It’s true: large companies can be targets for cyber-attacks. We’ve heard of the attacks on Facebook, Capital One and Quest Diagnostics, but what about the smaller businesses that have experienced compromised data? In a recent study, two-thirds of executives interviewed believed cyber-crime won’t affect their small business and many of these same businesses have no cybersecurity strategy plans in place at all. Below, we’ve compiled a list of tips from the Federal Communications Commission to help small businesses in this age of technology.
One-way small businesses can protect their business from a cyber-attack is to train the employees in your business’s security principles. Every business should have basic security practices in place to include the usage of strong passwords, guidelines for using the internet and rules of behavior on how to handle as well as protect customer information and any vital customer data.
It’s also important to protect information, computers and networks from cyber-attacks. Make sure the employees in your office have the latest security software on their computers, updated web browsers and operating systems with the best defense against viruses. If software updates are available, make sure they are installed. It’s also important to provide a firewall security system for your internet connection. Do some of your employees work from home? Ensure their home systems are protected, too.
Mobile devices can also create a significant security risk, so it’s important to require users to rely on password-protected devices. Create a mobile device action plan by installing security apps to prevent criminals from stealing personal information when the phone is on public networks and set reporting procedures for lost or stolen equipment that the company may own.
If it’s important information or data related to the business, make back-up copies. In any sized business, it’s crucial to back-up your data. Anything from word processing documents, electronic spreadsheets, databases, financial files, and human resource files and accounts should be backed-up. Automatically backing up the information would be ideal but if not, back-ups should happen at least weekly and copies should be stored off-site.
Laptops can be an easy target for theft, so it’s important to secure them when not in use. Make sure a separate user account is created for each employee using a shared computer and also require strong passwords. Trusted IT staff and key administrative staff should be the only ones with access to the passwords. Additionally, if you have a Wi-Fi network at work, it should be secure and encrypted. You can hide your Wi-Fi network as well so it cannot be broadcasted and use password protection to the router.
With your bank, make sure the most trusted validation tools are in place. Every bank may have different standard policies when banking with them, so it’s important to know what anti-fraud services are in place. It’s also important to limit which employees have access to data and information, especially when using the company charge card. It’s also helpful to not always use the same computer to process payments.
Employees should only be given access to the data systems they use on a regular basis and should never be allowed to install system software or programs without authorization and/or permission from management. Passwords should be unique and changed every three months. If you have questions, refer to your vendors that handle sensitive data and see if they offer multi-factor authentication for your account.
There are many IT Professionals that can help you with your cyber security plan, offering tips to keep your business information safe and strategies in case of a cyber-attack. By having a strong communications plan in place with vendors, employees and your IT team, it’s likely your data will be safe and secure today and in the future.