Friday, September 27, 2013

Cyber Security Strategies for Small Business

Many small businesses have avoided dealing with securing their networks as it can be a costly proposition. Additionally, many small business owners feel that cyber security is a problem that large financial corporations, big businesses and government have to deal with. Take a look at the infographic below to see just how little small business thinks of cyber security.



  • 77% of small businesses believe that their company is safe from being hacked or infiltrated with by a virus
  • 66% of those surveyed just aren't concerned, either by an external or internal threat
  • Nearly half of those surveyed believe that a data breach would have no impact

The reality though is that small businesses are as big of a target, if not bigger, due to their lack of network security. Recent research shoes that nearly 80% of breaches occur in companies of less than 1000 employees. And, of those, 93% have less than 100 employees. Furthermore, nearly 60% of small businesses close within 6 months after a cyber attack. And the threat will continue to get worse for small businesses for the following reasons:

  • The disconnect that many small businesses have of the perceived threat versus the reality. This has led to a hacker's paradise of networks that are easy to access with worthwhile payoffs.
  • Coming up a cyber security strategy that includes a formal Internet security policy, contingency plans and best practices tends to be a complex issue that can leave small business owners feeling overwhelmed with what steps they need to take.


Precautions Your Small Business Should Take 
Cyber security doesn't have to be complicated. There are several steps that your small business can take to help limit your exposure to vulnerabilities.
1.   Train employees in security principles
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.
2.   Have and update anti-virus and spyware software Having anti-virus and spyware software running can help with keeping your computers free viruses, malware, and other online threats. You should also make sure to update your programs as soon as their available. Make sure to run a scan at least once a week to ensure your machines are clean.
3.   Update your applications
Your anti-virus and spyware software aren't the only programs that need to be updated. Applications like Adobe's Acrobat Reader, web browsers and other software should be updated when patches are available. 

You can download a nifty application called Secunia PSI, which can help keep track of your applications and when they need to be patched, by notifying you when an update is available and directing you to the appropriate website to download the necessary files.

4.   Passwords
Make sure that your employees use unique passwords that use alternate capitalization, numbers, special characters and are a minimum of 8 characters. You should also require that passwords get changed every 90 days.

If you're handing sensitive data, such as financial information or other personal data, you may want to consider implementing a multi-factor authentication system that requires the user to input additional information, aside from a password, to gain entry.

For small businesses that rely on the Internet and information technology, it can be a balancing act of securing your systems while not having to overextend themselves as “a penny saved is a penny earned”. However, knowing that cyber crime is a very real possibility since small businesses are perceived as soft targets should motivate you to beef up your security. The above strategies are affordable and fairly simple to implement - by doing so, you can prevent having a major headache down the road.




No comments:

Post a Comment

ShareThis