Own a small business? There’s some bad news: you may be a target of cyber criminals. Small business cyber attacks accounted for 42% of all data breaches in 2018, which means that if you aren’t fortifying your business, you may just end up as an ideal “sucker” for a hacker with the motivation to steal money.
But if you’re reading this before you become the target of cybercriminals, there’s good news: you still have time to change the way you handle your information security. Here’s what you’ll need to know to keep your business on solid footing:
Why Small Businesses Have to Be Especially Careful with Cyber Threats
As a small business owner, it’s tempting to hear about big data breaches like the Experian Data Breach and assume you’re relatively safe. After all, the big threat is to individuals, right? And if you’re lost in the wider data breaches, what are the chances someone targets you?
You’d be surprised.
SMBs can be enticing targets for cybercrime. Small businesses spend more money than individuals do, after all. And while a small business owner might take steps to lock up their personal information against identity theft, they sometimes forget that their small business needs even more protection.
Tips for Small Business Owners to Boost their Cyber Security
What can you do to shore up your business’s current level of security? Here are some basic tips to use if you haven’t done them already.
- Invest in antivirus and antispyware software. Every computer terminal at your business is a potential gateway into cybercrime. If you don’t have every computer protected, it’s a bit like having none of them protected. Invest in business-grade antivirus software so you can add that software to each workstation.
- Secure your network. Your individual workstations aren’t the only windows that might allow a malware attack. Your network’s interaction with the Internet needs to be secure as well. ComputerWorld advises using encryption at wireless access points as well as hiding your SSID (Service Set Identifier).
- Be careful about how you set up payment systems. Using business cards that have the latest security options to make your big purchases that much more secure. You’ll also want to set up fraud alerts on all business cards so that you receive notification quickly if something happens. If you’re unsure about your current features, simply give your business credit card company a call and express your concerns. You may find that they have more options than you even considered.
- Create a system for backing up essential files. One major threat these days is that too many small business owners rely on cloud computing for their storage. But what if you don’t have Internet access for a while? What if something goes wrong? Do you have local and redundant backups for the most essential files? If not, now’s the time to consider investing in a system that will handle these backups for you automatically.
- Put a contingency plan down on paper. Let’s say that your business finds itself in the midst of a new cyber security threat. Maybe there’s been a data breach or someone accidentally exposed your company to a phishing scam. What do you do? If you’ve never encountered this before, the answer is easy: you have no idea what to do. That’s why now’s the time to put a plan on paper. Who do you have to call in a situation like that? What do you have to shut down? What contingencies do you have to put in place? Do you have a contingency in place if there are problems with your mobile devices as well?
Additionally, the Small Business Administration recommends protecting all of the pages on your public-facing websites for enhanced security. The SBA also has additional resources to help you upgrade your cybersecurity plan. You’ll also want to watch your social media use, and make sure that you have strong social media passwords present to avoid hacking attempts getting through.
Strategies to Improve Cyber Security
The above tips will give you a head start in tackling your cyber crime risks. But you don’t just want to try one tactic once and hope for the best. You want to implement a strategic approach to dealing with issues like phishing, malware, and cybercrime.
Here are some strategies that you should include in your regular habits as a small business owner:
- Add cyber security training to your onboarding process. You should already have an “onboarding” document for anyone that joins your business. It’s not difficult to add cyber security training to this process. Include your contingency plans in the employee manual and make sure that you dedicate some time to teaching employees about how phishing scams and malware might target their bad habits.
- Give yourself regular “spring cleaning updates.” Spring cleaning isn’t just for those dust bunnies in the corner anymore. You want to practice good digital hygiene here. The National Cyber Security Alliance includes a digital spring cleaning checklist for SMBs that will help keep you secure.
- Choose strong passwords. Your birthday isn’t going to be a strong password; it’s something someone is going to guess immediately. Instead, use randomly-generated passwords that are difficult to crack by using password management software. Make sure that you retain data backups of these password files as well.
- Know what you’re facing. Confused by terms like Spear Phishing? Spam? Malware? Ransomware? Botnets? You’re not alone. You have to define the problem before you can hope to make any headway in your small business’s readiness. We recommend brushing up on online safety basics if you find your head spinning with all of this advice.
- Maintain your cyber security software. Getting notices to update your cyber security software? It’s not there because they just want you to install something for no reason. They want you to have the latest updates so that their software is as effective as possible and you’ll have a reason to keep using their software. Listen to the prompts when you’re supposed to update your software, and make sure that everyone in your small business does the same. Look at options like Symantec to help protect your sensitive information.
- Keep access restricted. It’s great to trust your employees, but limiting access to key business features is a good habit, no matter how you feel about your employees. The National Cyber Security Alliance recommends you “limit access to data or systems only to the employees who require it to perform the core duties of their jobs.”
When your cyber security is threatened, you’ll also want mobile notifications in place so you can take swift action. Make sure you keep your team together with Grasshopper Connect, ensuring that even when your computer security isn’t working the way you should, your business’s phone systems still run like a well-oiled machine.