used with permission from SBA.gov
by Anita Campbell
You might not be able to hire a full-time cybersecurity specialist or install top-of-the-line software, but protecting your business’s data doesn’t necessarily need to be complicated or expensive
There were nearly 42,000 online security incidents around the world over the past year. And about 43 percent of those targeted small businesses. That means that small businesses are more likely than any other entity to fall victim to data breaches and cyber attacks.
These incidents can lead to financial loss, stolen customer data or compromised proprietary information. So it’s essential that you take steps to lessen your chances of falling victim to cyber attacks, and to lessen the impact if you do.
However, small businesses also tend to have fewer resources to avoid these attacks than large enterprises and government entities. For example, you might not be able to hire a full-time cybersecurity specialist or install top-of-the-line software. But protecting your business’s data doesn’t necessarily need to be complicated or expensive. Here are some of the simplest things you can do today to lessen your company’s chances of falling victim to a cyber attack.
Change Your Passwords
About 81 percent of security breaches are simply due to weak or stolen passwords. So a company that uses ‘Password123’ for every account is probably going to be more vulnerable than one that uses complicated passwords and changes them regularly.
So what exactly makes a password strong? The National Institute of Standards and Technology recommends choosing passwords that use a combination of words that are easy to associate in your mind, but unique to you. Basically, it should be easy for you to remember but hard for anyone else to guess. Of course, it’s also a good idea to use a combination of characters in your passwords and use unique ones for each account if possible. That last point is especially important for vulnerable accounts like those for your banks or sensitive data.
Once you have passwords in place, you should also continue to change them regularly. Your vendors or service providers may have experienced breaches that you don’t even know about yet. So changing them regularly can help you to avoid having your accounts compromised even if your passwords were stolen at some point.
Finally, many platforms and service providers also offer two-factor authentication or some form of security outside of passwords. If possible, enable security questions, fingerprint reading or even text alerts so your passwords aren’t the only thing standing between your data and cyber attackers.
Update Your Software
All the software that you use on your business’s computers and devices can be vulnerable to cyber attacks. But your software providers are constantly working to patch issues and make their products stronger so that hackers, viruses and malware can’t get in and access your accounts and sensitive data. That’s one of the reasons why you constantly get alerts asking you to update your software.
Though they may seem annoying or unnecessary upon first pass, don’t ignore these alerts. Go through the short process of updating software and operating systems whenever these patches are available. Usually, all you have to do is press a few buttons and restart your device once the updates are complete. Often, you won’t even notice a major difference in how the software operates. But behind the scenes, those patches make it more difficult for viruses, malware and hackers to make their way into those software programs.
Train Your Employees
If your business has employees, then you need to make sure they’re aware of these important cybersecurity procedures as well. You can change your passwords and update your software all you want. But if your team doesn’t follow suit, your business is still going to be vulnerable.
To protect you business from every angle, host a quick meeting or seminar to share these best practices with your team. Give them clear instructions about how and when to change their passwords and how to set up two-factor authentication on all the common programs and accounts you use. You can even send out reminders or alerts when it’s time to change passwords or update security procedures.
Then share the importance of regular software updates and patches. And create policies or processes for keeping those items updated. If you have any team members who are dedicated to IT, you can probably have them handle this part of the process. But if not, make sure the rest of your team knows how to handle this on their own devices and why it’s so important.