Even before the many headlines detailing data breaches of companies large and small, internet security has been a hot-button issue. Because security threats are constantly evolving, it can be difficult for businesses to determine the best way to protect their information and that of their clients. Recently, cyber security was thrust into the public spotlight via the Sony Pictures hack that brought the company’s operations to a halt for weeks.
This hack raised the question of how much companies should be spending on cyber security measures. While the FBI stated that at least 90% of American businesses would not have been able to stop the Sony Pictures hack, it’s still worth investigating ways in which businesses can shore up their online defenses. While it may seem like a daunting task, there are small yet important steps businesses can take that will help keep everyone’s information safe.
1. Spend Time Training Your Employees
Even training them in simple techniques like strengthening passwords can heighten security. Ask your employees to make sure their passwords are strong. This includes setting longer character limits and requiring that passwords include a mix of letters, numbers and special characters. You’ll also want to be sure you prompt your employees to update their passwords on a fairly regular basis. Training should also include other efforts, such as reminding your employees of the hazards of clicking on unsolicited email attachments and links.
2. Outline Detailed Internet Guidelines and Consequences
It is estimated that more than 75% of small businesses do not have a formal internet security policy. These employee guidelines are important for setting a standard of security and communicating to employees the hazards of disregarding internet safety. Part of these guidelines should include a protocol for handling customer data as well. Whatever guidelines your company writes, make sure that your policy manual can co-exist with your company’s culture.
3. Protect Your Mobile Data Too
If your company issues cell phones to your employees, make sure your guidelines cover security measures specifically for cellular networks. There are specific apps designed to increase security, but even something as simple as setting a unique passcode can greatly improve your phone’s protection. The Federal Communications Commission has a mobile assessment tool that can provide you with mobile security recommendations, depending on your device.
4. Work With Your IT Provider
If you have concerns and aren’t sure how to address them, reach out to your network provider and ask for help. While they will try to upsell you on products and services, they should also be able to provide some advice on how to further enhance your network security with your existing equipment or services. They can also give you an overview of your current security setup.
5. Conduct a Cyber Security Risk Assessment
Your risk assessment should cover any businesses or vendors who have access to your network or data. Breaches can also come from within, so review standard practices with your employees.
6. Invest in Security Software, and Update It Regularly
One of the biggest challenges for network security relates to how quickly the online landscape can change. Security software is constantly updated to address existing threats while new ones emerge. Investing in the right program—one that is reliable and frequently updated—can go a long way toward keeping your information safe. As there are many choices, it’s best to solicit advice from online review sites, such as PC Mag or Tech Radar, or other small business owners in your community.
7. Report Any Attacks
Even something as innocuous as a spam email with an unwanted attachment could be the very beginning of an attempted breach. If you have an IT department, make sure it is set up to keep track of and report these attempted breaches. If your organization is too small to keep a dedicated IT team on staff, these types of suspicious emails and activities can be reported to the FBI, the FTC and other groups. Reporting methods should be part of your employee internet guidelines.
8. Take Cyber Security Seriously
As evidenced by President Obama’s State of the Union address in January 2015, cyber security is a topic that the U.S. government is taking seriously. It will take vigilance on the part of every American, private citizen and business owner alike to help in this effort.
There are already a variety of online resources that you can turn to, including:
- StaySafeOnline.org: This website, operated by the National Cyber Security Alliance covers online safety from the viewpoint of consumers and businesses and offers resources and overviews of ways to stay safe.
- Federal Communications Commission (FCC): The FCC is the government agency in charge of regulating all communication that is transmitted via radio, internet, cable, wire and satellite in the U.S. They have a variety of tools designed specifically for business, including the Small Business Cyber Security Planner. This is a good place to start when attempting to get an overview of online risks and ways to combat them.
- Small Business Administration (SBA): The SBA offers a free online cyber security course that is a terrific resource for understanding and addressing security concerns. The site also has a variety of articles relating to small businesses on topics ranging from networking to licensing and more.
Cyber security crime will continue to rise as more information is placed online. This means that protecting your business against breaches is really a long-term investment in your business’ future. By staying vigilant, you can help keep your business and your information safe.