There’s been a lot in the press recently about matters of ‘national security’: think PRISM, Edward Snowden and release of release of NSA material. In fact I saw a great session on ‘Open Data Lessons from the US Shutdown’ at MozFest which covered the culture shift in the intelligence community from targeted surveillance to dragnet programs. All very interesting matters for debate, but here we are talking security on a slightly smaller scale.
Elvis Donnelly has written a guest post on what small businesses and people working from home need to know about their own cyber security. Elvis is a father of two who works from home and lives with his wife. He is a voracious reader and likes to keep abreast of current affairs on personal finance, technology and innovation, and takes a keen interest in environmental issues. In his spare time, he loves taking on home improvement projects and considers himself a closet chef.
When the website of Novice to Advanced Marketing Systems (NAMS) was hacked, the small business had to shut down for six weeks and lose $75,000 in the process and recovery was not easy. NAMS owner David Perdew felt this attack was a “personal violation”. But there is nothing personal when hackers target small businesses. Why? Many small businesses have an online presence that runs on limited IT resources and are often the target of phishing attacks by scamsters, especially those looking to steal financial information of customers. Not just that, stealing passwords, theft of funds or intellectual property and paying up huge fines for not protecting customer information are some of the ways in which your business can be at risk, according to Forbes. Safeguarding your website against cyber-attacks should be the number one priority of a small business owner.
In a 2012 National Small Business Cyber security Study, jointly carried out by the National Cyber Security Alliance (NCSA) and Symantec, even though 73 per cent of small businesses reported that the internet is absolutely vital to their business’ growth, 88 per cent of small business have no official internet security plan in place. Symantec also reported that a huge chunk of cyber-attacks are directed at small businesses. As a small business owner, you know much capital has been invested in your business. It’s important you also know that it can all vanish in a matter of seconds. Beware, cyber-attacks are increasing!
A Quick Guide to Staying Cyber Safe
Cyber-attacks do not come with a warning, as seen in the case of NAMS. Why compromise the security of your business with a shaky security plan? Here are a few pointers on what a small business owner can do to improve cyber security.
Train your employees
All employees, irrespective of their designation, should be trained to maintain a secure online system. Infecting a computer with a USB stick or downloading files with malicious content are some of the ways in which security can be breached. Employees must be trained to quickly identify content that can harm a computer as well as given a hacker’s dictionary to understand hacking ploys like phishing, social engineering or know what a Trojan horse is. The National Cyber Security Alliance has some training resources for small business owners wanting to educate employees in cyber security.
Secure your computer systems
Monitor all online activity and make sure malicious content is blocked before it enters the system. Incorporate appropriate firewall settings that will help prevent third party users from accessing your data. Password-protect all computers, online accounts and databases- never leave a computer unattended. Take back-ups of all data. Securing your systems and assets help in lowering your risk of an attack. Limit the access of sensitive information to employees. If your company has a bring-your-own-device (BYOD) policy, make sure you follow steps to ensure these devices do not make your systems vulnerable to an attack.
Get insured for data breach
Insuring your business can go a long way in reducing the risks associated with your business. While many small business owners purchase liability coverage for property, few opt for coverage related to data breach. With cyber-attacks increasing by the hour, insuring your business’ data is absolutely essential, especially if online financial transaction form a bulk of money transfers. Check with your insurer how you can incorporate coverage for data breach in your business insurance policy.
While an insurance plan is a strong safety net that can help a small business reduce the losses that accompany a data breach, it’s best to avoid such incidents by putting in place security systems to prevent such an attack. A report by The Hartford suggests that businesses should develop computer security tools to secure their systems from hackers, especially in the current mobile-oriented business platforms. In David Perdew’s words: “No computer is foolproof“, but understanding how you can be cyber safe can help lessen the risk of an attack to a huge extent. Make sure you are secure today!
Editor’s note: I’ve written posts about approaches to password protection (I now use Lastpass) and have advocated in the past for personal data management. I’d also like to hear from people who have had experiences of losing data in the cloud – I read this post recently on how someone had their entire account deleted by Box.com!