Some small businesses might think it’s reasonable to assume that hackers and data thieves only go after large targets. Of course these same criminals are well aware of this assumption, which is precisely why they know small businesses are often ripe for exploitation. According to CNBC, in 2019 small businesses were the targets of 43% of all cyberattacks, and more than half of them suffered some type of breach within the previous 12-month period.
Thankfully, there are some basic strategies that small businesses can employ to help them reduce their risk of ever having to experience a cyber attack.
Using a strong password is such a simple way to discourage hackers, yet many people still avoid using them. Employers can enforce the use of strong passwords by requiring their systems to only accept passwords that consist of a combination of letters, special characters and/or numbers, and are at least 8 characters long. For even better protection, enforcing the use of two-factor authentication provides another layer of security as it requires those attempting to log in to identify themselves by entering a code sent to their phone or email.
Secure the Corporate Wi-Fi
Businesses should always secure their Wi-Fi signal by requiring users to enter a password before gaining access. Leaving a Wi-Fi signal unsecured is simply another point of entry that leaves corporate software and data at risk for exploitation.
Employees should only have access to data and software on a need-to-know basis. Access to confidential information should be password protected and access to certain software applications should only be given to those required to use the software. Needless to say, a company should protect access to their network, requiring users to identify themselves before allowing access.
Encrypt Confidential Information
Some employees must use portable and removable media as part of their job responsibilities. Especially when working with confidential data, it’s important for companies to ensure that portable data is encrypted to prevent unauthorized access in the event the media becomes lost or is stolen.
Disaster Recovery Planning
Companies should ask themselves if they are fully prepared if a long term power outage should occur, or worse, an event such as a fire, flood, or some other type of natural disaster. If the answer is negative, they are overdue to get serious about developing a disaster recovery plan. Even small businesses are very dependent upon their hardware, software applications, and corporate data to conduct their daily business operations. Preparing a disaster recovery plan in advance means a company will be able to easily replace vital technology if a catastrophic event should occur.
Applying Updates/Performing Backups
Applying the latest software and hardware updates and patches will allow companies to avoid malware and viruses that hackers often attach to outdated systems. In addition, performing regular backups and making sure they can be easily restored is vital to ensure that a company’s data is secure and readily available.
Most business owners clearly understand their ability to successfully conduct daily operations is very dependent upon having accurate and secure data to work with. However, sometimes employees may only consider how inconvenient certain security measures may make their daily tasks more challenging. Using a password of “1234” for every application they log into is convenient since it’s very easy to remember, but weak passwords also leave business owners vulnerable to exploitation. This is where training employees on the “why” of security measures is so important. Employers can also train their employees to spot potential issues such as a suspicious email or an unsecured web page asking for confidential information.
Companies should not feel discouraged if they find that safely and securely supporting their IT infrastructure is challenging. These types of challenges are precisely why Bluwater Technologies can help.
If you would like more information on how we can provide the technological support and security you need, please contact us.