before connecting to the Web. Be extra cautious using Internet cafes and free Wi-Fi hotspots; if you must use them, avoid accessing personal accounts or sensitive data while connected to that network.

Use Two-Factor or Multi-Factor Authentication. Two-factor or multi-factor authentication is a service that adds additional layers of security to the standard password method of online identification. Without two-factor authentication, you would normally enter a username and password. But, with two-factor, you would be prompted to enter one additional authentication method such as a Personal Identification Code, another password or even fingerprint. With multi-factor authentication, you would be prompted to enter more than two additional authentication methods after entering your username and password.

Benjamin Dynkin about data breaches: Malicious criminals tend to follow a basic pattern: targeting an organization for a breach takes planning. They research their victims to learn where the vulnerabilities are, such as missing or failed updates and employee susceptibility to phishing campaigns. Hackers learn a target’s weak points, then develop a campaign to get insiders to mistakenly download malware. Sometimes they go after the network directly. Once inside, malicious criminals have the freedom to search for the data they want — and lots of time to do it, as the average breach takes more than five months to detect. In many cases, data breaches cannot just be patched up with some password changes. The effects of a data leak can be a lasting issue for your reputation, finances, and more.