We’ve recently covered cyberattacks and here on Smallbiztechnology.com, and will cover identity theft and data recovery later on this week. Cyber security should be something of importance to small business owners, as as cybercriminals are coming up with news ways to attack businesses.
Many of aware of what constitutes a cyberattack: an intentional crashing of the servers, the stealing of important data, or the release of a virus or other malicious software. But cybercriminals are getting more creative, as the New York Times explains that companies both big and small are scrambling to deploy new tools and procedures to deal with these new attack methods. That new smartphone app, the funny Facebook link, or the unknown foreign Web site (why click on that one ever?), could all be a lure the hacker put in place to get in and to take a business down.
A study by AVG Technologies, an Internet security software company, (which provides a free anti-virus software by the way) found that 52 percent of small business owners don’t have an IT security policy. If you are in that 52 percent, here is what an IT security policy should include:
- An initial assessment of your security needs, determining what kind of access each employee needs to the data and computer infrastructure, and implementing the necessary additional logins and security checks.
- Security for your physical assets as well as your digital assets. After all, a cyberattack could be committed from the inside, and could start with the theft of a laptop or a hard drive. This security should also include a plan of action in the event of a theft.
- System testing and training. Go through the firewalls, anti-virus software, and data storage that you have in place and see if there are any loopholes. Make sure you know how your security programs work, and make sure you’re employees understand as well.
- Acknowledge that a good security infrastructure is necessary, and take the time to put it in place. Over 10,000 cyberattacks happen every single. Don’t wait until it’s happened to you before you start taking precautions.
In conclusion, if cyberattacks can happen to big companies like Citibank, Sony, and Lockheed Martin, they can certainly happen to the little guys. When it’s company reputation, revenue, and private information at state, why take the risk?