Kanna Knowledge 

Your Source For News and Commentary on Cannabis
for the Insurance Industry

Subscribe to our Newsletter Updates

Keeping a cannabis business safe from cyber attacks is generally not a one-and-done procedure such as installing a single software program. Rather, it requires a variety of procedures used together to create what hopefully can be an impenetrable barrier.

Seeking help from a managed services provider or other IT company is the best advice; these companies can analyze a business for security shortcomings and recommend hardware and software solutions to plug any holes. But regardless of whether a cannabis company enlists service providers or chooses to start on its own, there are proven steps to take that can help protect vital information — of the company and its customers. These include:

  • Insist on strong, secure usernames and passwords. Go for a minimum of fifteen characters, including special characters as well as letters (both capital and lowercase) and numbers. And change them regularly.
  • Immediately change any default passwords that IoT equipment manufacturers provide to your own proper passwords. Otherwise, these known or easy-to-guess passwords will allow criminals access to your cameras, your thermostats, your lighting and more. 
  • Back up everything, at least daily. That goes for data, files, applications, everything. Be prepared for “crypto” or “lockout” attacks that scramble data and/or prevent access.
  • Install and manage a firewall that keeps unauthorized users out and guards against attacks. Continuously monitor for intrusion attempts and block malicious IP addresses.
  • Grant access only to authorized people. Make certain that lower-level employees, visitors or suppliers cannot view or copy data from your systems.
  • Purchase hardware with the power to do the job. An underpowered server, a slow Internet connection, a low-quality router and similar equipment compromises will not just impact performance, but also cause vulnerabilities hackers can exploit.
  • Similarly, don’t purchase consumer-grade equipment and expect it to perform securely in your commercial environment. A cheap home security camera can likely be hacked, while a professional camera will have more layers of protection.
  • Keep track of POS terminals, iPads and other devices. Especially in point of sale situations, stolen hardware can lead to unwelcome intrusions. And watch for customers or visitors hacking your devices by surreptitiously using a flash drive to load malware onto your system.
  • Make all your WiFi protected and secure. An open network provided for customer convenience can be hacked.
  • Test your security measures frequently to make sure they’re working.
  • Have a contingency plan prepared and ready to implement should a security breach occur.