As the owner of a small business, cybersecurity might not top your list of everyday tasks, but it should. The threat of a cybersecurity breach goes far beyond mere viruses or even hackers.
Cybersecurity matters for small business owners. Your best defense is a good offense. Taking your security seriously protects not only your business data but your brand and reputation. Businesses have a lot to lose besides files.
Many small- and medium-sized businesses don’t have appropriate staff to plan for or mitigate cyber attacks. Sole proprietors especially try to handle things themselves. The SEC reports this is the case for 83 percent of sole proprietors and small businesses.
In companies with less than 50 employees, only 29 percent know how to improve cybersecurity and fewer knew how to respond to a computer attack.
Recognizing the Threat is Real
Don’t assume you’re safe because you run a small business. A Symantec study revealed that more than 43 percent of computer attacks in 2015 targeted small businesses. As the US Securities Exchange Commission explains, small business became a more attractive target as managed services, especially software as a service grew because small business provides an easier entry point to then infiltrate the larger target.
According to a 2014 National Small Business Association survey the median cost of a small business cyber attack is $20,752. While it may seem a small amount in comparison to corporations, does your small business have nearly $21,000 in extra funds lying around?
Many business owners think companies like Target or Equifax remain hackers favorite targets. Those attacks make headlines. But hackers choose small businesses because they don’t prepare their offensive measures.
Small businesses make easy targets. Only 14 percent of businesses reported to Symantec that they felt prepared to deal with cyber security threats. More than a quarter of small businesses have no protocols in place and have issues even backing up data. As daunting as it may seem, you can easily prepare your business for the worst and preparation can protect it.
Cyber security Protection Tips
You can protect your data and your customers by protecting your website, office computers, mobile devices, and servers.
Follow these tips for a better-protected business:
- Work with a cybersecurity professional to develop a security and continuity plan that addresses basic protocols to ransomware protections.
- Choose a secure infrastructure and data storage solution.
- Apply available security patches to software as soon as it is released.
- Purchase enterprise equipment, anti-virus, and security software.
- Provide and mandate employee training. A company’s own staff cause about 60 percent of security breaches, according to IBM.
- Enforce an Internet use policy that limits use to work-related activities only.
- Invest in cybersecurity insurance.
- Develop computer and online policies and a security and continuity plan.
- Implement content and website filtering. Employees don’t need to visit social media sites, for example, on company devices nor use its WiFi to do so.
- Purchase and install security software that includes e-mail protection.
- Implement network segmentation.
- Use privileged account management to create an audit trail for internal activity.
- Develop a security awareness training program for your staff.
Internal Threats Should Not Be Dismissed
Some businesses ignore internal threats but plan well for a potential hack by outsiders. It’s important to plan for what you may consider unthinkable. An employee could lash out in anger, deleting important files, or a fired worker could use their last day to maliciously harm the company by infecting its systems with a virus. Your security plan needs to cover these threats.
Cloud Computing Best Practices
An emerging area of computing and concern for small business cybersecurity, cloud computing provides an immense utility with its own security issues. Cloud computing technology significantly increases productivity and reduces costs. It also increases a company’s cybersecurity risk.
Whether you’re just setting up a cloud computing system or have been using cloud apps for some time, implement the following security best practices to keep your data safe on its back up servers and in managed apps.
One of the age-old pieces of advice, “Create a strong password.” matters even more in the cloud. Use upper and lower case letters, numbers and special characters to create a password. Don’t use common words or easy to guess information like your birthday or pet’s name.
Set up your business’ security software to automatically update on each system without employee interference or intervention. Ensure that the security software gets installed on every system and server. This may require updating some equipment.
Also, ensure that your Internet service provider and cloud apps implement strong security measures and automatically update their security software. Your data only remains safe as long as their servers do.
Plan for the Internet of Things
Although only about one percent of smart devices currently connected as a part of the Internet of Things that number grows daily. While it enhances productivity, it provides hackers a new entry point to servers. Networked copiers and printers provide a launch point for lateral attacks. When interviewing potential consultants, ask about their IoT recommendations. Their ability to effectively address this emerging area of concern reflects their abilities to develop an appropriate plan and reveals how current the consultant stays on industry developments.
You can easily keep your business cyber-secure by hiring a consultant and working with them to develop a plan tailored for your business. You must implement and enforce it to make it work. Your company can remain secure and prepared for the latest threats. It takes careful planning and execution.