In light of all the major corporations hit by cyber attacks over the past year, there is a misconception that small businesses are out of harm’s way. In reality, small and medium companies are at just as big a risk. The only real difference is that big corporations generate more headline news. According to a 2013 threat report, roughly 31 percent of all targeted attacks were actually aimed at companies with 250 or fewer employees, not giant corporations.
Because of the financial impact of a cyber attack, 60 percent of small businesses in the US have gone out of business within a six-month period after being targeted by cyber criminals. Though you may not be able to afford a state-of-the-art IT department, you still have many viable options for protection.
Keeping Your Company Safe
- Proper Training—Most importantly, train all employees on the best practices for digital security. While some things, like opening an attachment in an unsolicited email or using an outside text messaging system, may appear to be obvious threats to most people, to others, these actions look completely innocent.
- Personal Browsing—Employees should never conduct personal web browsing, even when on a break or at lunch. The problem is that many social network posts contain damaging viruses. Therefore, set a rule that company computers are designated for company work only.
- Maintain Confidentiality—Things like storing company data in an unsecure location, using post-it notes as reminders, and writing down or printing passwords puts the company at serious risk for a cyber attack.
- Secure Connections—Between available WiFi, increased cloud computing usage, and mobile devices, employees of small- and medium-sized companies frequently connect to the company network from outside the office. Unfortunately, connections at airports, cafes, and restaurants, among other places, are public, and therefore not secure. Employees should use only secure connections when gaining access to the company over the internet.
- Voice Concerns—Make sure your employees know that you want them to voice concerns. For instance, if an employee conducted personal browsing at work and it now appears that the person’s computer is infected with a virus, set upan open-door policy for the employee to come forward. Unfortunately, malware runs rampant, so if nothing is reported, your entire organization is at risk for a cyber attack.
- Locked Computer Screen and Passwords—Two additional ways of protecting your small company from a cyber attack consist of never leaving computer screens unlocked and putting passwords on virtually everything, beyond going into secure areas of the company and checking emails. In addition, change passwords frequently and always use a combination of upper and lower case letters, numbers, and symbols for the best protection.