As a small business owner we own many hats. We also doing a lot of plate spinning and ball juggling.
As if that isn’t enough, now we need to prepare ourselves for war?
Recent studies show that SMB’s now suffer the lions share of cyber attacks and Malware infections. They also generally lack the resources to make these data breaches disappear in the way that large corporations can.
Fines and Fees have potential to put us out of business and the loss in customer trust after a breach can lead to a churn we didn’t prepare for.
The sad but very real fact is that if we ignore this risk, or fail to prepare for it we won’t be in business much longer.
“Cybercrime is the greatest threat to every company in the world.” – Ginni Rommety
Surely hackers are only after the big boys?
Don't make the mistake of thinking you're too small to attract the attention of hackers.
The problem is that Hackers are no longer a small minority. They are everywhere. And while it might be difficult and time consuming for them to break into the network of a large corporation, its relatively easy for them to attack small businesses with ransomware or steal their staff and customer information and sell it on the dark web.
While we were researching our own businesses vulnerability on the Dark web recently we were astounded at the information available to purchase for other Hertfordshire Businesses.
Believe me this is now a ‘when’ not ‘if’ situation and Small businesses need to get serious about upgrading their protection.
If your current Cyber security strategy involves crossing your fingers and hoping for the best. You need to think again! The good news is there are many ways you can help to keep your data safe from malicious criminals.
3 Main Areas To Think About...
Recognise You ARE A Target.
“58 percent of malware attack victims are categorised as small businesses”
As attempts to compromise your systems cost hackers virtually nothing and it only takes one successful effort for them to strike it rich, you should expect to be hacked at some point.
Don’t assume it won’t happen to you and prepare accordingly. Make advanced protection and prevention your Number 1 budget priority
Establish Rock Solid Security Practices
You need a system in place to deal with the consequences of an attack to safeguard your business and your customers. Nothing will protect you completely, but a layered approach is the way forward. A security system with several layers is difficult to hack. So, even if your data is targeted, getting through the many tiers of security will be a hassle. If you can demonstrate to your customers you are actively taking measure to protect them they will be far more understanding should there be a breach.
- Keep clean machines: having the latest security software, web browser, and operating system are the best defences against viruses, malware, and other online threats.
- Install a Managed Firewall. This is a comprehensive suite of programs that prevent outsiders form accessing data on your business network
- Create a mobile device policy – get users to password protect devices and encrypt their data.
- Back Up your Data , offsite or in the cloud. HUGE mistake to ignore this one
- Secure WiFi Networks
- Control Employee Access to Data Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended.
- Password policy / Multi-Factor Authentication. Require employees to use unique passwords and change passwords every three months. Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry.
Train Your Employees Continuously
Your employees are the most vulnerable part of your business from a cybersecurity standpoint. It’s crucial you continuously train them to be more vigilant.
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behaviour describing how to handle and protect customer information and other vital data.
Make it part of new employee induction/ onboarding.
Small businesses need to know there’s no “one and done” technical solution to cyber security. It needs to be a layered approach that includes many basics, such as knowing what data needs protecting and where it’s stored, putting firewalls in place, encrypting data, communicating company-wide policies for securing data, training employees on what not to click, and developing and practicing an incident response plan.
If you currently outsource your IT to an MSP make sure they are putting the focus on security. Check that they properly vet and test the security solutions that are available and needed by your organisation.
If you are worried and would like to discuss what security solutions are available to help protect your business give our team a call on 01582 935070