A recently released
Smaller businesses and cyber security
In today’s very competitive business landscape, companies, no matter their size or industry, cannot hope to grow unless they embrace technology. But the more businesses rely on technology, the more vulnerable they become to cyber crimes.
A Department of Homeland Security (DHS) presentation discovered that nearly 59% of small to medium-sized U.S. businesses do not have a plan in place for responding to and reporting a data breach.
The presentation also asserted that smaller companies are more vulnerable to cyber-attacks because they lack the funds and manpower to secure their IT assets. Often, they also do not follow industry standards. Until this is remedied, they will continually be preyed upon by unscrupulous cyber entities.
A new study by Juniper Research forecasts that by 2019, costs related to data breaches will increase to $2.1 trillion globally, which is almost four times the estimated cost in 2015.
Protecting your company from data breaches
Data security isn’t just an IT responsibility. It has to be ingrained in your company’s culture –from upper management to entry-level employee.
Security has to be an integral part of your business processes. It needs to be in everyone’s minds every single day, as one instance of carelessness can put all of your company’s confidential information at risk – be it an HR personnel accidentally clicking on an infected link or a customer-facing employee downloading an email attachment sent by a dubious entity.
To beef up your company’s security, consider the following tips:
#1. Lay out the ground rules.
Leave no room for guesswork. Right at the outset, be clear about the company’s Internet and mobile usage policies. While this won’t necessarily earn you points in the “my employer is so cool I can browse anything online” department, it’s crucial to make your employees understand the security risks involved with restriction-free Internet and mobile use.
Identify and communicate policies such as:
- Which sites can and cannot be visited at work
- Social media usage, if allowed
- How email attachments are handled
- Which files, apps, or software can be downloaded on work devices
- BYOD (bring your own device) policies, especially since smartphones aren’t going anywhere anytime soon
- Password rules and how often passwords should be changed
- Limitations on company-issued devices
#2. Only use secure wireless connection when on the go.
Mobile devices and Wi-Fi hotspots are everywhere, which keeps people productive even when on the go. However, there are inherent risks associated with public Wi-Fi networks, such as those in airports, coffee shops, hotels, shopping malls, or public libraries, even when they’re password-protected.
Stay away from them if you can. If you can’t, below are some tips from Kaspersky:
- Be suspicious of all Wi-Fi links. Ensure that you’re connecting to the Internet via a legitimate access point.
- All devices – smartphones, tablets, or laptops – are at risk.
- Install security software on each of your mobile devices.
- Use a VPN (virtual private network) service to encrypt your data.
- Use your phone’s mobile data if you need to access a site that requires you to enter sensitive information.
#3. Regularly update installed software.
Never underestimate the power of an update. According to McAfee’s Security Advice Center, “Like technology, Internet threats evolve. Cybercriminals are always looking for new forms of attack and new ways of accessing your money and information.”
Aside from security software, upgrade your operating system, browsers, and other installed software whenever new updates are rolled out. These are designed to protect your system from viruses, malware, and other vulnerabilities.
#4. Block certain content types.
We all know that prevention is a thousand times better than a cure. To prevent Internet threats from infiltrating your system, block access to sites that are likely to contain them. A content filter will block access to pornographic and scam sites, which are mostly used by cyber criminals. They can also prevent employees from accessing non-work-related sites.
#5. Protect your email servers.
To keep your confidential data intact, mail server security services like McAfee scan all email forms for threats: incoming, outgoing, or stored email. Intelligent spam filters are deployed so you don’t have to deal with spammy emails.
If you’re concerned about budget, there are McAfee alternatives that can also do the job at a more flexible price.
#6. Back up your data regularly.
Through ransomware, which is a type of malware, hackers can hold your website hostage until you pay a ransom. Paying, however, doesn’t guarantee you’ll get your files back.
Regularly backing up your data makes data recovery easier in case of a security breach, your computer crashing, hard drive failing, a virus infection, theft, or physical computer damage as a result of disastrous events such as fire or flooding.
#7. Put an incident management strategy in place.
In the event of an infiltration, a concrete action plan must be in place to mitigate the risks and possibly debilitating business effects the attack poses. This includes procedures and processes to follow, relevant tools and infrastructure, roles and responsibility designations, trained personnel to consistently and efficiently carry out the plan, and even teaming up with third-party security experts.
Cyber criminals are an organized lot, which is why absolute security cannot be guaranteed. Security vigilance and taking the necessary precautionary measures can help protect your business from malicious hacking and safeguard your data’s integrity and availability.
What other security measures can you recommend?
Tweak Your Biz is a thought leader global publication and online business community. Today, it is part of the Small Biz Trends stable of websites and receives over 300,000 unique views per month. Would you like to write for us?
An outstanding title can increase tweets, Facebook Likes, and visitor traffic by 50% or more. Generate great titles for your articles and blog posts with the Tweak Your Biz Title Generator.