The holidays should be a time of much excitement for small businesses. Shoppers are eager to spend money and frequent physical and online stores to take advantage of holiday deals, and small business are more than eager to see the increase in sales. But with all that excitement comes a lot of trepidation on the part of business owners. The recent stories of major security breaches at large companies like Home Depot and Target are more than enough reason to be concerned. Those breaches may, incidentally, be good news for businesses and their IT teams. According to a survey from Web.com, about 65 percent of shoppers are more likely to shop online at a small business than a major retailer. The main concern is how well companies can protect consumer information, and right now, consumer confidence in large companies is low. This is golden opportunity for small businesses, which is all the more reason for them to work on improving their own security.
While the data breaches at major corporations might make the headlines, small business owners shouldn’t think they’re immune from such attacks. Big companies may have larger assets, but cyber attackers know that small businesses simply don’t have the same resources to protect their systems. This is especially true during the holiday shopping season, when businesses have to stretch even further to accommodate increased demand. All these factors contribute into making businesses a tempting target for hackers looking for an easy theft. Improving security is just one more thing for small businesses to worry about, but that doesn’t make it an impossible task. A number of simple solutions can help these businesses deal with the security challenges that always arise during the holidays.
One of the main points of focus for every small business should always be improving network security. Every network will have certain vulnerabilities, and it’s up to each small business to figure out what those vulnerabilities are and work to shore them up. Many of the basic security measures, like virus and malware protection, are good places to start, but conducting a vulnerabilities scan will enable companies to identify other points in the network that need added attention. Small businesses should also take the time to educate and inform their employees about the ways cyber attacks happen. This training can not only help workers identify when attacks might happen or what to watch out for, it can also help them avoid behaviors that may lead to increased security risks. With the proliferation of BYOD in the workplace, this step is more crucial now than ever.
In addition to stepping up network security, small businesses should also take a look at their point-of-sale (POS) system. This mainly concerns customers who make in-store purchases, since the POS system is a physical terminal where data is transferred. The data in question is usually credit card information, and while the terminal can potentially be compromised, businesses should be more worried about hackers gaining backdoor access to the system. This not only makes it easier for them to hide their presence, but it allows them to take more time stealing credit card numbers and other financial data. Small businesses can guard against this type of attack by running application scans or requesting those scans from the POS vendor. Companies should also look for unusual requests as they may be signs of hackers attempting to gain access to the system.
While related to the other points, data security deserves its own special consideration. Most companies will go to great lengths to encrypt data, but small businesses should go the extra mile in making sure data is encrypted not just when at-rest but while in-transit. Data in-transit might actually be more vulnerable to leaks and attacks, so ensuring it is protected during transmission is of considerable importance. Beyond data encryption, small businesses can protect their data by closely monitoring who has access to what information. Managing the authorization for employees requires workers to receive appropriate training, especially since many new workers will be added for the holidays. Access to the most sensitive data should be as restrictive as needed as well.
The holidays may be full of cheer and excitement, but small businesses should also be more vigilant than ever. The threat of cyber attacks is still very real, and smaller companies need to be ready to deal with these threats and protect their valuable assets with the right security. With the right preparation, they’ll be able to handle the holiday rush and ensure their customer information is kept safe and secure.