While many entrepreneurs believe that cyber attackers are not interested in small businesses, that’s not the reality.
In fact, more than 70 percent of cyber attacks take place at businesses with less than 100 employees, according to a report by Verizon Enterprise.
The reason for this high number is most likely due to the fact that small businesses are known for having insecure networks, as well as tiny budgets for security, a lack of security expertise and risk awareness, little employee training and few security programs in place.
But you can protect your small business from cyber attacks by following these tips…
Educate employees about cyber threats
Teach employees how to protect the business from online threats. This includes safeguarding all data, safely using social media, using strong passwords that change frequently and implementing multifactor authentication. Be sure to hold all employees accountable for security procedures and outline the consequences for violating policies.
The most common internet scams take place in emails and they’re known as phishing email scams. Playing off the bait and hook process of “fishing”, phishing emails lure people into divulging their login info by mimicking legitimate correspondence from legitimate companies. Usually these companies are banks.
Phishing emails will warn you that your account has been compromised or to verify information and prompt you to click a link to login to solve the issue. You’ll be led to a website that looks legitimate but is actually fake, where you enter your personal info, giving hackers direct access to your bank account.
So, how can you tell a phishing email from a legitimate email? Look at the sender’s email. If the email says it’s from your bank, but the email address looks random, it’s a phishing email. Another way to know is to look at the URL of the provided link. Does it begin with https://? Legitimate sites that ask you for login credentials start with https://.
Educate your employees on phishing emails and tell them to never click on any links in emails unless the source can be verified.
Use a firewall
A firewall provides a barrier between cyber attacks and a company’s data. While external firewalls do offer protection, businesses should also consider internal firewalls, as well as home firewalls for remote employees.
There are many options to chose from when it comes to firewall security, but here are the top 5:
- FortiGate 30E
- SonicWall TZ400 Security Firewall
- Cisco Meraki MX64W
- Protectli Firewall Appliance With 4X Intel Gigabit Ports
- WatchGuard Firebox T15
Install virus and spyware protection
It is vital to have anti-malware software on all company devices and networks. Be sure that your antivirus software and anti-spyware automatically install every update. And please note that the built-in security features of a PC/desktop are not enough to secure your business. You’re going to need to install a third party anti-virus.
This can be expensive but cyber attackers are always looking for an open door, a way to get at your personal information and destroy your business. That’s a much higher cost to pay for not taking steps to protect your business.
Don’t forget about mobile devices
Many of today’s businesses allow employees to use their own mobile devices for work. As a result, it is critical to create a Bring Your Own Device (BYOD) policy that outlines security precautions, such as automatic security updates and password changes.
Be aware that the same tactics cyber attackers use in emails (phishing scams) are the same tactics they’ll use only via text. If you use your phone for business and receive a suspicious text with a link, don’t click on it. Like email scams, phishing scams will also try and mimic legitimate correspondence.
Back it up
Last but not least, you need to regularly back up all data, including databases, human resources and financial data, electronic spreadsheets and all data stored in the cloud. Small business owners know they should do this, but wait until it’s too late and they’re data is breached by a cyber attack or outage.
This a hard and costly lesson to learn because in the business world, downtime equals lost business (29 percent of small businesses lost revenue and 52 percent lost productivity due to a typical outage). This is a risk you can’t afford to take.
If you haven’t started your business yet, back up your data on the cloud on day one. If you’ve been around for awhile, it will take some legwork to get everything uploaded, but it’s better to spend time securing your data then more time trying to recover it.
The key to protecting your business from cyberattacks is staying on top of current trends involving prevention technology, as well as methods of attack. Because cybercrime grows more sophisticated each and every day, it is essential to make security a businesses priority.