Cyber Security threats is a growing concern. After massive security breaches from Equifax, Target, and Yahoo, consumers are concerned and with no way to know how much their data has been breached.
Hackers have a myriad of ways to access your information and the truth is it is almost impossible to stop a dedicated hacker from accessing your information. Below is an infographic about the ways hackers can steal data and aspects of your personal information that you’d never think to protect. Surprisingly enough, things like the pattern of the lights on your server, or heat signatures of your computers, can be giveaways.
A small business owner may believe that their company is too inconsequential to be targeted by hackers, but that belies a general misconception of the way malware functions. Some hackers will send out software to hunt for places where security is weakest. After all, even as a small corporation you may work with a larger one as part of a chain.
For example, It is universally recognized that the Target breach that compromised the Credit/debit card information and/or contact information of up to 110 million people was due to the ability to hack into an HVAC contributor’s softer security. So every aspect of the supply chain needs to be covered.
What are your options as a SMB owner?
Be Prepared: First of all, it’s crucial to have a plan in place in case of a breach and not to wait until the incident has already occured to go into panic mode. The FCC’s Small Business cyber planner is a great resource for planning.
Be Vigilant: Dr. Jane LeClair, Chief Operating Officer, Washington Center for Cybersecurity Research & Development, recommends creating a culture of security at your business by getting guidelines in place regarding aspects of security such as password use. Put these policies into your training materials and ensure they are referenced seriously in onboarding.
People tend toward being lax when it comes to cybersecurity, but there are logistics you can simplify (such as using an established password manager) to make it easier for your employees to follow protocols:
Protect the jewels: Make sure that what Dr. LeClair calls the “Crown Jewels” of your business (the top 5% of essential documents) are as secure as possible on a dedicated PC. This separate PC limits accountability if only the CFO or chief accountant has access to it.
Perform background checks: Though it may feel invasive, it is crucial to know the backgrounds of your employees. You can use trusted online services such as NetDetective or BeenVerified to do this work for you. It is particularly crucial that anyone who works with sensitive data or money is thoroughly vetted. Here are a few things to look out for and some tips for dealing with it.
Employee activity: If you notice someone acting a little off, or hear about someone going through a rough time, pay them some extra attention. It is better for office morale as well as security.
Ensure education: Coordinate regular meetings that give updates to security protocols. Make it a part of your office culture. And include information on common scams or new methods of hacking security that have been in the news.
Talk to your vendors: Your ISP provider for example, should be able to tell you about what security is being set up for your business. Talk to them about what you do and see if they recommend any upgrades. Connect with your bank to learn about cyber protection of your accounts.
- A couple of other ways to secure your network:
- Encourage using unique passwords — one good trick is to use first letter of each word in a long phrase. Something such as, “I met my beautiful wife Angela in New Haven Connecticut in 2002!” would become: ImmbwAiNHCi2002!
- Implement password-activated screen-savers after periods of inactivity.
- Never use public wifi (such as at the airport) when sending secure information.
- Use a firewall or UTM device.
- Get insurance for potential cyber damages.
Following all these best practices are like locking your door at night. Obviously well heeled criminals could break in if they wanted to, but you still want to lock the deadbolt and make sure the windows are shut.