The global cyber attack in May 2017 using WannaCry ransomware to hold computer networks for ransom has raised awareness of the prevalence of cyber crime. But while hacks on big businesses and government organizations are the ones that make the news, small businesses are equally at risk, if not more so. Last year, more than half (55 percent) of companies in a survey by the Ponemon Institute reported having experienced a cyber attack in the previous 12 months.
Although many small business owners are aware of the threat of cyber crime, just one-third of those in the survey say they have adequate technology in place to defeat most cyber attacks. What can you do to keep your small business safe? Start by following these five cyber security tips.
- Educate your employees. It doesn't matter how good your cyber security is if your employees don't follow security rules. Social engineering, or hacking into a business’s computers by tricking its employees, is on the rise. Create a cyber security policy and train your employees in how to protect themselves. Require strong passwords and have employees change their passwords every three months. You may also want to consider multifactor authentication or biometric authentication, such as using fingerprints.
- Choose a reliable website host. Do your due diligence before choosing a website host to make sure the company has a reputation for security. Once you know your site is secure, advertise that fact. A secure sockets layer (SSL) Certificate provides site encryption and privacy for your website visitors, while serving as a sign to website users that your site is secure and trustworthy.
- Be careful with the cloud. You're probably using cloud-based storage and/or apps for your business. While this has many advantages, it also has some risks. For example, more than four in 10 respondents in the Ponemon survey have suffered data breaches as a result of third parties with access to their cloud apps. Limit who can access your data and apps in the cloud, being especially careful with freelancers, contractors and vendors.
- Exercise caution out of the office. You and your employees undoubtedly work in coffee shops, airport lounges or other public places at least some of the time. However, this puts your data and devices at greater risk of theft. To protect your business, never use public networks to access business data on the go; set up a VPN (virtual private network) instead. Use privacy screens on laptops and devices to prevent spying, and keep computers and mobile devices close when on the road.
- Monitor mobile devices. Mobile devices can be an easy entry point for cyber criminals if you use them to access your business data and networks. Ideally, you should issue employees mobile devices for work – that way, you can control how they are used and install device management software to monitor them. Realistically, however, most small businesses let employees use their personal devices for work. If so, ask employees to use two-factor authentication, biometric authentication or secure passwords for any personal devices used to access business networks or apps.
Cyber criminals will undoubtedly continue to concoct new and devious ways to attack businesses. By being vigilant and following some simple precautions, however, you can greatly decrease your chance of falling victim to their tricks.