Protect from Cyber Crime
As our world becomes more and more digital, cyber security is a growing concern for small businesses. According to McAfee, 75% of data breaches are targeted towards smaller sized organizations. Breaches are expensive, in both loss of revenue and reputational risk, with 60% of small businesses going out of business within six months of a breach.
Unlike large corporations, your business likely doesn’t have a big cyber-security protection budget. The good news is that there are relatively inexpensive tactics to keep your business safe.
The first step is to be aware of how cyber security plays a role in your business. Your goals should be to:
- Keep you client information safe
- Keep your business information safe
- Keep financial information safe
Attackers are consistently gaining sophistication. As their confidence grows, their tactics become more aggressive and the threats evolve as a result. Here are some common types of threats:
- Website tampering: An attack where the design or content of your website is changed by an unauthorized party. This is a reputation risk, as these attackers have free reign to update your site with inappropriate or inaccurate photos, language and videos.
- Data theft: Potentially the most expensive form of attack, data theft occurs when a thief accesses your private data. This may include the personal or financial information for your customers and business.
- Denial of Service (DoS) Attacks: A form of fraud where a system or network is rendered unavailable because of attacker overwhelm the server with requests. This is usually an attempt to bring down your business operations.
- Viruses: Viruses can infect the files, programs or operating system of your computer. A computer virus can be spread in many ways, including opening an email or inserting a thumb drive into a computer.
There are steps you can do to keep your business safe from these types of attacks.
Keep your software updated. Make sure you have the latest version of browsers and anti-virus security software on your systems. It’s important to run all updates or patches to help protect from malware.
Regularly back up your data. It’s good practice to keep backups of your important data. Whether you store the back up on a physical hard drive, in the cloud, or both, make sure you have access in case of a ransomware attack or emergency.
Train employees. The top source of data breaches is employees or contractors. It’s up to business owners to ensure their employees are trained in security best practices and understand the expectations of your organization. This training should include how to create strong passwords and outline specific password requirements for employees. It should also focus on best practices for email, social media and internet security.
Have a plan for mobile devices. Many companies have a BYOD (Bring Your Own Device) policy for employees. While this may be a nice convenience, you should consider the risks if that employee has access to customer data. Put together guidelines to hold employees accountable. This guide should include how to create strong passwords, documentation on what happens if the device is lost or stolen and best practices for keeping mobile devices secure.
Create separate user accounts for each employee. If your employees have access to your network, you should create separate accounts for individual employees. This ensures that passwords are not shared and allows you to set specific permissions for different roles. You’re able to control access to client information and reduce the risk that information will be breached.
Secure WiFi networks. If your business offers public wireless, create a network separate from your business network with a firewall, so you have control over who accesses your business network versus your public network. For your public WiFi, enable wireless encryption and use a strong password to provide to your customers
As your financial partner, we want to help ensure your business is protected. If you have any questions, please contact our Business Services team at 503.526.3636.