Many small businesses have avoided dealing with
securing their networks as it can be a costly proposition. Additionally, many
small business owners feel that cyber security is a problem that large
financial corporations, big businesses and government have to deal with. Take a
look at the infographic below to see just how little small business thinks of
cyber security.
- 77% of small businesses believe
that their company is safe from being hacked or infiltrated with by a
virus
- 66% of those surveyed just aren't
concerned, either by an external or internal threat
- Nearly half of those surveyed
believe that a data breach would have no impact
The reality though is that small businesses are
as big of a target, if not bigger, due to their lack of network security.
Recent research shoes that nearly 80% of breaches occur in companies of less
than 1000 employees. And, of those, 93% have less than 100 employees.
Furthermore, nearly 60% of small businesses close within 6 months after a cyber
attack. And the threat will continue to get worse for small businesses for the
following reasons:
- The disconnect that many small businesses have of the perceived threat versus the reality. This has led to a hacker's paradise of networks that are easy to access with worthwhile payoffs.
- Coming up a cyber security strategy that includes a formal Internet security policy, contingency plans and best practices tends to be a complex issue that can leave small business owners feeling overwhelmed with what steps they need to take.
Precautions Your Small Business Should Take
Cyber security doesn't have
to be complicated. There are several steps that your small business can take to
help limit your exposure to vulnerabilities.
1. Train
employees in security principles
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.
2. Have and
update anti-virus and spyware software Having anti-virus and spyware software running
can help with keeping your computers free viruses, malware, and other online
threats. You should also make sure to update your programs as soon as their
available. Make sure to run a scan at least once a week to ensure your machines
are clean.
3. Update
your applications
Your anti-virus and spyware software aren't the only programs that need to be updated. Applications like Adobe's Acrobat Reader, web browsers and other software should be updated when patches are available.
Your anti-virus and spyware software aren't the only programs that need to be updated. Applications like Adobe's Acrobat Reader, web browsers and other software should be updated when patches are available.
You can download a nifty application called Secunia PSI, which can help keep track of your applications and when they need to be patched, by notifying you when an update is available and directing you to the appropriate website to download the necessary files.
4. Passwords
Make sure that your employees use unique passwords that use alternate capitalization, numbers, special characters and are a minimum of 8 characters. You should also require that passwords get changed every 90 days.
If you're handing sensitive data, such as financial information or other personal data, you may want to consider implementing a multi-factor authentication system that requires the user to input additional information, aside from a password, to gain entry.
Make sure that your employees use unique passwords that use alternate capitalization, numbers, special characters and are a minimum of 8 characters. You should also require that passwords get changed every 90 days.
If you're handing sensitive data, such as financial information or other personal data, you may want to consider implementing a multi-factor authentication system that requires the user to input additional information, aside from a password, to gain entry.
For small businesses that
rely on the Internet and information technology, it can be a balancing act
of securing your systems while not having to overextend themselves as “a
penny saved is a penny earned”. However, knowing that cyber crime is a very
real possibility since small businesses are perceived as soft targets should
motivate you to beef up your security. The above strategies are affordable and
fairly simple to implement - by doing so, you can prevent having a major
headache down the road.
Great post! I am actually getting ready to across this information, It's very helpful for this blog.Also great with all of the valuable information you have Keep up the good work you are doing well.
ReplyDeleteSAP SD Training in Chennai