10 Cybersecurity Tips for Small Businesses
In 2019, the average cost of dealing with a cyber breach for a small business was £11,000 not including the cost of lost business – and with cybercrime increasing in both sophistication and frequency it’s safe to assume the financial impact will increase alongside it.
Nowadays it’s pretty much impossible to run a business without some kind of digital footprint, and everything from payment processing to emails can pose cyber vulnerabilities.
Adequately preparing your network for cyber risks is no longer optional for even the smallest of companies – so here are 10 cybersecurity tips for small businesses.
1. Educate employees
The number one method hackers use to install ransomware into your network comes in the form of phishing. These are malicious emails disguised as everyday communications designed to drop your guard by using social engineering. These can play on fears, perhaps demanding some sort of payment via a link which will begin the ransomware download, or aiming to catch you off guard by disguising as a commonly used software like DocuSign, or posing as a missed DHL shipment.
By educating employees on the tricks used in phishing and encouraging them to stay alert when interacting with unknown senders, and reporting anything suspicious even if they aren’t sure, you can actively prevent cyber breaches. Engage your employees in discussion and training around cyber hygiene and phishing, you’ll be amazed at the results!
2. Protect your hardware
Ensuring devices are up to date with the latest versions should be a given, but you should also make sure your browsers and operating systems are equally protected. You can do this by installing various forms of antivirus software as the first line of defence against online threats, and running regular scans and tests on devices - especially after updates.
3. Use a firewall
A firewall prevents those outside your network from accessing the data held within. This is especially important if employees work from home, and you should make sure they have some firewall protection built into their connection – or offer the ability to connect via VPN.
4. Don’t forget mobile devices
It can be easy to overlook mobiles when it comes to considering your network security, but they can access just as much as a laptop! Make sure users are password protecting their devices, and install basic security devices to prevent criminals from stealing data when connected to public networks. Your company should also have policies and protocols in place for stolen equipment.
5. Backup your data
Important data should be regularly backed up regardless of a potential data breach. Ransomware intends to encrypt your data until a ransom is paid – but if you have safe backups stored away from the network then you would still be able to continue operations whilst the threat is dealt with. This is also vitally important when you realise that only 26% of businesses who choose to pay the ransom demanded by their attacker actually get their data back – you’ll be extra grateful for those backups then!
6. Limit physical access to devices
It goes without saying that unauthorised individuals shouldn’t be allowed access to your business’s devices. Make sure employees aren’t leaving laptops and phones unlocked and unattended, and implement regular password updates to avoid any unwanted access.
7. Secure your Wi-Fi
Did you know that in 2017 a hacker was able to use a Wi-Fi-connected fish tank to access the network of a large American casino, stealing 10GB of customer data? Seriously. That happened.
Hiding and password protecting your Wi-Fi networks can prevent this kind of thing from happening – but you can also separate networks to ensure an extra layer of safety. By implanting different networks on the same internet connection and hosting private data or payment processing away from public Wi-Fi you can create barriers for hackers, making their task of stealing your data a whole lot harder.
8. Authenticate payments
Work with your bank to make sure you have all the latest anti-fraud software and protocols set up on your accounts. Two-factor authentication may be annoying to employees, but an extra second of security can make the difference between the theft of your money and data.
9. Limit employee access
Keep data accessible to only those who require it. There is no reason for someone in marketing to be able to access payroll and such, and by creating these internal walls you leave fewer places for hackers to roam when searching for valuable data to use against your company with the threat of deletion or publicising.
10. Create Secure Passwords and authentication
Passwords, passwords, passwords! Engaging in proper password protection can decrease the chance of your data being compromised. Did you know that a typical 6 digit alphanumeric password only takes 30 mins for a hacker to crack? But increase those 6 digits to 10, and it would take them 100 years? Your passwords don’t need to have NASA level encryption to be secure, just hard enough to crack to not make it worth the effort.
In addition to passwords, companies should implement two-factor authentication on their logins, meaning you require access to a phone or other device that is also linked to the account to get in. This can protect passwords that aren’t as secure, and let you know of any unwanted attempts at accessing accounts.
Network security can seem daunting, especially when we talk about the more technical side. But great security doesn’t always require expert knowledge.
With devices like Meraki Go you can protect your network easily, bringing you peace of mind when it comes to your livelihood. For security look no further than the Meraki Go Security Gateway, which plugs directly into your existing internet connection and operates as a first and last line of defence against incoming and outgoing traffic.
Meraki Go also allows you to separate network traffic, which will make your network harder for attackers to navigate – and give your connection speeds a little boost too by streamlining traffic. You can easily create up to four secure networks for guest, payment, and business activity, with shown results in productivity as a result of streamlining traffic.
Here at RedPontem we believe that safe, secure, and streamlined networks should be available to businesses of all sizes, and as a Cisco Premier Partner, we have access to all the best tools. Get in touch with a RedPontem specialist to discuss your network requirements today.