By Debbie Gregory.

A data breech can cost companies billions of dollars in damages if the hackers are able to extract sensitive information.  These items may include credit and debit card numbers or social security numbers. The damage is also not limited to monetary costs.  There is also the negative press, drops in company productivity as everyone scrambles to handle the crisis as well as a dip in consumer confidence and trusting the company. These data breeches happen all the time to large corporations that employ very skilled cybersecurity teams and take all types of high-level precautions.  What this means is that small businesses are even more vulnerable and easy prey for hackers.  This article will provide you information on how to protect your small business from security risks like this.

Why are small businesses a hacker’s favorite target?

When it comes to easily grabbed data, a small business is the perfect prey. Small businesses typically lack strong security measures as well as the staff capable of handling hacking intrusions.

Most small business owners don’t make it a priority to:

• Monitor their server networks and data
• Ensure their Wi-Fi is secure
• Hire a true IT specialist to keep watch
• Learn about and train their employees in cybersecurity

Small business owners have a lot on their plate and cybersecurity tends to get pushed aside since most people assume that getting hacked will not happen to them. However, ensuring your company data as well as your customer data is secure, is essential for every business. According to recent reports, 60% of small businesses that had suffered a data theft were forced to close their doors within six months of the breech.

The Top 3 Security Mistakes Made by Small Business Owners:  

1.)  Trusting and using public Wi-Fi:

It is extremely tempting to jump on free Wi-Fi and work or catch up while in a coffee shop, restaurant, or public venue. However, hackers often go to these places and setup their own free public Wi-Fi hotspots to catch the unwary.  Logging into their “free” Wi-Fi provides them immediate access to the devices that you connect. Even logging in to the right network, public Wi-Fi offers little to no real security from savvy hackers.  Do not use unknown networks so you can protect yourself and your data.

2.) Not using and enforcing strong password standards

Strong passwords are incredibly important for every aspect of your life and business. This is the one area where  most people and small business owners make the most mistakes. Remembering complicated passwords can be challenging but it is worth the effort.

These password practices are not strong enough to withstand a password-related attack:

• Less than eight characters in length
• A lack of various letter cases, numbers, and special symbols – meaning not alphanumeric
• Allowing the use of the same password for multiple platforms and/or applications

Every password used by anyone at your business should be alphanumeric, longer than 8 characters in length, and only used once. You should also regularly change your passwords and utilize 2-factor authentication whenever it is available to use.

3.) Not having and enforcing a clear BOYD (Bring Your Own Device) policy:

Lots of businesses allow their employees to bring in their own electronics or mobile devices. Doing so has a lot of clear benefits for the company including cost savings and allowing your employees to be comfortable with the devices.

However, you need to have clear BYOD policies in place that include guidelines that spell out how employees can handle software updates, IT support, encrypted data options, or when and where employee-owned devices can be used for work. If you do not have such a policy, get on it ASAP! You are leaving your business very vulnerable to a data breech.

We advise you to be vigilant. There are many things that you need to do to protect your business from a hacker. However, the risks are simply too great to ignore proper cybersecurity.

If you are not already a member of VAMBOA, the Veterans and Military Business Owners Association, we invite you to join.  There are not any dues or fees and members can proudly display the VAMBOA seal for their collateral and website.  Below is a link to register for membership:

https://vamboa.org/member-registration

By Debbie Gregory.

Our world relies heavily on technology and the Internet. Criminals target companies of all sizes, including small businesses. Knowing a few security basics can help you protect your business and even reduce the risk of your business falling victim to a cyber criminal’s attacks.

Below are six key areas to focus on to help make your business more secure:

1.) Require strong passwords on everything

Strong passwords are at least 12 characters long and are a mix of numbers, symbols, and capital and lowercase letters. Use strong passwords for all laptops, tablets, computers, and smartphones owned or used by your company and your employees. Make sure that no one leaves any of these devices unattended in public places. Never reuse old passwords and never share passwords in texts or by email. Make sure that you also limit the number of unsuccessful log-in attempts to limit password-guessing attacks.

2.) Use multi-factor authentication

Require multi-factor authentication to access areas of your network with sensitive information. This requires additional steps beyond logging in with a password such as a temporary code on a smartphone or a key that’s inserted into a computer.

3.) Secure your router

Make sure that you change the default name and password that comes pre-installed on your router. Make sure that you also turn off remote management and log out as the administrator once the router is set up. Make sure your router offers WPA2 or WPA3 encryption, and that it’s turned on. Encryption protects information sent over your network so it can’t be read by outsiders. If you do not know how to do this we recommend getting in touch with a reputable tech company to take care of this for you.

4.) Keep all software up to date

Make sure that all of your devices are setup to automatically update when an update becomes available. This includes any apps, programs, web browsers, hardware, and operating systems.

5.) Secure all of your files

Backup all important files offline – either on an external hard drive or in the cloud. Make sure that the offline backup is secured with a strong password. Make sure you store all of your sensitive paper files securely. Also, make sure that you encrypt the data on devices and other media that contain sensitive personal information. This includes laptops, tablets, smartphones, removable drives, backup tapes, and storage solutions.

6.) Train your staff

Create a culture in your company of security by implementing a regular schedule of employee training and make sure that you keep your employees updated as you find out about new risks and vulnerabilities.

Most importantly, make sure that you have a plan in place just in case you do experience a breach. You will need to get backups online quickly so you can get back to work as well as notify any customers who may also be impacted. The FTC’s Data Breach Response: A Guide for Business gives you steps that you can take.

Again, cyber security is increasingly important in our world. If you are uncomfortable or lack the knowledge to implement security at your company we highly recommend hiring a professional technology company to keep your information secure.