Cybersecurity is an issue that’s probably on the mind of every business owner. The growing list of corporate data breaches, coupled with the more-secure EMV credit card chip technology that emerged last year, has made businesses and consumers alike highly aware of the security risks that exist in today’s world.
“Many small business owners underestimate how vulnerable they are to security threats,” said Sanjay Castelino, vice president of marketing at Spiceworks, a provider of information technology solutions. “Our recent IT security report shows business owners are facing a number of threats from malware to phishing to ransomware, and the attackers range from lone hackers to rogue employees. Once [a business is] successfully attacked, earning back customer trust and fixing the damage is often too costly for small companies.”
Best IT practices
Whether you’re handling it yourself or using a third-party company, our expert sources offered their advice for protecting and managing your small business’s IT data.
Educate your employees. “Small business owners should take ownership of ensuring employees understand the importance of protecting their and the company’s information through common-sense practices,” Spiceworks’ Castelino said. “[Providing] best practices and instilling a mindset that everyone in the company is responsible for IT security.”
Encrypt and/or password-protect everything. “Whether it’s your phone, your laptop or your desktop computer, always password-protect it,” said Pfeifle, of IAPP. “You don’t want to know how many breaches are caused each year by phones that are left wide open because people want it to be easy for their small child to get to the games they like to play or watch videos.”
On a similar note, Pfeifle reminded business owners to require password changes periodically for current employees, and immediately for exiting employees.
“One of the biggest [security] blind spots is former employees,” Pfeifle said. “If an employee leaves the business for any reason, all of the passwords need to be changed immediately, and make sure they don’t download information on their way out the door.”
Always download updates and patches. “The biggest misconception is that your company can be protected by a single product,” Castelino said. “Malware, ransomware and phishing schemes aren’t going away anytime soon, and they’re likely to get more sophisticated in the coming years. If you keep your systems updated and continue to educate employees about how to mitigate risks, you’ll be better-equipped to turn the weaknesses attackers exploit into smart defenses.”
Be realistic about your resources. “Use the available tech tools to your advantage and at a cost that makes sense,” said Manta’s Swanciger. “If it’s taking too much time to list your small business on hundreds of small business directories, outsource that responsibility. If you feel comfortable designing your e-commerce site, go ahead and try it. Just be prepared to ask — and pay for — help when you need it.”
Author: Nicole Fallon Taylor
Nicole received her Bachelor’s degree in Media, Culture and Communication from New York University. She began freelancing for Business News Daily in 2010 and joined the team as a staff writer three years later.