Why would hackers attack small businesses when they can target big corporations?
There are two simple reasons:
1. It is harder for hackers to get past sophisticated security at big corporations
2. Hackers know small businesses have cybersecurity measures on their back burner
82,000 new malware threats are released every single day, and half of the cyber-attacks occurring are aimed at small businesses. We don’t hear about these stats until a report comes out in the following year, talking about the amount of financial loss and number of businesses closed because they could not recover from a cyberattack. Because of all of this, it’s critical that you have these seven security measures you should have in place to protect your business.
1. Train Employees on Security Best Practices
The #1 vulnerability for business networks are the employees using them. It’s extremely common for an employee to accidentally infect your entire network by opening or clicking on a phishing email. A phishing email is skillfully designed to look like a legitimate email from a website, vendor or a co-worker you trust. If employees don’t know how to spot infected emails or online scams, they could compromise your entire network.
2. Create an Acceptable Use Policy (AUP)
An AUP outlines how employees are permitted to use company-owned PCs, devices, software, internet access and email. While it is hard to limit the websites that your employees can access with work devices and Internet connectivity, you can enforce your policy with content-filtering software and firewalls. An expert can easily set up permissions and rules that will regulate online activities, including restrictions on visiting restricted websites.
Further, if the data in your organization is highly sensitive, such as customer records, credit card information, and financial information, you may not be legally permitted to allow employees to access it on devices that are not secured; but that doesn’t mean an employee might not innocently “take work home.” You need regulation for rooting or jailbreaking the device to circumvent the security mechanisms you put in place.
3. Require STRONG passwords and passcodes to lock mobile devices
Passwords should be at least eight characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a passcode to be entered will go a long way toward preventing a stolen device from being compromised. Again, this can be enforced by your network administrator, so employees don’t get lazy and choose easy-to-guess passwords, putting your organization at risk.
4. Keep Your Network Up-to-Date
New vulnerabilities are frequently found in common software you are using. Therefore, it’s critical you patch and update your systems regularly. If you’re under a managed IT plan, this can all be automated for you, so you don’t have to worry about missing an important update.
5. Have an Excellent Backup
This can foil the most aggressive (and new) ransomware attacks, where a hacker locks up your files and holds them ransom until you pay a fee. If your files are backed up, you don’t have to pay a crook to get them back. A good backup will also protect you against an employee accidentally deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-erasing disasters. Again, your backups should be automated and monitored; the worst time to test your backup is when you desperately need it to work.
6. Don’t allow employees to download unauthorized software or files
One of the fastest ways cybercriminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other “innocent” looking apps. This can largely be prevented with a good firewall and employee training and monitoring.
7. Set-up a Good Firewall
A firewall acts as the frontline defence against hackers blocking everything you haven’t explicitly allowed entering or leaving your computer network. But all firewalls need monitoring and maintenance, just like all devices on your system. This, too, can be done by a trusted IT support provider who will ensure regular updates as a part of the routine to maintain the health of your business IT.
Want Help In Implementing These 7 Essentials?
If you are concerned about your business, employees and the dangers of cybercriminals gaining access to your network, then call us about how we can implement a managed security plan for your business. Call us at 416.410.5030 or email at [email protected].