top of page
Writer's pictureSchool Photographers of America

Top Tips for Cybersecurity Protection for Studios and Labs

Updated: May 1, 2021



Cyber attacks are a growing threat for studios and labs all across the country. According to the FBI’s Internet Crime Report, the cost of cybercrimes has exceeded $3.5 billion in 2019.

Small studios and businesses are attractive targets because they have information that cybercriminals want, and they typically lack the security infrastructure of larger companies and industry service suppliers.

According to a recent SBA survey, 88% of small business owners felt their business was vulnerable to a cyber attack or cyber threat. However, most small businesses can’t afford professional IT solutions, and they have limited time to devote to cybersecurity, or they don’t know where to begin.


Heres' a checklist of things to do keep your business secure.

  1. Secure your WIFI Networks

    1. If you have a Wi-Fi network in your office, studio, or lab, make sure it is secure, encrypted, and preferably hidden.

    2. Do not broadcast your actual company name as the network name in your router. and make sure you give it a strong password and change this password at least once every three months.

  2. Control physical access to all your company computers

    1. Make sure you have user accounts for each employee and each computer. This is critical for laptops. All photography laptops must be secured and have individual security access so, in case of theft, no breach of images or data is possible.

  3. Passwords and authentication

    1. Require all employees to change passwords every three months. Consider implementing multi-factor authentication requiring additional information besides just a password.

  4. Limit employee access to the data system and limit their ability to install software on their device.

  5. Clean machines

    1. Make sure all systems have the latest updates, web browsers, security software, and operating systems to ensure the best defense against malware, viruses, and other threats.

  6. Create mobile device rules and plans

  7. Enable HTTPs on your website

    1. HTTPS websites have SSL/TLC Certificates installed on their servers. This certificate will encrypt all data transmission from browser to server.

  8. Keep Backup of all data

    1. Back up your back up according to a very robust plan.

  9. Create an incident response strategy

  10. Stay ahead of the attack. You can never be sure your facility is 100% secure. Create a written external plan to make customers aware and have an internal plan for how you will change your workflow as you recover from the attack.

  11. Train all employees of phishing scams and attacks

    1. Email is a weak point in many companies’ cybersecurity threats. Seek a secure email solution, make sure all employees are trained and aware of procedures, especially senior leadership.

  12. Manage all devices remotely

    1. This way if you need to shut down and lock out a device or an employee.

Comments


bottom of page