Weâve all heard the horror stories of cyber-attacks on businesses. Big banks, national retailers, and major websites have all been impacted by devious cyber-criminals, with customer data compromised and websites taken offline for hours. As small business owners, itâs easy to assume that cyber-attacks will never affect you. A criminal would target high-profile businesses, after all. Any small business would fly beneath a cyber-criminalâs radar.
But small businesses are no longer worry-free, according to security experts. Small businesses are increasingly being targeted by cyber-hackers, who are launching global espionage campaigns. Smaller businesses can be a bridge into the systems of their larger business partners, experts say, since small businesses often lack the security measures multi-billion-dollar firms have in place.
âIn todayâs security landscape, everyone must assume they are a target,â says Jim Butterworth, CSO of security firm HBGary.
But small business owners arenât on their own when it comes to putting security measures in place. HBGary recommends taking the following steps to ensure your small business doesnât fall prey to a cyber-attack.
- Conduct a comprehensive network check. Businesses spent money and effort each year to prepare and update emergency response and business continuity plans. Butterworth emphasizes that incident-response plans must be treated with the same care. Your business continuity plan should include efforts to protect against cyber-attacks and should be regularly updated to address the ever-changing landscape of cyber-attacks.
- Invest in security infrastructure. Some businesses assume that simply having anti-virus software on servers and devices is enough, but Butterworth stresses that anti-virus often isnât enough. Software cannot protect a company against targeted attacks. While software manufacturers do their best to stay abreast of new malware variants, new attacks are being launched on an ongoing basis. There are measures a small business can take to protect servers, but many businesses are choosing Cloud service providers to entrust their security to the experts. If you choose the do-it-yourself model, e sure you stay informed about changes in the security landscape that could leave your small business vulnerable.
- Educate your users. One of the biggest threats to a small businessâs infrastructure lies in the behavior of its own employees. âProvide clear, concise cyber-guidelines for your employees,â Butterworth advises, adding that those guidelines should include restricting access to only those applications and files each employee needs to do his or her job. âOur users represent our largest attack surface, and a mature plan includes providing timely and relevant information to our first line of defense,â Butterworth adds. Each user should also be taught to avoid phishing attempts, including those that come through e-mail and social media sites.
Small businesses canât assume that they are immune to criminal activity. By following these tips, youâll be able to ensure your business is uninterrupted and your customer data remains safe.