Cybersecurity Tips: Smaller Businesses Are Easy Targets
If you’re a small to mid-sized business in New Jersey – Bergen County (SMB) and you’ve bumped cybersecurity down the priority list, you’re not alone. But that doesn’t mean you’re in good company. In fact, attackers often target smaller businesses because they’re less likely to be protected and because automation makes it easy and cost-effective to launch thousands of such attacks with minimal effort. And even when attackers aren’t specifically targeting smaller businesses, you’re still at risk.
“It is the data that makes a business attractive, not the size – especially if it is delicious data, such as lots of customer contact info, credit card data, health data, or valuable intellectual property.”
44% of small business have experienced a cyber attack at an average cost of almost $9,000 per incident
Protecting your business
But while your risk of cyber attack is similar to any large enterprise or government agency, you can protect your business with a few simple best practices and some readily-available security technology. Employing best practices is an easy, cost-effective way to protect your business against cyber attacks. Use Passwords Effectively It’s easier to keep hackers out with passwords than to identify and repair damage once they’ve gained access to your network. An effective password policy has two parts:
Creating strong passwords, and protecting passwords from unauthorized use. The definition of a strong password is one that is difficult to guess or to deduce with brute-force hacking techniques. To create a strong password:
- Make it long—a minimum of eight characters
- Use a mixture of letters, symbols, and numbers
- Use uppercase and lowercase letters
- Avoid real words or meaningful dates
- If you must use words, make them random
Keep Software Up-to-Date
Hackers find new vulnerabilities in operating systems and applications every day. Web server software and common business applications such as Adobe Reader are prime targets, simply because they’re installed on so many systems. Vendors will help keep hackers out by providing software versions with the latest security patches. So take advantage of their investments.
Installing patches as soon as they are available is a great way to prevent hackers from exploiting security flaws that vendors have already identified and addressed
Maintain Physical Security
It’s easy to overlook physical security when you’re focusing on cybersecurity. Don’t let someone—even a disgruntled employee—derail your cyber security efforts by simply walking out of your office with equipment or intellectual property. To improve the physical security of your network, follow these simple tips:
- Put onsite servers behind secure doors that are accessible only by appropriate staff
- Lock desktop computers and printers in place with metal cables
- Store mobile devices in locked areas when they’re on the premises
- Conspicuously mark mobile devices as company property to discourage theft
- Install applications on mobile devices that let you remotely delete information if the device is lost or stolen
- Delete information from hard drives on retired equipment so data is not recoverable
Deploy Firewall and Anti-Virus Protection
Firewalls monitor and control incoming and outgoing traffic, through a set of rules that allow secure traffic to flow in and out, while untrusted traffic is blocked from entry. Blocking high-risk traffic prevents viruses, worms, and other types of cyber attacks from reaching your computer. Most operating systems have basic firewall protection. But, you’ll enjoy stronger security by installing a more sophisticated firewall solution. Make sure your firewall:
- Inspects everything coming into your network, including email attachments and downloads
- Provides detailed reporting so you can see each employee’s network and Internet activity
- Enables you to block access to high-risk Internet content by domain or via a broad range of categories
- Regularly updates itself to protect against new viruses
- Empowers you to set up a virtual private network (VPN) so employees can connect securely using mobile devices or while working from remote locations
97% of SMBs have neglected to prioritize security improvements
Today’s anti-virus software does much more than guard against the specific type of malicious software known as a virus. It detects and removes a wide variety of threats that enter your network via software. But even with a firewall and anti-virus software, some attacks are so sophisticated that they can still enter your network. An Intrusion Prevention System (IPS) that works with your firewall and anti-virus software adds another level of security.
Back Up Your Data
To protect your business, you have to protect your data from hackers as well as from incidents ranging from local power failures to wide-spread natural disasters. So, back up all data to devices that are physically separate from your current file server.
Perform a full backup of all your data each night. When considering backup systems, be sure to assess your recovery requirements as well. Will you need to recover only the most recent copy of your data, or will you require comprehensive data from past transactions?
Use a Secure Wi-Fi Connection
The use of mobile devices in the workplace has made Wi-Fi networks a business necessity. Hackers know this. They also know that many smaller businesses don’t properly secure their Wi-Fi networks. Unsecured wireless networks give hackers incredibly easy access to your network. Tips for securing your office Wi-Fi network include:
- Change the router’s default name and password
- Use firewall software to encrypt the Wi-Fi network traffic
- Create a separate Wi-Fi network for guests that is not connected to your internal network
The easiest way to combat attacks from a public hotspot is to implement a virtual private network (VPN). A VPN acts as a private tunnel within a public network. It lets your users send and receive data securely, even when connected to the office network through a public hotspot. All content flowing to and from the office network through a VPN benefits from the same security protections established for the on-site network.
Cyber attacks don’t just happen to big companies and government agencies.
Businesses of all sizes in New Jersey are at risk. And as more business applications integrate cloud access, that risk increases.
Fortunately, Genesis Network Group, LLC understands both the risks and security implementation challenges that smaller businesses face and provides enterprise-class network security for SMBs While product considerations are important, vendor credibility is absolutely critical in the security business. Your security vendor will become an important, trusted advisor