BC Business
Advice on how to protect your business from cyberattacks
In the modern world, a secure and stable online infrastructure isn’t just important — it’s everything. Companies not only provide their services online, they often collaborate and telecommute behind the scenes.
Nevertheless, small businesses don’t always protect their online assets because they think they have nothing worth stealing. As a result, only 30 per cent of American small businesses have an informal Internet security policy, and just 40 per cent have a contingency plan in case a data breach occurs.
However, Symantec, an American cybersecurity company, revealed that almost 40 per cent of the cyberattacks they encountered in the first three months of 2012 targeted companies with fewer than 500 employees.
“For the small, poorly protected companies that suffer an attack, it’s often fatal to their business,” Brian Burch, Symantec’s vice president of Americas marketing for SMB, explained.
A report from the National Small Business Association states that nearly half of small businesses surveyed — some of which were in Calgary and Western Canada — were the victim of a cyber-attack in 2013. The resulting loss of time and service interruptions cost these firms an average of $6,927 USD, reaching up to $9,000 USD.
Why are small businesses so vulnerable? More often than not, cyberattack victims are targets of opportunity. A new company is less likely than a larger enterprise to have a strong security system in place. And while they may have fewer assets, small businesses are more easily hacked and often have useful consumer data such as credit card and personal information.
Companies of all sizes owe it to both themselves and their customers to protect themselves from cyberattacks. Here are just a few ways you can secure your network as a small business owner.
This might be the simplest way to protect your company. Hackers access your network through open ports; a firewall closes ports that don’t need to be open, reducing the number of access points. Once you install a firewall, create a unique password for it to discourage any determined hackers.
If your employees access information related to your operations remotely, consider installing a virtual private network (VPN). A VPN allows all users to access shared files as if their computers were directly connected to the same private network. VPNs come in the form of a server application or a specialized VPN device.
Not every employee needs to access your invoicing or consumer information. Only provide login information to those who need it and limit the number of people who can access certain files. This reduces the likelihood that one of those accounts will be hacked.
Randomly-generated passwords are significantly more secure than generic ones (like “123456” and “password”). To make your network even more secure, consider setting up a two-factor authentication for all your online business accounts. This might involve a password paired with an authentication code sent to an email address upon sign-in.
Smartphones are usually less secure than desktops because they don’t have the same protective software installed. They also often use unencrypted WiFi networks to send files, which means anything you send is unprotected. Instruct your employees not to send secure documents over mobile and to wait to use a safer device instead. If they’re using a laptop at a coffee shop with unsecured WiFi, the same principle applies.
No matter how complex your security systems are, they’re useless if your employees aren’t using them properly. Teach them how to maintain a clean computer, how to access shared files and not to open suspicious links or websites at work. Explain how this protects your customers and your business so that they understand the importance of a safe network.
If you’re concerned that your business has already been the victim of a cyberattack, run a full scan on your computer and update your security software. If problems persist, save yourself time and money by contacting a Geek Squad Online Support Agent to have your device checked for malware. Your customers (and your bottom line) will thank you.