Top 10 Cybersecurity Tips for Businesses

Bank OZK works diligently to protect our valued customers’ information and assets. We want to ensure your online privacy & security. Bank OZK’s cybersecurity experts recommend the following tips to help secure your business from cyberattack. If you believe you are a victim of fraud or the recipient of suspicious communication, let us know immediately at

1. Control access to computers and files

Create separate user accounts and unique passwords for each employee to prevent unauthorized individuals from gaining access to company and customer information. Employees should only be given access to the specific data systems that they need for their jobs.

2. Protect information, computers, and networks against cyberattacks, viruses, spyware, and other malicious code

Make sure each of your business’s computers are equipped with the latest operating system, web browser, antivirus and antispyware security software and configure them to install updates automatically and run a scan after each update to enhance security and improve functionality.

3. Secure your networks

Protect your Internet connection by using a firewall and encrypting your data to prevent outsiders from accessing data on a private network. If you have a Wi-Fi network, set up your wireless router so it does not broadcast the network name (SSID), and make sure it is password protected.

4. Establish multi-level security practices and policies to protect sensitive information

Use best practices when handling sensitive customer information and other vital data. Require employees to use unique passwords and change passwords every three months. Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry.

5. Educate employees about cyberthreats and hold them accountable

Establish appropriate Internet use guidelines, and speak with employees about online threats and how to best protect your business’ data. Clearly outline the consequences and penalties for violating company cybersecurity policies.

6. Limit employees’ ability to download and install programs

Do not allow employees to download or install any software without permission. Administrative privileges should only be given to key personnel and trusted IT staff.

7. Employ best practices on payments, company cards

Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used. Isolate payment systems from other, less secure programs. If you use an electronic payment system, verbally verify transaction payment instructions received via email prior to transferring funds, changing payroll, or processing payments.

8. Make backup copies of important business data and information

Regularly backup critical data, including important documents, spreadsheets, databases, as well as financial, human resources, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the copies offsite or on the cloud.

9. Create a mobile device action plan

Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. They are particularly easy targets for theft or can be lost, so lock them when unattended. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while mobile devices are on public networks. Be sure to set reporting procedures for lost or stolen equipment.

10. Secure all pages on your public-facing websites, not just the checkout and sign-up pages

A webpage with an https: prefix means the site is secure. A site with an http: prefix is not secure.