If you feel like your small business is immune from cyber attacks simply because it isn’t a large corporation, think again. While small businesses may not have the same finances as bigger ones, they still make tempting targets for determined hackers. According to a recent report from Symantec, small businesses were the victims of roughly 31% of all targeted cyber attacks in 2012. Many hackers view small businesses as relatively easy targets due to their general lack of resources. Compounding the problem is the fact that many small businesses don’t view themselves as vulnerable. Another study shows that up to 83% of small businesses have not implemented a formal plan addressing cyber security. There’s a general lack of preparedness among small businesses, so here’s five tips that can help your organization prevent a cyber attack.
Use Strong Passwords
If there’s one area hackers look for vulnerabilities, it’s in the passwords small businesses use. Research shows that around 80% of all cyber attacks involve exploiting weak passwords, something that is quite easy for hackers to accomplish. With the right hardware, a hacker can run hundreds of billions of different password combinations every minute. For that reason, small businesses need to use strong passwords to protect their accounts. Strong passwords usually include eight or more characters using capital letters, symbols, and numbers. It’s also important for employees to use different passwords for each login they have. If one password were to be stolen, the other accounts would still be protected. Employees should also make sure not to use common words or phrases that can easily be guessed. If keeping track of all these different passwords is difficult, small businesses can always use a helpful password manager.
2. Know Who Has Access
Most small businesses will have numerous systems, programs, and applications as part of their operations, but only certain employees need access to certain areas. That’s why every small business leader need to control access, maintaining a firm knowledge of who has been given access to which system or server. By controlling this access, small business leaders will be able to spot when there are irregularities and identify when someone without authorization is in the system. They also need to keep their access files up to date as employees come and go inside the organization.
3. Do a Security Audit
It’s difficult to protect an entire system when you don’t know where the weak points are. By conducting a security audit, small businesses can identify those areas that are the most vulnerable to hacking attempts. This often requires working with a professional service, since most small businesses won’t have the resources to conduct a proper audit. Security audits usually cover the entire IT infrastructure, focusing on computers and network security, while also placing emphasis on mobile devices due to the rise in bring your own device (BYOD) policies. After conducting a security audit, your small business will be able to focus on the areas in need of the most attention.
Too often, small businesses will leave their data at rest unprotected. This is just inviting hackers to infiltrate and steal it. An even bigger problem is when a device like a laptop or USB drive with sensitive information is stolen. To prevent this theft and tampering, small businesses should make sure to encrypt their data. This renders the information essentially useless to hackers, even if they’re able to get into the business network. Most encryption is generally easy to implement, with many operating systems providing full-disk encryption that’s just a few clicks away.
5.Avoid Phishing Attacks
Phishing attacks are some of the most common attacks hackers use to steal company data. They usually come in the form of emails sent to employees, luring them to click on links that send them to websites that automatically download malware. To avoid these attacks, business leaders and employees need to be taught to identify suspicious emails and to never click on short links, which may hide the real address of a harmful website. Many of the security tips previously mentioned can also protect your systems if an employee becomes a victim of a phishing attack.
This is by no means a comprehensive list of security tips. There are many other ways to protect your small business, from using secured WiFi networks to using antivirus software to regularly backing up your most important data. The five tips presented here are a good place to start to make sure your business won’t become a victim of hackers. As you get more experience with security, you’ll be able to add more strategies to protect your most valuable data.