Anyone who has ever owned his or her own business knows it is a rewarding but challenging endeavor. The to-do list is never-ending. Whether you are thinking about starting a business, in the process of launching one, or are a seasoned SMB veteran, one item that should always be on the top of your to-do list is SECURITY.
As many as 40 percent of SMBs experienced a security breach in 2012 alone. And that number continues to grow in 2013. Cyber security should be a priority for any small business because, by the time a breach is discovered, it’s already too late.
What should you do to protect your business?
Even if you have yet to formally launch your business, your intellectual property (ideas) is still valuable to cyber criminals. If left unprotected, your million-dollar concept could be stolen and sold to the highest bidder.
Not only are your ideas valuable, but so is the money with which you plan to start your business. The devices you use to make credit card payments, transfer money, and access or manage your financial information (online banking, for example) are targeted by cybercriminals seeking to steal your financial information.
Keeping your ideas, intellectual property and financial information safe is critical to your survival as an entrepreneur. You can make tremendous improvements in your cyber safety by adding (and checking off) the following security to-dos on your to-do list:
- Secure all devices: Mobile phones are quickly becoming attractive targets for cyber criminals. Additionally, all laptops, desktops, and tablets need to be secured with updated security software, including antivirus, email, AND web security software.
- Avoid “free” Wi-Fi networks: It’s tempting to use the free Wi-Fi at the coffee shop around the corner, but it is simply too risky. Public Wi-Fi hotspots are the easiest target to eavesdrop or wiretap Internet connections. The majority of these free hotspots transmit data in the clear (unencrypted). If you travel frequently, or simply like free Wi-Fi, use them securely. Specifically: use a VPN; make sure your antivirus software is up-to-date; encrypt any and all sensitive data on your hard drive (or better yet, remove it); disable printer and file sharing; install or ensure your desktop firewall software is active; only visit https sites (the ‘s’ designates data transmitted from these sites is encrypted); ensure all folders containing sensitive data are private.
- Educate yourself: Knowing how to spot fake, hijacked or infected websites, suspicious emails and when not to click on infected links could be the deciding factor in the success of your future business. Understanding what type of information cybercriminals look for and the techniques they use to steal it will help you determine the type and amount of security you need to protect yourself and your business. No single security product can offer 100 percent protection since each is designed to detect threats specific to a single area of technology, such as Web, email, or endpoint (device), versus being a comprehensive solution across all three channels. This is crucial since all three are vulnerable to threats and require a layered security solution (suite) to ensure complete protection.
- Use complex, strong passwords for your online accounts and create a unique password for any site/account that requires or stores sensitive, personally-identifiable information: More than 61 percent of people reuse the same password on multiple websites. Always change vendor-supplied default passwords. These passwords and settings are easily found via public information – well known by the cybercriminal underworld. Don’t fall victim by making it easy for cybercriminals to gain access to your entire device, financial accounts, personal and/or business data. And whatever you do, do NOT use any of the following well-known passwords:
The ranking for worst passwords of 2012:
Although small business cybercrime doesn’t make the headlines very often, the impact on small business owners can be devastating. As many as 77 percent of small businesses believe their company is safe from a cyber-attack; in contrast, 87 percent do not have an existing security policy in place.
As your company starts to grow, security should continue to be a priority. The impact from an attack can be devastating, including costs from business downtime to lost data, compromised customer records and possible regulatory fines. By adding the following security precautions to your to-do list, you can avoid the time, money and headache of dealing with malware and viruses, or worse, a potential data breach.
- Secure all employees’ devices: Bring your own device (BYOD) policies continue to grow in popularity, and while you can control the data employees access while on-site, you cannot control who uses that device once it leaves the company premises. Business owners should make sure all employee devices, company-owned or personal, are fully protected. This includes not only deploying an endpoint (device) security solution, but also educating employees about the latest cybercrime trends, the data cybercriminals are looking for and what measures employees can take to shield themselves from a potential breach.
- Deploy a BYOD policy: Whether your company has 10 or 100 employees, all employees should be trained annually on company security policies. If you don’t have one, take the time to create one. There are many comprehensive online resources available to help you in this process. It is also essential that your staff is fully trained on the importance of maintaining good cyber hygiene, such as deleting or destroying old files; encrypting sensitive information before sending outside the company; avoiding public Wi-Fi hotspots, etc.
- Secure network access: Protecting your mobile and remote workers by using a VPN solution that includes two-factor authentication (e.g. one-time password), will ensure no one can penetrate your network or access your email system and database records.
Today’s cyber world has become more complex, more digitized and more global than ever before. As cyber threats continue to evolve, so too should your security. Make sure to revisit your security checklist on an annual basis to ensure your company is safeguarded against potential attacks. After all, creating a secure work environment is neither complicated nor costly. Many security solutions available as either traditional on-premise software or offered via the cloud combine endpoint (device), email and Web, into a single solution and are priced as low as $1 per month. You’ve worked hard to own your own business and it’s worth protecting.