Cybersecurity can easily seem overwhelming for a SMB. There is a huge and growing number of threats to worry about. The potential for damage runs broad and deep. And, worst of all, defending against these threats is expensive, confusing, and sometimes ineffective. It’s understandable for a SMB to conclude that cybersecurity is impossible.
It may be impossible to prevent 100 percent of threats. But cybersecurity does not have to be a looming disaster. Like all forms of risk, it’s something that SMBs have to understand and account for. When they do both, the likelihood of an attack drops dramatically, and the damage following an attack does at well. Consider these plans, protections, and policies to be mandatory for SMBs:
- Install Antivirus Protection – This should be installed on every terminal and updated regularly. It should also be programmed to scan for viruses on a regular basis.
- Use a Firewall and Encryption – A firewall prevents unauthorized users from accessing your network. Encryption ensures that if sensitive information is stolen it can’t be read by hackers. Another basic step is to assign a random name and secure password for the wireless router.
- Follow Practices and Policies – Draft policies that require all users to follow security best practices. Then provide education and training so those policies are followed faithfully.
- Help Users Understand Threats – Teach users how to spot potential red flags and report potential threats. If there is an issue with unsafe user behavior, correct it ASAP. In the worst instances it may be necessary to hold the employee directly accountable.
- Implement a Password Policy – Require employees to use strong passwords consisting of letters, numbers, and characters. Those passwords should be different across platforms and changed on a regular schedule.
- Secure Payment Cards – Focus security efforts on payment terminals and payment cards, which are both common targets for hackers. The best practice is to isolate electronic payment systems from other programs.
- Invest in Cyber Insurance – Explore coverage options with various cyber insurance companies. The right policy helps to insulate an SMB from the worst consequences of a cyber incident.
- Backup Business Data – Backup data automatically to prevent data loss or data extortion. Sending this data to a remote location makes it easy and reliable for SMBs to protect their most valuable asset.
- Utilize Access Controls – Keep anyone except authorized users from physically accessing laptops, desktops or any other technology. Cyberattacks can arrive over a network or in person. Take a similar approach when assigning administrative privileges.
- Devise a BYOD policy – Protect devices like smartphones and tablets using a “Bring Your Own Device” policy. Requiring password protections, data encryption, and security apps keeps these devices from becoming security liabilities.
Having the right attitude is as important as having the right protections. SMBs must understand that cyberattacks are inevitable and that no defense is complete. Defending against threats is important but responding to successful attacks is just as essential. When protection can’t be perfect it must be as preventative as possible.
Related posts: