As cyber-attacks and ransomware are on the rise, many people are wondering what they can do to protect their small businesses from cybersecurity hacks. Let me start by saying there is no foolproof way to protect yourself 100% from a cyber-attack. Having a solid plan and doing your due diligence will keep your business from being a target. Many people have said “it’s not IF but WHEN” you will be attacked so it is important to be prepared. Here are 10 ways to protect your business from cyber thieves.
1. Have an automated data backup that is checked by a human regularly
If you are attacked by a cybercriminal and asked to pay a ransom it helps to have an up-to-date good backup of your data. You may still be required to report the breach if you are governed by HIPAA or other institutions but at least you will have a copy of your data so you can return to normal business within hours or even minutes.
2. Have a professional-grade firewall
If you are running your business with a consumer-grade firewall you may be opening yourself up for an attack. We recommend a professional-grade firewall that can filter traffic that may be harmful to your network.
3. Use encryption
This is important when sending emails with sensitive information or just sending any sensitive information across your network. There are many encryption tools out there that can make sure that data is encrypted before it crosses your network. This keeps the bad guys from being able to see or steal that data.
4. Two-factor authentication (MFA)
You may have noticed when you log into your bank account it sends a code to your cell phone to verify it is you. This is a form of MFA. You should have MFA set up on all your business applications and email to prevent an unauthorized login to those accounts. If you do not have MFA setup on all your bank accounts, stop reading this and do that now.
5. Use a password manager
Passwords that are created by people tend to be easily hacked. It is easy to figure out what your dog’s name is and the year you graduated high school. Password managers allow you to create random passwords, so they are harder to guess. Also using a password manager, you are able to have a different password for every website.
6. Monitor your equipment
It is important to have an inventory of all your equipment that includes operating system information and the age of the asset. Old equipment can be a target for criminals because the operating systems are not supported and therefore not updated with the latest patches.
7. Acceptable use policy
All businesses should have an acceptable use policy they give to their employees that explains what they are allowed to do on the company’s network. This policy lays out what websites are off-limits and how to properly use the computers and software to prevent a cyber-attack. It is important to have a written policy that employees can reference.
8. Employee training
Along with a written policy, you should have annual training at a minimum on how to prevent cyber-attacks in your company. This includes how to spot a phishing email, what links to avoid clicking on, and other security protocols.
9. Protect your clients
It is imperative to use proper methods when sending client information over the internet to protect their private information. By using secure websites for sensitive transactions and using encryption tools you can avoid compromising a client’s private information.
10. Get insured
A cyber insurance policy will help protect your business from the devastating consequences of a cyber-attack. It is a must-have for small businesses.