It seems like cyber attacks are now making the news on a regular basis. As our daily lives have become more dependent on computers, the risks have escalated exponentially. Without computers and the electricity to power them, our economy would come to a screeching halt.
Being a small business doesn’t mean you won’t be a target. In fact, you’re probably more vulnerable than big businesses because you haven’t spent many thousands of dollars protecting yourself. If you know you should be concerned about possible attacks but haven’t done much of anything about it, you’re not alone.
It Starts With Your Website.
For many small businesses, everything revolves around their website. Products are displayed and purchased online, eliminating the need for a retail store and the accompanying overhead expense. It’s fast and efficient until it’s hacked and infected with a virus. When that virus infects every visitor to your site, you’re likely to be blacklisted by Internet search engines. When Google warns potential visitors that you’ve got malware, you’ve got a very serious problem on your hands.
The damage can be worse than shutting down your website; it can put you out of business. Software that tracks your keystrokes can be used to steal passwords and access your bank accounts. They can steal trade secrets, customer lists, intellectual property, and other confidential information that would be valuable to your competition. They can take over your social media accounts and post derogatory comments that disparage your business and customers.
Should your business survive such an attack, the time and cost to repair the damage are enormous. The answer is to take reasonable, affordable actions to raise the level of awareness and security so that you can repel most attacks.
Creating strong passwords may be the easiest action you can take and it costs nothing. Never use the same password for more than one account. You can check the strength of your passwords at sites such as this: https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx.
You should also change all passwords at least every six months. It’s a hassle and takes time, but the payoff for extra security is huge. This seems obvious, but don’t store a list of passwords on your computer or anywhere else where they can easily be found.
The free software you might be using on your home computer isn’t good enough for your business. There’s far too much at stake to skimp on the level and scope of protection that’s adequate to protect it from most threats. The minimum business-class security suite should include antivirus, spyware, spam, phishing, and malware protection.
Private networks need firewalls that help screen out hackers, worms, and viruses that will attack your computer via the Internet. Firewalls can be either hardware or software, but the best solution is a combination of both. A router can provide a network firewall, but each computer should also have a software firewall to help prevent the spread of a virus among the computers in the network. A firewall can also be used to allow remote access to your network through secure authentication and login procedures.
A virtual private network (VPN) facilitates the extension of a private network across the Internet. This affords you the security of your private network while enabling you to send and receive information across public networks. Most VPNs are encrypted which allows you to connect securely to a remote network over the Internet to access files, printers, and applications. If you don’t have the expertise to set this up, consult with someone who does.
Never download or install a software update without verifying that it’s from a trusted source. Updates should come from approved sites that adhere to systematic notice and installation procedures that you’re familiar with. You can eliminate most suspicious links simply by analyzing the uniform resource locator (URL or webpage address).
Create and routinely update a list of all electronic devices that could potentially compromise your business if lost or stolen. Also note the general nature of the type and sensitivity of information on each device. This should include all computers, laptops, tablets, smartphones, and external drives. If anything turns up missing, you want to know about it right away. You might be able to minimize the damage by finding it or altering passwords and access to your other devices.
Policies and Procedures.
Establishing policies and procedures for protecting your information is especially important if you have employees. Everyone should understand how critical it is to be conscious of security at all times and how to properly handle confidential information. This includes the creation, usage, transmittal, and destruction of information that would harm your business if it fell into the wrong hands. Provide appropriate training on dealing with email attachments, working remotely, and how scammers and hackers gain access to stored data.
Consider hiring a cyber security consultant if you need help setting up systems to protect your data. When you understand how much damage a cyber breach could cost you in terms of time and lost business, this expense will be worth it in the long run. Even if you do it yourself, you should still hire a security expert to do an independent audit after-the-fact. This will provide you valuable peace of mind that you’ve done it right. You might also consider purchasing fraud protection insurance as an added layer of financial security.
Cyber crooks know that many small businesses aren’t protected the way they should be. The solution is to take action before they take action against you that could cripple or destroy your business. You don’t want to be among the 20% of small businesses that are victimized every year by cyber attacks. According to the National Cyber Security Alliance, 60% of those targeted businesses fail within six months of an attack. If you’ve had cyber security on the back burner, thinking “it will never happen to me,” now’s the time to go on the offensive.