Security is one of the most important, but most overlooked, aspects of running a small business. The impacts of a weak cybersecurity plan are often insurmountable.

  • The U.S. House of Representatives Committee on Small Business reported that of 60% of all cybersecurity attacks small and medium-sized businesses were the target.
  • 60% of those businesses that were targeted suffered an average financial loss of $200,000 and closed their doors within 6 months.

But your business doesn’t have to fall victim to a cyber-attack this year! Here are 5 tiny tweaks for better security that are easy and cost-effective to implement:

Get Your Employees Trained ASAP

You probably thought that better security for your small business meant spending a ton of money and investing in the latest tech. While this isn’t a bad approach, doing so without training and educating your employees on good security practices can still leave your business vulnerable to a cyber-attack. According to Shred-it’s 2018 State of the Industry Report,

“Nearly half of C-Suite Executives (47 percent) and Small Business Owners (42 percent)

reported that human error or accidental loss by an employee was the cause of a

data breach.”

The hackers aren’t even your biggest worry, it’s your own employees, and probably yourself, too. One of the most important steps you can take toward better security for your small business is to make sure your employees know how to protect your company’s data. Help your staff understand how to prevent cyber-attacks by training them on things such as:

  • How to correctly dispose of documents that contain sensitive customer data.
  • Recognizing potential phishing emails or suspicious email attachments and what to do with them.
  • Create strong passwords for their business accounts and always lock devices when they are away from them.
  • Avoid accessing sensitive business data on personal devices unless they are authorized and have the appropriate encryption settings installed.
  • Secure notes and papers on desks and in cabinets and shred them when no longer needed.
  • Ensure employees know who to contact if they suspect they’ve been a target for a cyber attack.

Use a VPN

This simple solution can actually go a long way. A virtual private network, or VPN, allows you to remain anonymous and secure while sending information online. While VPNs have primarily been marketed to personal users, more enterprises are getting onboard to secure their business networks and devices.

A VPN can be installed on an entire office network as well as individual devices. If you have remote employees they can use your company’s VPN service to ensure your data is secure, even if they are working on the other side of the world.

There are free VPN options out there, but beware—”there ain’t no such thing as free lunch.” Opt instead for a pay-for VPN service. Prices are reasonable across the board and if you pay for the whole year upfront you often get a sizeable discount. You can get service with most reputable providers for under $10/month. Most VPN providers offer a free 30-day trial. Take advantage of this and test out a few.

There are tons of VPN service providers out there, so you’ll have to do some research to figure out which one is the best choice for your business depending on the features, like number of devices, and price point.  Here are some of the Best VPNs for 2019.

Antivirus Software and Regular Updates

Another super easy and effective solution to better security is making sure your devices and antivirus software are up to date. New viruses and malicious software are popping up on the daily. Luckily, anti-virus software companies do a pretty good job of updating their software so it can detect and block new threats. However, all of that means nothing if you ignore the prompts to update for six months. You’re already paying for the service, so just do the updates.

Back It Up

What would you do if your business fell victim to a cybersecurity attack today and you lost all of your data? We’re talking customer contact info, emails, invoices, point of sales system function…all of it. It’s pretty safe to say it’s going to be a rough day. If you backup your data, however, the impact might be minimal. There are many backup strategies, but as a minimum, you should:

  • Back up data frequently.
  • Have multiple backups— for example, one on a physical hard drive and one on the cloud.
  • Check your back up routinely to make sure it’s working properly.

Let Someone Else Do the Job

Maybe you’re already in over your head and just don’t have the time to implement better security solutions. You know what, that’s ok. Some businesses are just too small to employ their own IT team. But, there are companies out there, called Managed Security Service Providers (MSSP), who will gladly manage your small business’s security for you. Bringing an MSSP onboard will take a lot of the guesswork out of better security for your small business. An MSSP will perform a risk assessment and identify risk and how to fix them. It will be worth it to be able to sleep a little better at night knowing your business is protected.  

Sources:

  1. https://www.shredit.com/en-us/about/press-room/press-releases/shred-it-study-exposes-employee-negligence
  2. https://securitytoday.com/Articles/2018/11/28/Three-Cybersecurity-Must-Haves-for-Small-Businesses.aspx?Page=2
  3. https://www.crn.com/news/security/managed-security-has-become-a-top-selling-point-for-small-businesses?itc=refresh
  4. https://smallbusiness.house.gov/press-release/small-business-cybersecurity-federal-resources-and-coordination