Every business today needs to be thinking about cybersecurity.
Unless you operate your business entirely using paper, cash payments, and the US Postal Service; you could be vulnerable to hackers.
Company size is no guarantee of security. Even though large businesses are the ones in the news when it comes to cyberattacks, most cyberattacks target SMBs.
Many SMB owners don't think they need to worry about cybersecurity.
The good news?
Even if you can hardly work a computer, you don't have to worry. It's surprisingly simple, easy, and fast to take a few steps that will really help prevent glaring vulnerabilities in your company's' cybersecurity.
We're not saying these steps are all you'll ever need to protect your data, but it's a great start.
Take a look at this video we've created that illustrates the seriousness of the cybersecurity threat. Here's a sneak peek:
- 55% of small businesses experienced a cyberattack
- 3.8 million records are stolen from businesses every day
Then keep reading for the six steps you can take quickly to avoid becoming another statistic.
Step 1 – Have a Plan
The most important step is this one – acknowledge that cyber and information security is a real threat to your business and plan accordingly.
We'll talk more in future posts about creating a security plan and infrastructure for businesses, but the first, essential step is to know and understand you need one!
Step 2 – Use Two-Step Verification
Two-step verification prevents would-be hackers from accessing your personal and business accounts, even if they've stolen your password. Two-step verification basically makes you perform another identifying action after putting in your password.
Usually, after you put in your password, your two-step verification system sends a text message to a phone number you programmed into it. This text message contains a unique, randomly generated code which you input in order to move on.
Two-step verification has become a standard for most big software services, including Google, Microsoft, and Apple. It takes a minute to install and takes less time to use than you'd think. It also foils a ton of the most common, opportunistic cyber attacks. Two-step verification is one of the best ways to keep trouble away from your precious work.
Step 3 – Backup Your Data
Every business needs a sound data backup implementation plan and strategy. Why?
What would happen to your office or business if you lost access to your business information for a day? What about if a ransomware attack deleted all of your data?
If you store all your data in one place, then if that place breaks down or gets hacked, you risk losing everything. A backup is a digital copy of original data to be used to recover work in case of disaster. If you lose your data, you have a backup. Most modern software programs have the means to automatically backup whatever data you tell it to, but you can also simply copy document-by-document if you're so inclined, or if you only want to backup some data.
Once you've made the backup, it's important that you keep the data created on either a flash drive or an external hard drive. Do not keep your backup on the same data storage device that houses the original copy - that would defeat the purpose of the backup! If you've saved everything on another disk elsewhere, then if your hard drive blows and all the data is irretrievable, you're not totally out of luck.
Learn more about data backup, read our post Stop Losing Documents – What You Need to Know About Data Backup.
Step 4 – Keep Up-to-Date Antivirus Software
Everyone likes to whine about constant antivirus software updates slowing down their computer, but there's a good reason for them. Antivirus software developers need to constantly update in order to address structural weaknesses based on data collected by usage, add new features to counter progressions in common viruses, and to generally improve antivirus efficiency.
First thing's first: your business should definitely have antivirus technology. Do some research to find the right one for your size and needs, or contact an expert for help. Once you've installed the software, set up auto-updates and make sure they're happening. Failing to regularly update your antivirus software will make it ineffective, opening you up to possible cyberattack.
For businesses, one of the benefits of managed network services is that someone else handles your antivirus updates for you. That means no more holes in your firewall AND your IT staff can spend their time on more valuable tasks – like improving your business processes.
Step 5 – Don't Ignore Physical Security
With the constant focus on cybersecurity, it's easy to overlook simple physical security risks that are easy to avoid. In addition to physical restrictions on access – locks on doors to the server room for example – there are four common physical security lapses:
- Written down passwords
- Sensitive documents in the open
- Easy access to access cards
Step 6 – Educate Employees on the Importance of Smart Web Navigation
This is probably the most important thing you can do for your cybersecurity. Most employees probably don't think much about how they might be compromising their company's cybersecurity.
Schedule some time to talk about the basic things every employee should do to keep company data safe. Make sure all employees know:
- To never share their passwords
- Use two-step verification for work computer log-in and all relevant business software log-in
- Change your password at least once every 3 months
- Don't open unexpected emails from strangers
- Especially don't open email with an unexpected attachment. Even if the attachment is from a co-worker, confirm they really sent it before downloading.
- Keep backups of all work. Store that backup in a different data storage unit than where the original is housed.
- Backup your data is often as possible.
- Update virus software.
- Stay off of potentially dangerous sites. Always heed warnings.
- Do not stream or download anything on your work computer unless you're sure the source is legitimate and secure.
- Avoid unsecured websites whenever possible.
- Turn off work computers before leaving at the end of the day.
- Know where data is kept. Immediately report any misplaced or missing data.
- Do not share company hardware or software with outside people.
In the modern era of small business ownership, cybersecurity should be as normal and routine as regular security. If you get in the habit of thinking about it now, you might just save yourself a lot of stress and heartache in the future.
Have more IT-related questions? Schedule an appointment with Coordinated to either talk about our full IT management service. We can handle the technical stuff so you can get back to what you do best: running your business.