5 Essential Cybersecurity Steps for Small Business
2020 is the time to get serious about cybersecurity. The statistics alone speak volumes. According to CNBC, while 43% of online attacks are aimed at small businesses, only 14% of those businesses are adequately prepared to defend themselves.
We rely on an increasing amount of technology as part of our day-to-day life, from cloud-based data storage to mobile interactions. Unfortunately, it means that there are more opportunities than ever before for a potential attacker to find an opening.
Many small businesses are under the misconception that because they’re small, they don’t have anything worth stealing. The truth is that between login credentials that might be useful for getting into other accounts, personal information about your customers or employees, and your payroll, there is already a lot of value for any would-be attacker (without even getting into the specifics of your industry).
Sixty percent of small businesses fold within six months of a cyberattack, and you don’t want to be another statistic. That’s why getting serious about cybersecurity is so vital going into the new year.
1. Use Industry Best Practices for Passwords
Eighty percent of hacking-related data breaches involve compromised or weak credentials. On top of that, 29% of all breaches, regardless of the attack type used, involve the use of stolen credentials.
Even if you think your business is following best practices for password strength and the frequency with which you update them, a chain is only as strong as its weakest link. If you’re not taking steps to make sure your team follows suit and actually understands what’s at risk, you may be in for a nasty surprise.
Making sure that your users know and follow industry best practices for passwords is step number one for any small business concerned with cybersecurity. That means a different password for every site and application; long, random combinations of letters, numbers, and symbols; and multi-word passphrases.
Remembering all of your passwords and sharing accounts among all the people on your team who need to use them can create some challenges, which is why a password manager like LastPass or 1Password is critical in a small business environment where people are already wearing several hats. The last thing you want is the proverbial sticky note in a desk drawer or on a computer monitor keeping everything straight.
2. Commit to a Patching and Update Schedule
Another frequent source of vulnerabilities for businesses large and small comes in the form of unpatched devices. As the Internet of Things (IoT) becomes more and more a part of our everyday life, an increasing number of devices, from our printers to our watches, are connected to our business networks. That means more points of potential entry for an attacker, particularly if a zero-day exploit emerges but goes unpatched.
The fix here is to commit to regular patching and update, so you know that every device connected to your network is up to snuff. It can be a sizeable addition to your IT staff’s workload, so considering something like managed IT services (where you can hand off updates and day-to-day network administration to a third party) can free up resources for focusing on the bigger problems, like how to incorporate tech more effectively into your business.
3. Improve Your Cybersecurity Training
When it comes to cybersecurity, “what you don’t know can’t hurt you” couldn’t be further from the truth. With the increasing popularity of spearphishing and other attacks that rely on fooling the humans behind the technology we rely on, it’s never been more important to take the time to make sure everyone can recognize a suspicious email when they see it.
Creating a security system that is completely impervious to human engineering techniques might be close to impossible, but helping people know what to look for and what to do about it can greatly reduce your chances of getting caught out. When the average data breach costs a small business around $200,000, it’s worth it to take the time to train your employees to be part of the solution and not part of the problem.
4. Used a Managed IT Services Provider
Keeping everything on your network up-to-date, secure, and working properly is a tall order for any small business’ IT department. With a managed IT service provider, you can hire a team of experts who specialize in network security, giving you the resources you need to fight back without breaking the bank. You get support for everything from network connectivity to device updates, along with 24/7 network monitoring and threat detection, which give you a chance to respond to whatever comes your way.
Working with a managed IT services provider also means that you can free up your internal IT resources to focus on what they do best—helping you use technology to gain a competitive edge. Your IT team can shift their thinking from reacting to whatever problems pop up to a more proactive mindset, looking for opportunities to transform your core business processes and score some big wins.
5. Take Action Now
With more and more attacks leveled at small businesses, cybersecurity has come to the forefront in 2020. A single data breach can put your business out of commission, so it’s vitally important to take steps now to make sure that doesn’t happen. The important thing to remember is that cybersecurity doesn’t happen in isolation—you need your entire team to understand what’s at stake and what they can do about it to succeed.
- Use industry best practices for passwords to make sure you’re not an easy target.
- Commit to a device patching and upgrading schedule, or get help.
- Improve your cybersecurity training to make sure your team is up-to-date.
- Consider getting help from a managed IT services provider.
- The Keys to a Successful Small Business Saturday in 2020 - November 4, 2020
- How to Reopen Your Business After a Shutdown – Four Important Steps - July 14, 2020
- 8 Best Practices and Technology Tips for Remote Employees - March 30, 2020