Sign up for our newsletter

Get the latest business news, helpful articles, and useful tips to help your business thrive.

* Required

Five ways to boost cyber security and protect your business

If you think online criminals only target big companies, think again. Hackers increasingly target small and mid-sized businesses, since they are the most vulnerable targets. According to the 2014 Symantec Internet Security Threat Report, 71 percent of all cyberattacks were made on small and mid-sized companies — and the number and sophistication of attacks are growing daily.

When cyberattacks occur, the costs can quickly add up. The average cost of an attack on a small company is more than $30,000, according to the Ponemon Institute 2011 Cost of Data Breach Study. That doesn’t include the hard-to-quantify potential costs of damaged or lost customer relationships.

Use these tips to help safeguard your business:

1. Use antivirus software

Your first line of defense should be antivirus software, which works to protect your business from multiple kinds of online threats. It usually pays to invest in business-grade antivirus software, which protects multiple devices — including smartphones, which are increasingly targeted by hackers. Whatever solution you get, be sure it is set up to update automatically, so that you always have protection against threats as they develop and evolve.

2. Use strong passwords

One of the ways hackers get into a system is through easy-to-guess passwords such as birthdays or the names of family, friends or pets. As a result, one of the standard ways to keep your data safe is to use strong, or difficult to guess, passwords. Likewise put rules in place to ensure that your team uses complex passwords — at least eight characters, with a mix of upper and lower case letters, numbers and symbols — for all relevant sites and applications. Password rules in your company should also dictate that people use different passwords for each site and not keep them written down anywhere that is easy to access. There are numerous sites and apps that can help you generate random passwords that are hard to crack.

3. Network your devices

If your team uses stand-alone devices that are not connected by a network, hackers can potentially penetrate your system easily through any one of them. A network can be a more secure alternative, since networks can possess a firewall — a combination of hardware and software that prevents unauthorized access to any connected device. A firewall examines all traffic passing through it and allows only approved messages in and out. It can also enable your team to access your network remotely, so they can remain productive when they are working off-site.

4. Protect mobile devices

Employees are increasingly bringing their own mobile devices, such as smartphones, tablets and laptops, to work. This trend, called “Bring Your Own Device” or BYOD, can quickly create vulnerabilities for your business — since as mobile devices proliferate, so does larceny. According to Consumer Reports, 3.1 million smartphones were stolen in 2013, almost double the number stolen in 2012.

To keep business data secure on a stolen smartphone, ensure that all of your employees use a passcode. Request that employees enable other features, including: remote lock feature, which shuts down a device after it is not used for a certain period of time; “find my phone;” and “wipe my phone.”

Also be sure your employees know that smartphones are not immune to malware. Scammers use text or SMS phishing, aka “smishing,” to target people through legitimate-seeming text messages and fool them into downloading infected files.

5. Be alert

Scammers can create emails that look exactly like they came from your bank. They may look like an urgent notice and include a link that looks like it goes to your bank’s website. If you enter your account information, scammers can use it to access your bank account and transfer funds before you know anything has happened.

A related approach to these “phishing” emails is an email with a link or an attachment that launches malicious software or “malware” when it is clicked on. Be sure your employees are aware of these kinds of emails. Ask them not to submit any information to a site unless they are certain it is legitimate and not to click on anything in or attached to an email that is vague or suspicious.

Also be alert for any unusual activity in any of your financial accounts. Sophisticated hackers sometimes move slowly. Always check that your credit and debit card transactions, checking account entries, wire transfers, ACH activity and online bill payments are correct. If you notice anything unusual, freeze the affected account and work with your account provider to resolve the problem.

​​ ​
The information contained herein may not represent the views and opinions of California Bank & Trust, a division of ZB, N.A. or its affiliates. It is presented for general informational purposes only and does not constitute tax, legal or business advice.
The CB&T Bank Blog website may contain links to third-party websites not affiliated with California Bank & Trust, a division of ZB, N.A. and may have a different privacy policy and level of security. California Bank & Trust, a division of ZB, N.A. is not responsible for, and do not endorse or guarantee, the privacy policy, security, accuracy or performance of the third-party's website or the information, products or services that are expressed or offered on that website.