Protect Your Small Business from Cyber Attack
Many small business owners assume that cyber attacks only happen to big companies, banks or governments. But the truth is, limited knowledge of digital security and lack of defences make small businesses particularly vulnerable to attack.
Research shows that if you are an Australian business there’s a 30% chance you will suffer a data breach and yet many business owners have yet to invest in a formal defence plan. The ACSC (Australia Cyber Security Centre) Annual report shows a increase of almost 13% in cyber crime reports from the previous year. That is a staggering 67,500 reports over a single year.
With cyber attack insurance premiums running as high as $35,000 per year, prevention is typically the smartest (and most budget-friendly) approach for small business owners.
Follow these four steps to fortify your small business against a cyber attack, and maintain the ongoing trust of your valued customers.
Conduct a Cyber Threat Assessment
Most small business owners simply don’t know if they have enough cyber security – or the right solutions – to protect their digital assets.
A thorough cyber security threat assessment is the ideal first step to knowing precisely where and how your small business may be vulnerable to cyber intruders.
Consider contracting a cyber security specialist to help you analyse your digital ecosystem and data storage practices, in order to identify weak areas and create a security action plan.
Install a Firewall and Anti-virus Software
Cyber attackers use highly sophisticated automated software to seek out and infiltrate poorly defended networks.
Ensure your business doesn’t get caught in their net by installing a firewall that can control incoming and outgoing data and help prevent unauthorized access to your network.
Other practical steps you can take to protect yourself include:
- ensuring your anti-virus software is always up to date
- updating your browser and applications like Java and Flash to the latest version
- protecting your WiFi by making it invisible to outsiders, encrypted and secure.
Regularly Change Your Passwords
Many businesses overlook the importance of regularly changing passwords that guard critical systems and confidential data.
Password reuse is a serious problem because of the many password leaks that occur each year, even on large websites. When your password leaks, malicious individuals have an email address, username, and password combination they can try on other websites. If you use the same login information everywhere, a leak at one website could give people access to all your accounts. If someone gains access to your email account in this way, they could use password-reset links to access other websites, like your online banking or PayPal account.
To prevent password leaks from being so damaging, you should use unique passwords on every website. These should also be strong passwords — long, unpredictable passwords that contain numbers and symbols.
Refresh your passwords regularly, ensuring they are at least 8 characters long and a mix of letters, numbers and symbols. Steer clear of using personal information, like your child’s name or your date of birth, as these combinations are much easier for cyber attackers to guess.
Use a Password Manager
The majority of people use very weak passwords and reuse them on different websites. How are you supposed to use strong, unique passwords on all the websites you use? The solution is a password manager.
Password managers store your login information for all the websites you use and help you log into them automatically. They encrypt your password database with a master password — the master password is the only one you have to remember.
There are several highly rated password managers available so you should research which one is the best for you and /or your business. It is a small price to pay for that extra level of security.
Invest in Employee Training
Employee education is one of the most important defences against cyber attack. For lack of training, your own team members might inadvertently install malware or release confidential information to a criminal masquerading as a trusted contact.
A staggering 95% of online security breaches involve human error. Ensure your staff understand best practices in digital defence by:
- developing an easy-to-read cyber security guide so employees are better equipped to identify and deal with malware, dangerous email attachments, phishing attempts and other digital threats
- meeting regularly to discuss new potential online threats so team members know what to watch for
- encouraging each team member to speak up immediately if they notice suspicious behaviour on your digital network.
By implementing these preventative measures, your company will be well positioned to evade cyber attack – and get on with the business of growing!