Cybersecurity: Protect Your Business Data at All Costs
Essential steps to prevent small business security breakdowns
If you own a business, your data is at risk. That’s not hyperbole; it’s the simple truth. From customer credit cards and employee records to accounting software data and order processing information, every sensitive piece of data you store online is at risk of being compromised. If you choose to ignore the risk and suffer a cyberattack, you may find your customers and suppliers headed for the door.
According to the Online Trust Alliance, cyber incidents targeting businesses nearly doubled last year, from 82,000 in 2016 to 159,700 in 2018. The good news is that over 90% of those attacks could have been avoided by regularly updating software and raining employees to recognize phishing attacks.
The two most common types of attacks are:
Viruses, Trojan horses, worms and malware that choose their targets at random and cause havoc by crashing systems, forcing you to spend time and money recovering what you may have lost.
Phishing sites and emails that ask you to pay funds or share customer data or pretend to be an existing customer or supplier.
Start with prevention
The easiest ways to prevent cyberattacks are often overlooked. Start by explaining the risk factors of a breach to employees and by adding cybersecurity training to your onboarding program. It’s not enough to tell employees to manage their social media comments and emails. You also need to:
Communicate company policy on using public Wi-Fi with work laptops or mobile devices.
Never use USB sticks (especially those “left” in public areas).
Make sure employees know to use “https” sites rather than “http” when dealing with important data (the “s” tells you that the connection is secure and encrypted).
Install anti-spam and anti-virus software.
Use password management software that requires you and your employees to regularly change passwords.
Employees will take cybersecurity as seriously as management does. Make it clear to everyone that a cyber breach due to lax security or carelessness is grounds for dismissal.
You can do a lot on your own to secure your data, and it’s worth investigating, but sometimes what you don’t know is the greatest threat in a fast-paced digital environment. It’s worth paying a professional to conduct a quick information technology (IT) audit of your business to identify the greatest risks.
After determining your vulnerabilities, you can:
Design a backup system specific to your business. Be careful to invest only in what’s appropriate.
Create an IT security policy that documents all the aspects that need to be maintained, and have employees sign it.
Set your data to be backed up daily.
Have a dual backup system in place. Your data should be retained in at least two separate systems.
Install anti-virus and anti-malware software
Many small businesses won’t bring in an IT security specialist to safeguard their systems because these experts can be very expensive. To save money on cybersecurity, you can use free security software available on the internet. Research your options carefully, choose one anti-virus program that you trust and stick to it, don’t download multiple virus protection programs, and don’t click ‘ok’ on any downloads or ‘virus checks’ unless they’re from a source you know and trust. PC Magazine reviews some of the best choices in its article “The Best Free Antivirus Protection of 2018.”
Keep your systems current with the latest patches and updates
Updates usually happen automatically because most operating systems are connected to the internet. However, if you receive a notification from a
trusted source letting you know that an update is available, it’s a good idea to agree and allow your system to be updated.
This is also true of any software installed on your computer. For instance, if you use accounting software, you’ll probably need to update it periodically.
Avoid using the same password for everything. It’s worth the effort to remember different passwords for different logins. That way, if one of your passwords is compromised, it won’t affect more than one login.
What to do if your systems are attacked
If you think your IT systems have been compromised, take steps to minimize the damage. Update your systems with the latest security software, run any necessary scans and fixes, change your login information and, if needed, call in the IT experts.
Schedule a staff meeting to discuss cybersecurity. Successfully protecting your systems against cyberattacks requires preparation and planning.
Conduct regular checks of your financial statements, and keep up to date with anti-virus scans and software updates.
Call the Federal Trade Commission (FTC) at 877-438-4338 to report any fraud, or email the FTC at consumer.gov/idtheft.
From payroll to merchant services, you need a banking partner who takes security as seriously as you do. Contact the Umpqua small business team today.