Just because you run a small business, doesn’t mean you’re beyond a hacker’s notice. Small businesses often hold the same types of sensitive customer information as larger enterprises. That, combined with their perceived lack of cyber security knowledge and resources, makes them an attractive target to hackers.
According to a recent SBA survey, 88% of small business owners felt their business was vulnerable to a cyber attack. Yet many businesses can’t afford professional IT solutions, have limited time to devote to cyber security, or they don’t know where to begin.
The best way for small business owners to be adequately prepared is to educate themselves on common threats and the best strategies to defend themselves from a cyber attack.
1. Educate your employees
As cyber criminals evolve and become savvier, it’s essential to regularly update your employees on new protocols. The more your employees know about cyber attacks and how to protect your data, the safer your business will be. Send out regular reminders not to open attachments or click on links in emails from people they don’t know or expect; outline procedures for encrypting personal or sensitive information; and train employees to double check if they get rush requests to issue unexpected payments—a common scam.
2. Implement safe password practices
Many data breaches occur due to weak, stolen, or lost passwords. In today’s world of working from your own devices, it’s crucial that all employee devices accessing the company network are password protected. Have employees change their passwords regularly by automatically prompting them to change their passwords every 60 to 90 days.
3. Make sure you’ve got the right partners and platforms
Your cyber security is only as good as the security of the platforms and partners your business depends on. Check the following:
- Do you have a WAF (web application firewall) in place – to protect your site?
- Is your ecommerce platform PCI-DSS (payment card industry data security standards) Level 1 compliant? That will protect you against digital data security breaches across your entire payment network, not just a single card.
- Does your website hosting company have staff that are regularly patching security vulnerabilities – to reduce the likelihood of attacks?
- Check to make sure each company computer has antivirus software installed. Even after training employees on how to identify a phishing email, they may be susceptible.
4. Secure your hardware
Data breaches can be caused by physical property being stolen too. If your servers, laptops, cell phones or other electronics are not secured and are easy to steal, you are taking a big risk. Security cameras and alarms will help, but physically locking down computers and servers will help even more. Whether your employees are working from home, a coworking space, or a traditional office, be sure they understand how to keep their company equipment protected.
5. Regularly back up all data
No matter how vigilant you are with your cyber security strategies, data breaches can still happen. The most important information to back up is:
- Databases
- Financial files
- Human resources files
- Accounts receivable/payable files
Be sure to also back up all data stored on an online drive and check your backup regularly to ensure that it is functioning correctly.
Give MVR Insurance Agency a call (914) 693-3500 to see how we can help protect your business.