Many small business owners may think they are protected against computer viruses and hacks, but that may not be the case. In fact, too many small business owners don't do much to protect themselves. There are so many must-dos that accompany running a business that it's easy for tasks like protecting your IT infrastructure to be placed on the back burner. But the typical IT security problem can cost small businesses thousands of dollars to correct, and a couple of days of lost work time per year.
Few businesses can afford to be shuttered, even for a couple of days. Even if your "IT infrastructure" only consists of a couple of laptops, cybersecurity should be a top priority. Security tools like Sitelock can make this easier.
Why Hackers Target Small Businesses
Large enterprises are more likely to experience cyber-attack, but small businesses have been accounting for an increasing proportion of attacks for the past several years. That's because typical cybercriminals don't care who they target so much as what they target, which is money.
Furthermore, hackers and ransomware makers often target smaller businesses and startups because we don't typically have the big cybersecurity budgets that big corporations do, so they can be easier to infiltrate. If your company didn't develop a comprehensive cybersecurity plan for your business It’s time to get a plan together to protect their IT assets as soon as possible.
Important Steps for Business Owners to Take
There are numerous things you can do right now to improve the security of your IT assets:
- No Unknown Downloads. Make a rule against downloading files from unknown senders.
- Check Your Firewalls. Make sure everything is up-to-date on all machines.
- Use current virus protection on all devices. Keep it current and updated whenever new patches become available.
- Insist upon strong passwords. Weak passwords are like rolling out the red carpet for hackers to get inside your system.
- Update your operating system regularly. This is especially important when new security patches come out. Many computers do this automatically, but it's worth checking to see whether yours does.
- Use a virtual private network (VPN). These connect you to the web with an encrypted connection so data being shared online can't be seen by third parties. VPN providers offer secure data connections between remote workers and your office phone system, which can be especially helpful if you send workers into the field (for deliveries or repairs, for example).
- Make sure mobile devices used for work are secure. Don't store important passwords on any mobile device. Learn how to use "remote wipe" capability on your phones and tablets, and if your mobile operating system includes a "kill switch" that allows only the device owner to reboot it, learn how to activate it. They're typically not activated by default.
Don't Forget Physical Security
Physical protection is essential to IT security too. Mobile devices, in particular, are subject to being lost or stolen, so it's critical that all employees who use them understand the importance of keeping up with them. You can buy tracking devices like TrackR, which have you attach a coin-sized device onto something you don't want to lose and then track that device over the web. Low-tech physical security is as important as ever, so be sure your business has secure locks, shredders, and a fire-proof safe in addition to any alarm system you may have installed.
Trends in Cyber Security
Learning about trends in cyber security can help you protect all the hard work and other resources required for running your business. VPNs are becoming more prevalent as a cyber security measure, and more businesses are realizing the importance of disaster recovery planning. Employee training is one of the most crucial elements of a strong cyber security strategy, because if your employees aren't making use of good security practices, you can still be at high risk, even if you use a VPN or can remotely wipe devices. Cloud business applications typically have excellent surveillance for intrusion, controlled access, auditing, and strong perimeters that keep cyber criminals at bay.
Melinda is a founder and president of Quintessence Group, an award-winning marketing consulting firm based in Philadelphia, PA, serving Fortune 500 brands who target small businesses.