In countless ways, the internet and mobile devices have flattened the world for small businesses. No longer do you need a big IT department to have access to time saving and stimulating productivity and creative tools; just load up a cloud-based tool and you’re good to go.
There’s just one downside. The rise in reliance on web services and mobile devices has also increased the number of security threats small businesses face. In fact, Symantec estimates put the average cost of cyber attacks at a whopping $188,242 dollars, with nearly 2/3 of targeted companies closing their doors within 6 months of the attack. And yet, the same study found only 59% of small businesses have any kind of contingency plan for data breaches.
To protect you and your business from online threats, we highly recommend first diagnosing your points of weakness with this Digital Security Guide, which offers a quiz and in-depth answers. And to get you started, here are just a few security tips to get you going.
Internet security stock photo by Bigstock
1. Know Best Wi-Fi Practices
One of the most pernicious issues with Wi-Fi is a phenomenon called wardriving, a technique that has hackers driving around neighborhoods with high-powered antennas, breaking into any non-password protected or otherwise weak networks. Once inside the network, hackers have access to both employee personal information and sensitive company information like banking details.
To prevent such hacks, there are a few steps you can take:
Create a hidden network. Disable the service set identifier (SSID) so that your network isn’t broadcasted. Since this isn’t a foolproof measure, you can also change your network name frequently so that it will be harder to find.
Use WPA2 passcodes. While a WEP password is better than nothing, they’re also pretty easily cracked by savvy hackers. WPA2 codes create longer encryption keys that are harder to guess. For more tips on generating good passwords, see tip #3.
2. Encrypt Your Data
No matter how many security steps you take, you can’t 100% prevent scammers from accessing your networks. That’s why it’s so important to create an extra layer of security right on your devices to make your data unreadable should hackers access it. For this, encryption is the way to go, at least for your most important data. Put simply, encryption translates your data into a format that’s unreadable by unauthorized users. However, encryption only works when users are logged out, so it’s not a perfect measure, and it also means you should be sure to set computers to automatically logout after 15 minutes.
Encryption is easily done through programs that should already be on your computer, like BitLocker on PCs and FileVault on Mac.
3. Strengthen Your Passwords
You may think you have a good password, but if it contains any personal information or even any distinct words, think again. Now multiply those password risks across your entire business, and you’ve got some serious security risks on hand.
To create strong passwords, encourage employees to:
- Not use any words.
- Employ a good mix of lower case and capital letters, symbols, numbers and letters.
- Never use the same password twice.
- Change passwords on a regular basis.
- Passwords are certainly not perfect, so you might want to consider using two-step authentication whenever possible, particularly on sites like Gmail and Twitter, two early adopters of the technology.
4. Backup Your Data
In case not just of security breaches but of technology crashes, backing up your data is also a crucial step you can take to safeguard the integrity of your data. While you should ideally do this every day for all of your business data, at the very least, do it for your most important financial data, human resources files, presentation and intellectual property. This can be easily done on external hard drives as well as on cloud-based backup services like Mozy. If you’re already outsourcing your IT to a Managed Service Provider (MSP) you can likely have them store your data as well.
5. Educate Your Employees
Of course, the biggest threat to a small (or any sized) business’ security are the employees, whether they’re making weak passwords or clicking on links they shouldn’t. That’s why it’s so important to have clear and frequently updated security policies that are regularly reviewed with employees. A few key things to cover:
Wi-Fi while on the road. If your employees rely on mobile devices, make sure they never use a public network or even one that lacks a password, as those are often set up by hackers. They should also be instructed not to enter any sensitive company data over networks with unconfirmed identities.
The game plan for employees who leave the company. Sensitive information is often contained on employee mobile devices. Have a procedure in place for clearing data, or even wiping it remotely if need be.
Downloading files and clicking links. The policy for this should be clear: Unless you recognize the address, just don’t do it. No clicking, no downloading. End of story.
Takeaways
While no individual security measures are perfect, taking these security steps together will go a long way towards safeguarding your most important data…and your bottom line. The sooner you take these steps, the sooner you can take advantage of today’s many helpful online tools without anxiety.
Contributor Luke Clum is creative marketer, designer and writer from Seattle.
Related posts:
Contributor
Latest posts by Contributor (see all)
- Climbing Out of the Pressure Cooker: Dealing With Anxiety Without Stressing Yourself Out - August 18, 2024
- 7 Things That Matter Most in a Website: The SEO Perspective - August 8, 2024
- How to Avoid Common Problems When Filing a Business Insurance Claim - August 3, 2024
Hey Luke,
So important to be mindful of security issues these days, especially with data showing that small businesses are increasingly being targeted by cyber attacks. Thanks to Gary for sharing with the BizSugar community.
You’re right Heather. small businesses need to be mindful of all of the security threats out there and how to protect against them.
I’ve recently had the experience of an employee (innocently) downloading a movie clip from the internet, and a malware program along with it. It took several hours to remove the threat, we almost had to wipe the computer clean and start over again. We had to have a team talk about downloading files after that. Thanks!