Hackers always seek vulnerable targets and have found a big one in small businesses. More likely to have weak online security, less likely to use cloud services without encryption technology and no full-time IT support, small businesses are easy pickings for cyber breaches.
Symantec, an online security company, publishes an annual Internet Security Threat Report. The 2014 report highlights include:
- 91% increase in targeted attacks campaigns in 2013
- 62% increase in the number of breaches in 2013
- Over 552 million identities were exposed via breaches in 2013
- 23 zero-day vulnerabilities discovered
- 38% of mobile users have experienced mobile cybercrime in past 12 months
- Spam volume dropped to 66% of all email traffic
- 1 in 392 emails contain a phishing attacks
- Web-based attacks are up 23%
- 1 in 8 legitimate websites have a critical vulnerability
Here are 9 cyber security tips for small business owners:
- Use the FCC’s Small Biz Cyber Planner to create a cyber security plan
The Small Biz Cyber Planner is valuable for businesses that lack the resources to hire a dedicated staff member to protect themselves from cyber threats. The tool walks users through a series of questions to determine which cyber security strategies should be included in the planning guide, and generates a customized PDF that serves as a cyber-security strategy template.
- Establish cyber security rules for your employees
Establish rules of behavior describing how to handle and protect personally identifiable information. Clearly detail the penalties for violating cyber security policies.
- Protect against viruses, spyware, and other malicious code
Install, use and regularly update antivirus and antispyware software on every computer used in your business. Such software is readily available online from a variety of vendors.
- Educate employees about safe social media practices
Depending on what your business does, employees might be introducing competitors to sensitive details about your firm’s internal business. Employees should be taught how to post online in a way that does not reveal any trade secrets to the public or competing businesses. This type of safe social networking can help avoid serious risks to your business.
- Manage and assess risk
Ask yourself, “What do we have to protect? And, what would impact our business the most?” Cyber-criminals often use lesser-protected small businesses as a bridge to attack larger firms with which they have a relationship. This can make unprepared small firms a less attractive business partner in the future, blocking potentially lucrative business deals.
- Download and install software updates when they are available
All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install such updates automatically.
- Make backup copies of important business data and information
Regularly backup the data on every computer used in your business. Critical data includes word processing documents, spreadsheets, databases, financial files, human resources files and accounts receivable/payable files. Backup data automatically if possible, or at least weekly.
- Control physical access to computers and network components
Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft, so make sure they are stored and locked up when unattended.
- Secure and hide your Wi-Fi network
If you have a Wi-Fi network for your home business make sure it is secure and hidden. To hide your Wi-Fi network, configure your wireless access point or router so that it does not broadcast the network name, known as the Service Set Identifier (SSID). In addition, make sure that passwords are required for access. It is also critical to change the administrative password that was on the device when it was first purchased.
The threat of cyber hacking, underscored by the credit card breach at Target, is now so great that US businesses are buying insurance coverage against the expense of being hacked or losing sensitive customer information. A decade since it was first introduced, cyber insurance has graduated from a splurge to a necessity propelled by a series of high-profile data breaches that have cost companies many millions of dollars.
If you have questions about Cyber Breach insurance we welcome your call.