Security is like the forsaken child of technology. It’s something we all think about, yet few of us have policies in place to ensure our businesses are as secure as they should be. We know about social media, we’re still struggling with email marketing, many of our web sites are useful and impotent tools (but at least we know it), our sales could be so much better, I could go on.
But security – we don’t have the faintest clue what to do or how to protect ourselves. We think we’ll never be hacked or attacked. Yet many businesses, yeah, small businesses are attacked each month.
The National Cyber Security Alliance (NCSA) and Symantec have partnered together to conduct a survey on the cyber security awareness practices and habits of roughly 1,500 small businesses in the United States.
The results showed that while 65 percent of those surveyed believe that Internet security is critical to their business, only 28 percent have formal Internet security policies.
Here’s five things you can do, right now, to better protect your business:
1. Educate your employees: Only 38 percent of small businesses provide training to their employees about Internet safety and security. Your employees are vital to your company’s security posture, so empower them to keep your information and systems safe! A security awareness program with training and guidelines to enable employees to carefully consider the security implications of their online behavior. Require your employees use passwords that mix letters and numbers (not names or dictionary words) and change them often. Educate employees not to use file sharing programs or download free programs from the Internet.
2. Combine policies and technologies: More than 33 percent of small businesses do not have the most basic protection of all—antivirus. As the number and sophistication of Web-based viruses and malicious code continues to rise, small business need to be secured with more than just traditional antivirus technology as they are susceptible to the same type of attacks as large businesses. Polices and education need to be coupled with an integrated solution to protect information wherever it is accessed—from servers to desktops and laptops. Install an integrated security suite solution that will prevent virus infection, block intruders, protect privacy, and stop malicious programs. This will be simpler to install and manage and will keep you completely protected.
3. Protect Your Mobile Workforce: More than 66 percent of employees take computers or PDAs containing sensitive information off-site. 62 percent of the companies surveyed have a wireless network but 25 percent of them do not password protect their wireless networks. All network-connected computers and inbound/outbound traffic should be monitored for signs of unauthorized entry and malicious activity. Create and enforce policies that identify and restrict applications that can access your network and ensure employees follow best practices when they work remotely.
4. Backup Valuable Data: Small businesses are handling valuable data: 65 percent store customer data, 43 percent store financial record and reports, and 33 percent store credit card information and a 20 percent have intellectual property and other sensitive corporate property. It is critical to back up important data regularly and store extra copies of this data off site. Train your staff to perform basic back-up tasks unsupervised. Backup systems as well as applications and files at least daily, and test the backup and recovery process periodically to be sure it works.
5. Stay informed and update often: Only 53 percent of small businesses have someone check company’s computers to ensure that their operating systems and security software are up-to-date. Stay aware of the security threats you face by reviewing reports published by industry experts. Keep antivirus software up-to-date by downloading virus definitions as soon as they are available and regularly apply updates and patches.