Too many small business owners have been playing Russian roulette when it comes to their company’s cybersecurity standards. In a way, it’s almost understandable. After all, it’s only the high profile data breaches that make the headlines. But the truth of the matter is, small businesses are as much of a target for cyber attacks as their larger counterparts. Perhaps even more so.
If we look at Cisco’s end of the year Cybersecurity Report for 2018 we find that more than 50% of small businesses in the US have been victims of a cyber attack. That same report showed that more than half of those attacks cost the companies involved as much as $500,000. That’s a sizable loss for any firm, but it can sound the death knell for a small business.
Why are Small Businesses Targeted?
Cyber criminals are typically after personal data that can be used in identity theft and credit card scams. While large corporations have bigger data pools they also have more substantial security defenses in place. Frankly, it’s just more lucrative for cyber criminals to breach a dozen small businesses than to hammer endlessly on the gates of a larger firm’s cybersecurity front-end.
In short, hackers tend to go after the easier pickings, and if your cybersecurity standards aren’t up to snuff that puts your company in the cross-hairs. Now is the time to review your business’ security protocols and take any necessary steps to bring them in line with recommended standards.
11 Tips to Improve Your Cybersecurity
Updating and improving your company’s cybersecurity protocols should not be a daunting proposition. There are some simple steps you can follow to enhance your data security and protect your customer’s valuable personal information.
- Train Your Employees in Data Security – All of your employees should be instructed in basic security practices. Establish strict guidelines for internet use, and set rules for the handling and protection of customer data. Establish and enforce reasonable penalties for violating company cybersecurity standards.
- Control Access to Company Computers and Networks – Access to company computers should be limited to authorized personnel. Each employee should be assigned a dedicated user account and administrative privileges should be restricted to highly trusted key members of staff.
- Encourage the Use of Strong Passwords – 81% of data breaches are the result of weak passwords. All employees should use unique passwords, and those passwords should be changed every three months for added security.
- Protect Computers and Networks from Attacks – Upgrade to the latest operating systems, web browsers, and security software to help protect against malwar, viruses and other online threats. Make it a point to schedule regular antivirus scans of all machines, and keep all key software updated to the latest iterations.
- Maintain an Active Firewall – Safeguard your internet connection with an active firewall and be sure to encrypt all data. Remote workers should follow similar protocols on their personal computers and networks.
- Secure Wi-Fi Networks – Workplace Wi-Fi networks should be secured, encrypted and well hidden. To hide your Wi-Fi network set up your router so that it won’t broadcast your network’s name or Service Set Identifier (SSID). Password protect all access to your company router.
- Secure Mobile Devices – Mobile devices bring greater flexibility to the workplace, but they also present some definite cybersecurity challenges. All mobile devices should have data encryption software installed and should be password protected for added security. Up to date security apps should also be installed to protect valuable data when the device is connected to a public network.
- Backup Important Data – Critical data on all computers and mobile devices should be backed up regularly. This includes (but is not limited to) financial files, accounts receivable/payable files, human resources documents, word processing documents and customer databases. Backup data should be stored off-site or in the cloud for added protection.
- Use Best Practices for Payment Cards – Payment systems should be isolated from other, less secure, programs. As such a dedicated computer terminal should be assigned to process any and all customer payments. Work with your bank to ensure that sufficient anti-fraud services are in place to protect payment information.
- Restrict Employee Access to Data – No one employee should have unlimited access to all of your company’s valuable data. Employees should only be given access to the data systems they need to fulfill their job description.
- Limit Authority to Install Software – No employee should be allowed to install or update software without authorization from a supervisor. Infected software accounts for a large percentage of cyber attacks so it is vitally important to closely monitor the installation of all software.
Following these simple tips will go a long way towards improving your business’ cyber security standards. But there is one more layer of protection every small business owner should consider.
Added Protection through Cyber Insurance
Companies that have been victims of a data breach can face significant financial losses, and those losses can be particularly crippling for smaller businesses. Cyber liability insurance can help you protect your business should it become prey to hackers and other cyber criminals.
Cyber liability coverage addresses most of the key concerns of business owners who have suffered a costly data breach. Covered incidents include data breaches where customer and employee data has been stolen, the theft of proprietary information, and attacks from ransomware. Cyber liability insurance also provides much need funds to cover legal fees and fines following a data beach as well as the cost of data recovery.
As cyber crimes become more common, and data thieves become more ruthless, small business owners need to protect themselves. Cyber liability coverage is one way to safeguard your company in times of emergency and to limit any financial losses due to an unexpected data breach.
No business, regardless of size, is entirely safe from cyber attacks. Hackers are constantly developing new ways to breach a company’s firewall and steal their valuable information. Now, more than ever before, business owners need to take steps to shore up their security standards and bring them in line with industry best practices.
The tips we’ve discussed here should go some way towards setting you on the right path. However, business owners and office managers need to remain diligent. Keep an eye on cybersecurity trends and update your security protocols as needed. Educate your employees and ensure that they are following your lead when it comes to securing your business’ valuable data. The security features you put in place today could help save your business in the future.