Every year, new security reports come out declaring cyber attacks are on the rise. Unfortunately, this is not a scare tactic. With the ever-increasing amount of technology, cyber attacks will continue to increase by the thousands. Businesses must get serious about putting proper cybersecurity protections in place especially small businesses. According to Symantec’s 2016 Internet Security Threat Report, 43% of attacks target SMBs.
Here are the top 3 security threats to small businesses:
#1 Employees
Both disgruntled and careless employees can wreak havoc on your network. Heimdal Security recently reported that 59% of employees steal proprietary information when they leave the company. To prevent this from happening, you must have specific procedures and protections in place.
Here’s what you can do:
-
- Create an offboarding checklist for employees who are no longer with the company.
- Prevent employees from stealing company data by blocking USB ports and limiting access to files.
- Monitor employee activity and block inappropriate websites.
- Provide regular, mandatory cybersecurity training especially on recognizing a phishing attack.
Passwords Tip: Require all employees to change passwords every 30 to 60 days. According to the 2016 Data Breach Investigations Report from Verizon, 63% of breaches are due to a weak, stolen or default password. Avoid weak passwords by using password portals like LastPass or Passportal. For additional security, enable two-factor authentication.
#2 Unpatched Computers and Devices
Have you heard of the recent Ransomware attack called WannaCry? Hackers specifically targeted a vulnerability in computers. When loopholes are found, they need to be patched immediately. Otherwise, hackers will have a field day infiltrating your network through the multiple software vulnerabilities.
Here’s what you can do:
- Stay up-to-date on the latest cybersecurity threats.
- Automatically update and patch your computers.
- Request a monthly report from your IT provider.
#3 Personal Devices
Personal devices are not set up to protect confidential company information. Most iPhones and Androids have consumer-grade protection. In order to protect your network, don’t allow employees to use personal devices for work. Instead, give employees company devices with encryption.
Here’s what you can do:
- Create a Bring-Your-Own-Device (BYOD) policy.
- Require mobile encryption on all devices.
- Enable a remote wipe feature to remove data if a device is stolen or lost.
- Backup your files daily to an off-site location.
