September 1, 2020


Cybersecurity During the Holidays

Every business owner, CEO, president, and company leader should be proactively taking steps to protect their business, customers, and employees during the holidays. This year, with more employees working remotely, cybersecurity measures are critical to maintaining business operations.

Protect Your Business from Cyber Security Problems this Holiday Season

While you’re busy spreading cheer, cybercriminals are hard at work trying to collect and expose your private data. In fact, a cybersecurity strategist pointed out last year that “as cybercriminals grow more sophisticated and holiday shoppers continue to flock online, researchers warn internet-based retailers could face a 20 percent uptick in cyberattacks.” This risk extends beyond retailers to all small businesses, as 43% of cyberattacks target small businesses.

If you are a small business owner or CEO, you will be better positioned to protect your business if you start taking proactive measures now. This will help you enjoy some peace of mind while celebrating the season with your loved ones.

Why are the holidays so appealing to cybercriminals?

While cyberattacks, in general, are on the rise, the holidays provide a field day for cybercriminals for a variety of reasons. For one, this is the time of year when many employees, including members of the IT department, take time off to travel or spend time with their loved ones. With fewer people on the lookout for attacks, it’s likely security protocols or responses could be bypassed, delayed, or overlooked altogether. In addition, employees who are on leave and feeling relaxed might be more likely to click on a malicious email attachment or link. This is an oversight that could be costly for your company.

The holidays are prime time for cybercriminals because more people are browsing online. More and more shoppers turn to online stores to purchase their holiday gifts, which means employees are likely browsing on company-issued devices too, putting your data at risk. Even if employees use their own devices, they could pose unknown risks to your company. For example, one of the most dangerous activities employees can engage in is using unsecured public Wi-Fi networks while shopping or traveling.

It’s easy to let cybersecurity fall by the wayside when you’re so busy trying to meet customer demands or prepare your teams for an extended vacation. Still, your increased diligence, especially during this time of year, can protect your company’s data and maintain your reputation.

What attacks should you be watching out for?

To properly defend your networks and data this holiday season, it’s essential to understand the types of attacks that most commonly affect businesses. Knowing what to look for can help you focus your efforts and thwart any potential attacks.


Phishing attacks are some of the most common attacks because they are the simplest and most effective methods of obtaining private data. Please read our complete guide on phishing attacks and what they often look like. In a nutshell, phishing scams are carried out most commonly through emails, where the sender appears to be an authentic email address. These emails attempt to capture passwords or install malware on the recipient’s system.

POS terminal attacks

With the influx of holiday shopping, POS systems have become a prime target for cybercriminals. They can place a skimmer on POS terminals that capture the card number and pin code. If you own a retail store, this type of attack could compromise your customer’s financial information and damage your reputation.

DDoS attacks

DDoS, or distributed denial of service, attacks occur when hackers attempt to make your website unavailable to potential customers. These types of attacks typically don’t expose your company’s data, but they can cost you valuable customers during a time when people are surfing the internet more than ever.

What steps should you take to protect your data during the holidays?

Now that you know what to watch out for, you can begin to take the steps necessary to protect your business – including all company, employee, and customer (or client) data. If you get started now, by the time the holidays roll around, you will be prepared and confident in your cybersecurity practices.

Ensure all systems and software are up to date

While this should be a routine practice for your business, it’s great to revisit this exercise prior to the holiday season. When your operating systems, malware programs, and all other systems and software are up to date, the latest security patches are installed that can deter cybercriminals from breaching your network. Be sure that automatic software updates are enabled whenever possible, so your systems can be continuously addressing bugs and security issues even when you may be enjoying a holiday vacation.

Back up important data

If your business does suffer a data breach or any ransomware attack, there’s a chance that your data may be gone for good. That’s why it’s so critical that you regularly back up your most important data to minimize business disruptions and keep your company running smoothly even though you’ve fallen victim to a cyberattack. Now is an excellent time to ensure that your backups are running regularly and adequately, so you can trust that they will be running at peak performance during the holidays.

Explore cloud services for your company

Investing in a cloud service provider can manage your data backups, security, and regularly launch software patches virtually. This provider can address security issues and manage updates, so you can focus on running your business during the holidays and all year long.

Level4 IT is continuously evolving to build out services that meet your needs, including proprietary solutions tailored to your business. We offer Private Cloud IT Services, which includes server hosting at our secure data center and Cloud IT support. We always strive to keep your business current with the latest technologies, so you aren’t left out to dry in the event of a significant catastrophe.

Secure your wireless network and utilize a VPN

We’ve already addressed the dangers of using public Wi-Fi, but a weak wireless signal or network can also make you vulnerable to cyberattacks. Always use the strongest wireless signal encryption settings (for example, WPA2) to keep hackers from seeing your network traffic.

Another option to explore is a VPN service that can allow your employees to log into your network virtually. VPN stands for virtual private network, and they allow secure and encrypted connections that offer better security than a Wi-Fi hotspot or a public connection.

Safeguard and change passwords

If you’ve gone the whole year without changing your passwords, now is a great time to review and address all of your business-related login credentials. Make sure that your passwords are unique, long, and hard to guess. Use a combination of letters, numbers, and symbols so that hackers have a more challenging time breaking the code.

Manage security risks for personal devices

If your employees use their own devices, like phones or laptops, to conduct business regularly, they could post an unknown threat to your data. Educating your team on proper usage and putting policies in place can save you during a time when many employees are likely working remotely. Check out our article on managing employee devices and how to mitigate cybersecurity risks in these situations.

Key takeaway: don’t let “the most wonderful time of the year” turn into the most awful time of the year for your business

A cybersecurity crisis is a costly and severe business problem that threatens to impact your company, employees, and customers every day, especially during the holidays. As internet traffic ramps up and your teams leave for some well-deserved time off, securing your network will ensure that your business will maintain operations through the holiday season and beyond. Share the checklist below with your employees to remind them of things they can do before heading out of the office.

Holiday Data Checklist

Suppose you want additional training for employees or are looking to launch new cybersecurity practices before the holidays are in full swing. In that case, the IT professionals at Level4 IT can help take your business from potentially vulnerable to entirely protected.

About Us

Level4 IT is a Computer and IT Management company located in Schaumburg, IL. We provide Cloud-IT Services, Computer Management, Server Management, Internet & Cyber Security, Data Backups, Cloud Services, and Technical Support for Small & Midsize Companies.

Our focus is to help businesses stay safe on the internet while providing ongoing Technical Management, Consulting, and Support. We help our clients stay ahead of the competition.

Contact us at 888-831-6412 or email us at info@level4it.com.