We hear news of another cyber attack on a big firm almost every week, often targeting Smart Home Devices and other vulnerable systems.
Customer details stolen. Financial information swiped. Reputations ruined.
There’s no shortage of high-profile cyber crime stories, from Yahoo and eBay to Marriott and Sony.
You could be forgiven for thinking that cybercriminals are only interested in global companies with millions of customers.
However, small and medium businesses are at risk, too, and countless smaller organizations are attacked daily. Of course, these stories are not so newsworthy that we don’t hear about them, but that doesn’t mean they aren’t happening.
Could Your Business Survive a Cyber Attack?
What would happen if your business became the next victim of a cyber attack? Would it bring operations to a halt for hours, days, or longer? Would it mean the loss of crucial company data, or even worse, the theft of customer data? Could your business recover?
The fallout from a cyber attack could make it impossible to continue operating and you could face huge fines for failing to protect your customers.
You may already have software installed to combat viruses and attacks, but no innovative products will protect you if you don’t implement cyber security best practices into your business.
Why do cyber criminals attack small and medium-sized businesses
Small and medium-sized businesses are easy prey for cyber criminals. They know businesses this size are less likely to have sophisticated cyber security strategies than larger companies.
So although criminals might get a thrill from taking down the giants, it’s often easier and more lucrative for them to focus on smaller businesses.
A recent survey measured how organizations approach cyber security and the impact of security breaches on businesses.
The survey, conducted, found that:
- 60% of medium firms and 31% of small businesses have identified breaches or attacks
Among those identifying breaches and attacks:
- 23% of medium firms and 19% of small businesses lost files or network access
- 12% of medium firms and 9% of smaller firms had software or systems corrupted or damaged
- 10% of both medium and small businesses had their website slowed or taken down
So given the risks, what are business owners doing to protect themselves from cyber attacks?
The positive news is that organizations are increasingly proactive, implementing systems and procedures to safeguard their future.
The research showed:
- 92% of medium companies and 78% of smaller businesses say cyber security is a high priority
- 71% of medium firms and 32% of smaller businesses have cyber security policies in place
It could be for several reasons if you haven’t prioritized cyber security yet.
Perhaps you feel your organization isn’t big enough to be a target. Maybe you don’t have the internal resources to create cyber security strategies. Or possibly you don’t know where to start.
The good news is that no matter the size of your business or your current approach to cyber security, there are easy steps you can take right now to help protect it.
Even if you don’t have your in-house IT expert, you can still get access to cyber protection through an IT support company. A good provider can offer all the tools, resources, and support you need to safeguard your organization.
The important thing is that if you want your business to be successful in today’s digital world, you must protect yourself from cyber criminals.
Here are eight cyber security tips to help protect your business:
1. Policies, Documentation, Training
Would your staff know what to do if they received a phishing email? Are they creating safe passwords? Do they know what information is okay to include in an email?
Cyber security affects everyone in your business, regardless of their level or job role, so it’s essential to document procedures and involve everyone in training.
Creating a company policy to cover all aspects of cyber security means your staff will know exactly what’s expected of them and what to do if things go wrong.
Once you’ve created a cyber security policy, provide regular staff training to keep your teams updated and include the policies in your staff handbook or online staff portal.
If staff leave, ensure their access to systems is removed straightaway and change any passwords they have previously held. This is particularly important if they haven’t parted on good terms.
2. Mobile Devices
Mobile devices have made flexible working so much easier by allowing employees to access email and files, even when away from the office.
But with this increased freedom comes increased risk. Think about what data you want your staff to be able to access outside the office environment and what needs to be more secure.
Consider the risks if devices are lost or stolen. When staff leave, have plans to ensure they can no longer access sensitive data on mobile devices. There is often a blur between personal and work devices, so make sure you know what people have access to.
3. Smart Password Strategies
Many data breaches occur simply due to weak passwords. However, creating strong passwords is one of the most straightforward steps to protect your business.
Implement and document a company password policy to ensure all passwords created within your business are strong and safe.
Current best practices recommend creating complex passwords using a combination of upper- and lowercase letters, numbers, and symbols. Passwords should also be changed every 60 to 90 days.
Sometimes, a password alone might not be enough. You should also consider multi-factor authentication. This means the user must enter a password and complete another action to gain access, such as typing in a code sent to their mobile phone.
4. Robust Backup Processes
Having strong backup processes in place protects you from ransomware attacks. These are when criminals block access to your data and demand a payment before reinstating access.
If you haven’t backed up your files, you might have no choice but to comply with the criminal’s demands.
But backup isn’t just about protecting your business from cyberattacks. By backing up your files in a separate location, you’ll safeguard your data in case of fire or flood.
Remember to create backups for data stored in the cloud and check backups to ensure they are updated correctly.
backups Customer Data
If you handle customers’ data, such as email addresses, telephone numbers or credit card information, you must take steps to protect it.
A breach resulting in customer data theft could forever ruin your organization’s reputation.
In addition to being a best practice, as a business owner, you are legally responsible for protecting customer data.
You should assess your information and take the necessary steps to protect it. This could mean encrypting customer data – or using a third-party payment provider such as PayPal or Google Pay. This way, you’ll never need to store your customers’ payment details. Ensure you understand the laws and have policies and procedures to comply with the latest regulations.
6. Install Anti-Malware Software
Phishing emails can easily lure staff. If they click a link in a malicious email, malware can be installed on the employee’s computer. Once it’s embedded on computers or your network, malware can cause severe disruption to your business.
Anti-malware software will help protect your business even if an employee unwittingly clicks on a dangerous link. Of course, while it makes sense to install anti-malware software, it’s only beneficial when used alongside other cyber security best practices covered in this list.
7. Network Security
It’s essential to protect your networks from attack by preventing unauthorized access.
A firewall is one of the best defenses against cyber criminals. It acts as a barrier between your network and the crooks. Your firewall should inspect all incoming and outgoing traffic to ensure safe interaction with the outside world.
8. Talk to the Experts
While you can do many things yourself, it pays to get professional IT cyber security advice for your small to medium business.
Even without an IT department, an IT support company can provide ongoing support and cyber security best practices to help keep your business safe.
Criminals constantly devise new ways to attack companies, so your cyber security policies should continuously change. We take a proactive approach, alerting you to new risks to keep you one step ahead.
Using an IT support company will save valuable time trying to figure everything out yourself. With our support, you’ll gain the confidence that your business is protected – so no more sleepless nights worrying about cyber crime.
What next?
We hope you’ve found these cyber security tips helpful.
If you’d like to learn more about how we can help protect your business from cyber attacks, email hello@adaptiveis.net or call us.