December 15, 2014 Technology and Security en_US Just because your business is small, don?t imagine you're immune to the predatory tactics of malicious hackers. 8 Ways to Keep Your Business From Being Hacked
Technology and Security

8 Ways to Keep Your Business From Being Hacked

By Laura McCamy December 15, 2014

Just because your business is small, don’t imagine you’re immune to the predatory tactics of malicious hackers. The National Cyber Security Alliance (NCSA) reports that 50 percent of small-business owners in a 2013 survey said they had experienced a cyber attack. Security breaches can be a serious problem for small businesses because they often don’t have the resources to recover from an attack.

If you are feeling overwhelmed at the thought of adding one more item to your overflowing to do list, there is good news. NCSA Executive Director Michael Kaiser offers eight ways to protect your data and your business.

1. Don’t Be Complacent

“It’s likely that small businesses are more vulnerable than larger businesses that are making larger investments in security. The bad guys know that,” Kaiser says. Cyber criminals have lots of tricks up their sleeves, from creating fake payroll entries to finding ways to siphon money out of your business bank account. “An operation that has good cash flow could have a fair amount of money in the bank at any given time,” he says, which makes it an attractive target.

2. Secure Your Software

“For [very small] businesses … it really starts with implementing and being serious about some basic security practices,” says Kaiser. One basic and often free step is to make sure you are running the most current versions of all your software, particularly your computer operating system (OS) and web browser.

3. Authenticate Your Accounts

Kaiser strongly recommends choosing two-step authentication wherever possible. This prompts your bank to send a text message to your phone with a code you have to enter before you can log in on a new computer. Email providers such as Gmail and Yahoo also offer two-step authentication to block hackers from remotely accessing your account.

4. Mobilize Your Security

“All that security advice also applies to phones, tablets,” says Kaiser. Anything connected to your company’s network has to be protected. Make sure all employees use PIN code protection for their devices, wherever applicable. “These are basic security measures that everyone just has to do,” he says.

5. Keep Your Eye on the Wi-Fi

“Free Wi-Fi is a big risk point,” Kaiser says. When you and your employees access the internet outside your office, he recommends creating a private hotspot through your phone or using a virtual private network (VPN), a security layer that logs you on to a private network before you access an open wireless network, instead of relying on free Wi-Fi services.

6. Create a Culture of Cyber Security

“Have discussions with your employees about what’s OK and what’s not OK to do on the internet,” says Kaiser. USB devices are a “known vector of infection” and clicking on an infected email or visiting the wrong website can allow viruses in, he says, adding that spam posts can occur “almost anywhere where people are exchanging and posting,” including social media like Twitter and Facebook. Educating yourself and your employees about the risks will help protect your company data from cyber trespassing. 

7. Use the Cloud Wisely

“The cloud is great for small businesses, not just on the security side but on the scalability side,” Kaiser notes. But small businesses “shouldn’t use the cloud as a dumping ground to store all their data and sensitive documents.” He suggests segregating data stored in the cloud by level of sensitivity and setting up “security and permission for data access within the cloud environment.” He also cautions small-business owners to be aware of the security of the connection through which you access your cloud data (see number 5, above).

8. Create a Risk Management Plan

If all this advice has you seeing double, Kaiser advises, “Start by figuring out what your most valuable assets are and protect those.” Using a stepped approach, he says, begin with the data that, if it were stolen, would put you out of business.”

Kaiser reminds us, “At the end of the day, cyber security is not just about stopping bad things from happening. It’s about putting the things in place that allow you to do the things you want to do with a lot more confidence.”

Photo of Michael Kaiser Courtesy of NCSA.

Rate This Article
Laura McCamy is a freelance writer based in Oakland, California. She writes about small business, real estate, and development. An avid urban bike rider, she also loves to cover bicycling, urban planning, and the intersection of bicycles and business. Follow her on Twitter @lmcwords. Read more