Top Ten Essential Cyber Security Tips for Small Business Owners
Small businesses are perceived to have weaker online security compared to the big boys, and are thus favorite targets of cyber-attacks. Following are some things you can do to bolster your cyber security:
- Start by creating a customized cyber-security plan for your company. You can do this easily by using the FCC’s online Small Biz Cyber Planner tool. Once you’ve generated your plan, you can download it as a pdf file and use it as a guide for your cyber-security strategy.
- Create a culture of cyber-security among your employees. Use your plan to establish security principles for your office, such as strict Internet use guidelines and the need for strong passwords. Also instill in staff the importance of protecting sensitive customer and company information against cyber-attacks.
- Ensure that your networks and computers are protected from malware. You can do this by using strong anti-virus software and making sure they are always up-to-date by installing updates as soon as they become available. In addition, after every update, the software should run a security scan.
- Enable a firewall for your Internet connection. A firewall is one of the most essential security measures you can take to protect your network against cyber-attacks and penetration by malware. Make sure that your firewall is turned on and if your employees work from home, they should have a firewall on their computer as well.
- Create a cyber-security plan for mobile devices. Tablets, laptops and other mobile devices represent a significant security risk, particularly if they have access to the company’s network. Employees using these devices must take security measures such as encrypting sensitive data, using strong passwords and installing security apps to prevent data theft. Make sure that lost or stolen devices are promptly reported so that remedial action can be taken.
- Use multi-factor authentication. This is one of the simplest things you can do to ensure cyber-security. Multi-factor authentication requires information other than a password to gain access to the network. Arrange with your vendors to enable this security feature, if it is available, on your accounts.
- Restrict employee access to data systems. Make sure that there is no one employee that has access to all your company’s data systems and that employees do not install software on computers without getting permission first. Staff should also be able to access only the specific systems required for their jobs.
- Limit physical access to computers. Measures should be taken to prevent unauthorized users from getting access to your computers. To further limit access, every employee should have their own user account and be instructed to use a strong password.
- Make sure your Wi-Fi networks are secure. Your wireless router or access point should be set up in such a way that it does not broadcast your Service Set Identifier (SSID), which is the name of your network. You should also limit access to your network by protecting it with a password.
- Sensitive data should always be backed up regularly. Data on all your computers should be backed up at least on a weekly basis, automatically if possible, and the backup copies should be stored in a remote location or on the cloud. Critical documents include financial records, accounts payable/receivable, databases, word documents, human resources files and electronic spreadsheets.
Following these tips will help minimize, if not totally eliminate, the risk of hackers and malware from doing damage to your online systems.