10 Tips for Improving Small Business Cyber Security
Cyber security should never be taken lightly; even at the smallest of companies.
At ThrottleNet, we understand the challenges it takes to run a business, because at the end of the day, we’re a business, too. We know that for some, staying up-to-date on the latest trends in small business cyber security while keeping track of everything else is difficult.
However, in light of recent ransomware attacks like WannaCry and the growing sophistication of phishing attacks, all small businesses owners should have a basic understanding of cybersecurity and the measures they can take to prevent a breach from hurting their business.
A good place to start is this resource from The Small Business Administration (SBA) which offers ten small business cybersecurity tips that can be used to help secure your company. Below are our thoughts on these items, and how you can start acting to help protect your business.
Always have Protection from Viruses, Spyware & Malicious Code
Viruses are still a thing in 2017, and for business, all computers should be equipped with updated antivirus and antispyware software. You can’t set and forget antivirus software. Top brands are always providing patches and updates to protect against new threats as they become known. Configure your software updates to install automatically to save yourself or your IT department the hassle, and ensure you’re always protected against the newest threats.
Secure Your Networks!
Always use a firewall and encrypt your information. Your Wi-Fi network should be secure and hidden. Do not publicly broadcast your network name and make sure your router is password protected. A bonus tip – your password should not be password or 123456.
Have Policies in Place to Protect Sensitive Information
You should protect your network from more than just external sources. Some of the biggest data breaches occur because of employees. While sometimes this is done maliciously, that isn’t always the case. All companies should have policies in place that clearly define how to handle and protect personally identifiable information and sensitive data, while outlining the consequences of violating these policies.
Hold Your Employees Accountable
Education is maintaining small business cyber security. Make your employees aware of online threats and the steps they can take to protect your businesses’ data. This includes education on using social networking sites where employees can very easily introduce competitors to sensitive details about your business. Make it known that sharing trade secrets is not tolerated in any way. Employees should be tied to internet security policies both on and off the job.
Use Multi-Factor Authentication
Implement a multi-factor authentication system that requires additional information along with a user’s password. While there is some debate over whether or not it’s a good idea to make employees change their passwords on a regular basis, multi-factor authentication including use of security questions, biometric scans and CAPTCHAS can help prevent your data from falling into the wrong hands.
Use Best Practices When Accepting Payments
How many times have you gone to a convenience store or grocery store that has EMV chip readers but hasn’t gotten them working yet? Probably a few times. The compliance deadline for companies to make EMV the norm was in October 2015. If you take payments, work with your bank or card processors to ensure that they are using validated tools and anti-fraud services.
Backup Your Data
We can’t overstate the importance of regular data backups for small business cyber security. Doing so helps protect your business in the event of disaster. Full-scale data loss can occur as a result of physical server destruction or a cyber-attack. Make sure that your critical data is backed up automatically and stored either offsite or in the cloud.
Control Access Only to Authorized Individuals
When employees leave the office with their laptops, make sure they are locked and password protected when unattended. Every employee in your business should have a unique user account and a strong password. Only give admin privileges to your IT staff in order to prevent end users from potentially downloading pirated software or moving critical data.
Have a Mobile Device Policy
Today, most employees have work email on their phones. This can open the doors to even more security concerns as the user is often accessing confidential data on their phones off-premise. Always encrypt data, install security apps and password protect these devices.
Protect Your Website with an SSL
A secure socket layer (SSL) should be installed on every page of your public facing website and just not the checkout and sign up pages. An SSL makes sure that data is transmitted securely over the internet between a computer and a network server, making it nearly impossible for a hacker to steal information from your site. As a bonus, Google gives brownie points in its algorithm for having an SSL if SEO is important to your business.
Too Much to Handle? Contact ThrottleNet
We understand that improving small business cyber security is a lot to worry about, especially if your business doesn’t have the resources to stay on top of the ever-changing IT industry. As a full-service Managed Network provider, ThrottleNet has the expertise and resources to ensure your business is always protected. Contact us today to learn more about our services and what we can do to help your business grow.