Cyber attacks are constantly in the news. Business owners must be vigilant and take steps to protect their businesses. These attacks can cause proprietary information to be leaked and businesses to close. In this column I will focus on some reminders on how to approach cybersecurity for your business and protect your information.
Every year, businesses become more sophisticated in their efforts to stop hackers from stealing proprietary information. The problem is that hackers become more sophisticated every year, too.
Unfortunately, there is no silver bullet for eliminating the threat of a cyber attack on your business, but there are a number of ways to protect your data and reduce the likelihood of becoming a victim.
The question is not if your business will be hacked, but when.
Unfortunately, just about every small business will eventually experience an attempted cyber attack. According to Verizon’s 2020 Data Breach Investigations Report, small businesses make up 28% – nearly one third – of all data breaches.
The report points out that cloud-based tools can actually make small businesses even more vulnerable to having their data and personal information compromised. This risk was heightened even further in early 2020 by the sudden increase in employees working from home due to the COVID-19 pandemic – a trend that will no doubt continue. Just by looking at the sharp uptick in remote work and the resulting reliance on web-based tools, it’s easy to see that cybersecurity risks to small businesses will continue to grow.
The true cost to a small business facing a hacker is more than the valuable data that’s stolen. The cost of resolving a cyber-attack is often too high for most small businesses to weather. According to a 2018 Inc.com column on small business cyber attacks, 60% of small and mid-sized businesses that are hacked go out of business within six months.
Your business should be doing everything it can to prevent a damaging cyber attack. The “U.S. Small Business Administration’s Cybersecurity Guide” is a great resource as you build your security plan. Here is a breakdown of some of the best practices it recommends every small business do to keep their data safe.
Install & update antivirus software: Installing antivirus software on your network of computers is, at a minimum, a cybersecurity step that your company needs to take. There are several software providers with solutions that offer regular security updates, so your devices are always secure. A few of the most widely used cybersecurity software solutions include:
There are many more antivirus protection options out there as well. Check out the PCMag article covering the “Best Antivirus Protection for 2020” for even more solutions.
Use internet safeguards: Firewalls and encryptions will safeguard your company’s internet connection, including any Wi-Fi networks. The SBA recommends setting up your router, so it doesn’t broadcast the network name or the Service Set Identifier (SSID). Also, use a strong router password to further protect your internet.
Back up everything: This may go without saying, but your company should regularly back up all information on computers and any other devices. Duplication can save your business time and money and reduce liability should your data become compromised. If you can set up your devices to back up automatically or perform scheduled backups, then you’ll better protect your sensitive information and save yourself valuable time as well.
Secure payment processing: No matter what type of business you own, your money runs through a digital system when it is handled by your bank. If you are a retail shop, restaurant or other transactional business that accepts credit card payments, you are utilizing a third-party vendor to process payments and creating an even bigger digital footprint. Talk with your bank and card processors to make sure they have secure, trustworthy antivirus protection measures in place, so you don’t put your business and your customers at risk.
Train your employees: According to the SBA, employees and your email server are two of the biggest causes of data breaches for small businesses. It recommends training employees on the basics of cybersecurity, including how to detect a breach and how to minimize the likelihood of getting hit with one in the first place. You can hire a cybersecurity expert to teach your employees what to do to better prevent a virus.
There are also resources in the “SBA’s Cybersecurity Guide” to get you started, including events and training if your business needs even more support.
This list of best practices merely scratches the surface of what the SBA recommends small businesses do to prevent an attack. Read the full guide for even more information. The Federal Communications Commission also provides valuable information for security with tips for small businesses.
Dean Swanson is a volunteer Certified SCORE Mentor and former SCORE chapter chairman, district director and regional vice president for the North West Region.