18 May Cyber Security & Your Business: Is It Secure?
If you’re the owner of a small to medium-sized enterprise, you may be under the impression that cybersecurity isn’t something you need to concern yourself with. Cybercriminals would only target the big companies with huge turnovers, right? Wrong.
According to a 2018 report by technology company Kelser Corporation, 65% of cyber attacks target small and medium-sized businesses, as they have a reputation for being less knowledgeable about the risks and for investing less in staff training and cybersecurity systems. This makes them significantly easier targets for hackers in terms of the time it takes to extract and exploit sensitive information. Data breaches can cost a business hugely not only in terms of financial losses, but can also prevent businesses from operating for significant periods of time and damage their reputation with customers. Companies that operate with card payments must ensure an optimal PCI DSS control implementation in order to secure their client’s data.
The big question is, how do you know if your business is safe from cybercriminals? Here are six key questions to ask yourself so you can improve your business’ cybersecurity, minimize the risk of an attack and keep your critical data as safe as possible.
- Do You Have Security Software?
A firewall is a barrier against cybercriminals who try to access your business data. These firewalls are usually external, creating a ring of protection around your website and network, but can also be installed internally to increase protection further. If you have employees who work remotely from home, they also need to have firewalls installed. Anti-virus, anti-malware, and anti-spyware software are also essential to protect your computers and network from unauthorized users and damaging viruses.
- Do You Have a Documented Cybersecurity Policy?
While your employees may have a general understanding of cybersecurity and the best procedures to follow, it’s essential that you document your policy on cybersecurity. Doing so gives everyone in the business clear guidelines to follow and demonstrates your commitment to your customers.
- Have You Educated Your Staff?
Your employees need to understand the importance of cybersecurity and that they follow your policy or policies at all times. Everyone at the business should be taking part in regular training on cybersecurity to ensure it remains a priority and that they know how to recognize a threat such as a phishing email or a new cybercrime tactic.
- Are Your Mobile Devices Secure?
More and more businesses are using mobile devices and allowing employees to use their own for work (known as a BYOD or Bring Your Own Device policy). While this provides a higher level of flexibility, it also presents additional security risks when employees are using the devices over other networks which are not secure. Also, if the device is lost or stolen, this could pose a significant threat to the business if it is not secure. To combat these issues, you not only need to ensure your staff is educated about security procedures and risks but also need an Endpoint Security system. Visit www.mcafee.com for more information on this type of cyber protection.
- Are Your Passwords as Secure as Possible?
Passwords are a common weak point in business security as we tend to choose easy to remember (and therefore easy to crack) passwords and use them across multiple accounts and devices. Employees should be using passwords with a combination of upper and lowercase letters with numbers and symbols, and they should be changed every 2-3 months. Consider using 2-step authentication as this provides an extra layer of protection through a pin which is texted to a cell phone or generated via an app.
- Do You Back Up Data?
Finally, it’s important to note that even with all this protection, a cyber-attack is still possible. This is why you need to back up all your files and data on a regular basis. In addition to a physical back up system, it’s also advisable to back up on a virtual cloud system in case the physical back up is damaged or stolen.