Small business security breaches are becoming increasingly common – at a steep cost to unsuspecting business owners. One article sites that 61% of all breaches last year hit small businesses, up from the previous year’s 53%.
Implications of a breach:
- 60% of small businesses fail within 6 months of a cyberattack, from Champlain College
- $89,000 - $158,000 cost per attack or breach (approximately), from The Guardian
Despite these scary stats, 9 out of 10 small businesses reported that they don’t use any data protection for company and customer information.
How can you get your small business security practices cleaned up?
Create an employee-training plan.
- Establish basic security practices and guidelines for employees, such as requiring strong passwords and establishing appropriate Internet use examples.
- Review real-life case studies with your employees about what happens when online and digital security practices are ignored.
- Remind them of the type of business information that is considered secure or classified, what should or shouldn’t be downloaded online and how to spot fraudulent emails.
Keep your devices up-to-date.
Are your machines clean? Do they have the latest security software, web browser or operating systems? Installing the latest versions of these programs may be time consuming, but developers are constantly issuing updates with the latest security features. However, the most recent protections only work if you choose to use them.
If you're not updating your equipment, then you're leaving yourself vulnerable.
Audit employee access.
Put together an information access audit plan and create a recurring reminder to review it every few months.
For example, your audit plan might want to include reviewing which employees have access to these areas:
- Website and social media privileges
- Bank account signors
- Network login access
- Physical access to storefront or back-office via a key or bridge
- Credit cards under the business name
Provide firewall security for your Internet connection.
A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure your operating system’s firewall is enabled. If employees work from home, ensure that their home system(s) are protected by a firewall.
Secure your Wi-Fi networks.
If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Be sure to password-protect access to the router.
Do your research.
Technology may not be everyone’s forte or interest, but it’s a part of today’s business environment. Protection steps will vary depending on the industry and business size.
For more information about practical steps you can take, check out these helpful articles: