Friday, 12 May 2017

Cyber Security Tips for Your Small Business

Your business is your lifeblood and your dream. Imagine what would happen to you if your business were attacked and ruined. You cannot anticipate every problem you might face, but you can protect yourself from cyber threats. Let me rephrase that: you must protect your business from cyber-attacks!
For instance, a recent customer survey revealed the following facts:
  • 96% agreed or were unsure that OS X alone provided sufficient security
  • 44% of respondents use their Mac for work
  • 66% said that their company uses mostly Macs
  • 61% of customers used unsecured Wi-Fi regularly.
Did you know any of this? No? Can you guess who does? If you answered criminal hackers and cyber attackers, you’re right. You do not have to become a cyber security expert, but you do need to protect your business.
  1. Be Chicken Little
The first step in protecting your business is to recognize that your business, no matter what small concern you own, is a prime target. Figures from the last two years show that internet infiltrators have targeted anywhere from 43-50 percent of small businesses. The number one reason hackers have been so successful at infiltrating small businesses is that most owners think they are not targets. Nothing could be further from the truth.
No matter the business, you have employees whose personal information, including banking, is at risk. Do you have customers? Their information can be accessed through your business records. Not to mention your company’s information and access to company funds. You might think your ice-cream shop has nothing to tempt hackers but, if even one of your customers has her identity stolen from your OS, the sign on the front of your store could go from Get the Scoop to Out of Business.
  1. Educate Yourself
You know that when you own a business, every aspect of it is your responsibility. That means that you need to learn what kind of attacks are most prevalent and how to guard against them. Here are three of the most documented types of attacks.
  • Phishing: This is the most common and perhaps easiest to prevent. Phishers are the ones who send all those fraudulent emails. The hope is that someone at your business is either real bored or real curious. Just clicking on one of these can release malware that can either damage your OS or even steal sensitive information.
  • APTs: This acronym stands for Advanced Persistent Threats and is probably the most insidious of all the attacks. Hackers use several small attacks over a period of time. Each incursion is meaningless, but they become instantaneously damaging once enough attacks have occurred and become linked. The problem is that you will never know about any of the smaller attacks until they drop the big one.
  • Inside Job: Employees have all the information they need to penetrate your system. Current employees are very unlikely to attack your business. Disgruntled former employees have all the information they need to penetrate your system. You get the point.
This is not an exhaustive list by any means. To protect your business, you need to keep educating yourself.
  1. Prepare Before You Open your Business
You must have a plan in place before you open the doors. Start by getting one of the best anti-virus systems on the market. In addition, ensure you have a data backup solution in case files needs to be restored, as well as encryption software to protect sensitive records.
Next, train your employees. Training employees before they start working seems to be on the decline. This trend can be especially true for small businesses with limited budgets. It can also be a disaster. They need to know before day one how to avoid putting your business at risk. Follow the link for a list of some of the most common ways your employees can spot a phishing email. They need to know how to spot and avoid these.
  1. Stay Vigilant and Active
There are many on-going steps you need to take throughout the life of your business. First, insist that all passwords are changed every two-to-three months at the longest. Many business owners put this rule in place but never enforce it. When those passwords are established and, later changed, they need to be at least 12 characters in length with a combination of numbers, symbols, and upper and lower case letters.
Next, update your hardware before your computers become too old. The older your computers are, the more susceptible they are to the latest cyber-attacks. This can be difficult for a small business so plan to replace a few every year.
Finally, make sure to change all passwords and security information when you have employee changeover. If you make this your standard practice, you avoid casting an unintended negative light on your former employees by changing passwords when one leaves but not another.
You need to protect yourself and your business from dangerous malware and other cyber-attacks. If you have read this far, you are off to a good start. But you need to keep educating yourself. To be safe, and to keep everyone involved in your business safe from customers to employees, plan to keep learning as long as you plan to have a business.