Five ways to boost cyber security and protect your business
If you think online criminals only target big companies, think again. Hackers increasingly target small and mid-sized businesses, since they are the most vulnerable targets. According to the 2014 Symantec Internet Security Threat Report, 71 percent of all cyberattacks were made on small and mid-sized companies — and the number and sophistication of attacks are growing daily.
When cyberattacks occur, the costs can quickly add up. The average cost of an attack on a small company is more than $30,000, according to the Ponemon Institute 2011 Cost of Data Breach Study. That doesn’t include the hard-to-quantify potential costs of damaged or lost customer relationships.
Use these tips to help safeguard your business:
1. Use antivirus software
Your first line of defense should be antivirus software, which works to protect your business from multiple kinds of online threats. It usually pays to invest in business-grade antivirus software, which protects multiple devices — including smartphones, which are increasingly targeted by hackers. Whatever solution you get, be sure it is set up to update automatically, so that you always have protection against threats as they develop and evolve.
2. Use strong passwords
One of the ways hackers get into a system is through easy-to-guess passwords such as birthdays or the names of family, friends or pets. As a result, one of the standard ways to keep your data safe is to use strong, or difficult to guess, passwords. Likewise put rules in place to ensure that your team uses complex passwords — at least eight characters, with a mix of upper and lower case letters, numbers and symbols — for all relevant sites and applications. Password rules in your company should also dictate that people use different passwords for each site and not keep them written down anywhere that is easy to access. There are numerous sites and apps that can help you generate random passwords that are hard to crack.
3. Network your devices
If your team uses stand-alone devices that are not connected by a network, hackers can potentially penetrate your system easily through any one of them. A network can be a more secure alternative, since networks can possess a firewall — a combination of hardware and software that prevents unauthorized access to any connected device. A firewall examines all traffic passing through it and allows only approved messages in and out. It can also enable your team to access your network remotely, so they can remain productive when they are working off-site.
4. Protect mobile devices
Employees are increasingly bringing their own mobile devices, such as smartphones, tablets and laptops, to work. This trend, called “Bring Your Own Device” or BYOD, can quickly create vulnerabilities for your business — since as mobile devices proliferate, so does larceny. According to Consumer Reports, 3.1 million smartphones were stolen in 2013, almost double the number stolen in 2012.
To keep business data secure on a stolen smartphone, ensure that all of your employees use a passcode. Request that employees enable other features, including: remote lock feature, which shuts down a device after it is not used for a certain period of time; “find my phone;” and “wipe my phone.”
Also be sure your employees know that smartphones are not immune to malware. Scammers use text or SMS phishing, aka “smishing,” to target people through legitimate-seeming text messages and fool them into downloading infected files.
5. Be alert
Scammers can create emails that look exactly like they came from your bank. They may look like an urgent notice and include a link that looks like it goes to your bank’s website. If you enter your account information, scammers can use it to access your bank account and transfer funds before you know anything has happened.
A related approach to these “phishing” emails is an email with a link or an attachment that launches malicious software or “malware” when it is clicked on. Be sure your employees are aware of these kinds of emails. Ask them not to submit any information to a site unless they are certain it is legitimate and not to click on anything in or attached to an email that is vague or suspicious.
Also be alert for any unusual activity in any of your financial accounts. Sophisticated hackers sometimes move slowly. Always check that your credit and debit card transactions, checking account entries, wire transfers, ACH activity and online bill payments are correct. If you notice anything unusual, freeze the affected account and work with your account provider to resolve the problem.