How to Protect Your Small Business From a Cyber Attack
Forbes recently alerted entrepreneurs to data showing a record number of cyber attacks on small businesses. The 2012 report by Verizon reveals that 71 percent of the 855 data breaches examined happened to businesses with 100 or fewer employees. It also suggests that small businesses are especially vulnerable.
Is your company at risk?
As Forbes points out, even visiting legitimate websites can expose you to malware that may be used by hackers to access sensitive information. Meanwhile, unsecured company laptops and other devices, as well as tools such as WordPress blogs set up by developers, can expose you to cyber attacks.
Here are a few ways to protect your data and, as a result, your business.
- Use the security tools already at your disposal. PCWorld reminds small-business owners that they already have various tools to prevent cyber attacks, provided they use them. By limiting the number of employees given administrator accounts, protecting each account with a different strong password, and setting software restrictions on existing computers and networks, you can greatly reduce your vulnerabilities. The Huffington Post recommends creating a security policy and educating and monitoring employees to ensure they aren’t putting your business at risk.
- Choose and use a firewall. Firewalls are like home security systems for your computers. They control the data coming in and out to prevent unauthorized access to your network. The U.S. Computer Emergency Readiness Team provides a detailed guide to both hardware and software firewalls, as well as configuration settings that can be used to reduce your chances of an attack.
- Have a mobile device action plan. The Federal Communications Commission provides a comprehensive online resource, the Small Biz Cyber Planner 2.0, to help you create a custom cyber security plan. The FCC also offers a Cyber Security Tip Sheet [PDF] that addresses issues related to mobile devices: Its recommendations include encrypting data, installing security apps on mobile devices used to handle confidential information, instituting procedures for reporting lost or stolen equipment, and using passwords on work phones.
- Be smart about web browsing and email security. The Department of Homeland Security advises keeping browser and other software security updates current. It also suggests paying careful attention to the URLs of the websites you visit to make sure they are legitimate (in other words, don’t mistake a .org for a .com site, etc.). As far as email goes, the feds suggest scanning all attachments with an anti-virus app and turning off the automatic downloading of attached files.
- Know who you’re working with. Research your options for the best cloud-based storage providers with an eye toward security. Be smart about choosing web designers and outside IT professionals who will have access to your computers and accounts. Check their security credentials and references to ensure they are trustworthy.