Tips for Improving Small Business Cybersecurity
Running a small business means wearing a lot of hats, and cybersecurity is one of the most important ones. The following tips for improving small business cybersecurity are designed to help owners and managers harden their defenses without requiring a Fortune 500 budget, making sure you’re always protected against the newest threats.
However, in light of recent ransomware attacks like WannaCry and the growing sophistication of phishing attacks, all small businesses owners should have a basic understanding of cybersecurity and the measures they can take to prevent a breach from hurting their business.
A good place to start is this resource from The Small Business Administration (SBA) which offers ten small business cybersecurity tips that can be used to help secure your company. Below are our thoughts on these items, and how you can start acting to help protect your business.
Secure Your Networks
Among the most foundational tips for improving small business cybersecurity is to always use a firewall and encrypt your information. Your Wi-Fi network should be secure and hidden. Do not publicly broadcast your network name, and make sure your router is password protected. A bonus tip — your password should not be “password” or “123456.”
Have Policies in Place to Protect Sensitive Information
You should protect your network from more than just external sources. Some of the biggest data breaches occur because of employees. While sometimes this is done maliciously, that isn’t always the case. All companies should have policies in place that clearly define how to handle and protect personally identifiable information and sensitive data, while outlining the consequences of violating these policies.
Written policies are often overlooked in lists of tips for improving small business cybersecurity, but they set the standard everything else is measured against.
Hold Your Employees Accountable
Education is at the heart of maintaining small business cybersecurity. Make your employees aware of online threats and the steps they can take to protect your business’s data. This includes education on using social networking sites, where employees can very easily introduce competitors to sensitive details about your business. Make it known that sharing trade secrets is not tolerated in any way. Employees should be tied to internet security policies both on and off the job.
Use Multi-Factor Authentication
Implement a multi-factor authentication system that requires additional information along with a user’s password. While there is some debate over whether it’s a good idea to make employees change their passwords on a regular basis, multi-factor authentication — including security questions, biometric scans, and CAPTCHAs — can help prevent your data from falling into the wrong hands. MFA is one of the highest-ROI tips for improving small business cybersecurity on this list because it stops the majority of credential-stuffing and phishing attacks cold.
Use Best Practices When Accepting Payments
How many times have you gone to a convenience store or grocery store that has EMV chip readers but hasn’t gotten them working yet? Probably a few times. The compliance deadline for companies to make EMV the norm was in October 2015. If you take payments, work with your bank or card processors to ensure they are using validated tools and anti-fraud services.
Back Up Your Data
We can’t overstate the importance of regular data backups. It’s one of the simplest tips for improving small business cybersecurity and also one of the most frequently skipped. Backups help protect your business in the event of disaster. Full-scale data loss can occur as a result of physical server destruction or a cyber-attack. Make sure your critical data is backed up automatically and stored either offsite or in the cloud, and test the restore process so you know it works before you actually need it.
Control Access to Authorized Individuals Only
When employees leave the office with their laptops, make sure they are locked and password protected when unattended. Every employee in your business should have a unique user account and a strong password. Only give admin privileges to your IT staff in order to prevent end users from potentially downloading pirated software or moving critical data.
Have a Mobile Device Policy
Today, most employees have work email on their phones. This can open the door to even more security concerns, as the user is often accessing confidential data on their phones off-premise. Always encrypt data, install security apps, and password-protect these devices. Mobile hygiene belongs on any modern list of tips for improving small business cybersecurity because phones now carry the same access rights — and the same risk — as laptops.
Protect Your Website with an SSL
A secure sockets layer (SSL) certificate should be installed on every page of your public-facing website, not just the checkout and sign-up pages. An SSL makes sure that data is transmitted securely over the internet between a computer and a network server, making it nearly impossible for a hacker to steal information from your site. As a bonus, Google gives brownie points in its algorithm for having an SSL if SEO is important to your business.
Bring It All Together
Individually, each of the tips for improving small business cybersecurity above will raise your baseline. Together, they build the kind of layered defense that makes your business a hard target — attackers usually move on to easier ones. The goal isn’t perfection; it’s making sure that a single mistake, a single stolen password, or a single misplaced laptop doesn’t take down the entire business.
Too Much to Handle? Contact ThrottleNet
We understand that improving small business cyber security is a lot to worry about, especially if your business doesn’t have the resources to stay on top of the ever-changing IT industry. As a full-service Managed Network provider, ThrottleNet has the expertise and resources to ensure your business is always protected. Contact us today to learn more about our services and what we can do to help your business grow.
