Many business functions, no matter the industry, use the Internet to send packets of communication which adjust inventory levels, charge credit cards, manage personnel profiles and much more. Since we’re in an ultra-connected society and there’s no going back, there are always online threats that we should be aware of including viruses, malware, trojan horses, ransomware, Social Engineering, man in the middle attacks, phishing and more.
According to Verizon’s 2019 Data Breach Investigation Report, 43 percent of breaches targeted the data or processes of small businesses.
Even though the threat of cyber attacks is high than its ever been, cyber security remains an afterthought for too many entrepreneurs and business owners — something they’re only focused on after the damage is done.
Here are a few steps any diligent business owner who wants to ensure their operations run effectively and safely should take to protect their business data and maintain client and customer trust:
1. Offer trainings for employees
Cybersecurity training must be integrated into the training of new employees. Personnel needs to know what to look for in emails (like suspicious file attachments) and how to challenge callers who are asking for personal information on clients or fellow employees over the phone.
2. Hire internal tech support
Your company needs an IT team, or at least one associate who is trained and knowledgeable on business security and best practices. Someone has to make sure anti-virus software is installed and updated, that firewall configuration is correct, and that computers will limit website access to only sites employees will need to conduct their work.
3. Avoid external flash drives
Try to avoid the use of personal USB flash drives on company computers. These devices can be portable transporters of malicious software. Also, be careful of vendors who give out “promotional USB sticks” as there is no way to guarantee that those flash drives are safe.
4. Provide mobile safety for your road warriors
Provide VPNs, laptops, hotspots, and mobile phones for company employees who are traveling — keeping company data on company property. Mobile hotspots and VPNs are essential for travelers and employees who take their company equipment or data out of the office.
5. Watch your surroundings
Keep a lookout for potential eavesdroppers when out and about. Try to avoid using your speakerphone in public. Even consider privacy filters for laptop screens so people sitting nearby can’t look over your shoulder and read your emails, documents or other.
6. Use password managers
Instead of letting employees come up with their passwords, use a password manager (Bitwarden, Dashlane, 1Password) to generate random passwords.
7. Be cautious when using public Wi-Fi
Public Wi-Fi is generally unsecured for ease of access for customers, and because of that, a cybercriminal can hijack the router that provides the signal. With that said, stay away from Public Wi-Fi. As tempting as it is to want to connect to Wi-Fi to save data charges — public Wi-Fi is unsafe at best, dangerous at worst because of potential man in the middle attacks. A man in the middle attack is when data from Point A is intercepted at Point B before arriving at Point C. This data can either be stolen or corrupted so that when it arrives at Point C, it causes harm to the entity at Point C.
To prevent all of the above, instead of looking at cybersecurity as a cost, look at it as an investment. Black small business owners need to be especially mindful of cybersecurity risk. Client information can be stolen, or upcoming marketing campaigns can be taken by a rival because of a faulty cybersecurity policy that can wreck an entire company. You must prioritize and safeguard your infrastructure to prepare your company for success.