By Debbie Gregory.

Let us begin with a frightening statistic!  Do you know that every three- and one-half seconds brand new cybersecurity threats arise?  Small businesses are typically the targets for these threats as they typically do not have strong cybersecurity practices. This article will review where the most common threats come from so you can be forewarned and forearmed.

1.)  Passwords:

A hacker with your password can access any of your private information and data. Hackers learn these passwords in a variety of ways.  The most common way is called a “brute force attack.” These types of attacks utilize specially designed bot programs that generate and try every possible combination of letters, symbols, and numbers out there to obtain your information.

How can you protect against this type of attack?

Creating and using a unique password of upper and lowercase letters that is at least ten characters long can substantially slow down these brute force program attacks. It can take them years to find your password if it is more complex.  It is also important that you do not use the same password over and over and you frequently change your passwords.

2.)  Phishing

Phishing is a technique used to trick people into willingly handing over their information to a hacker. These types of attacks target all types of personal data including, but not limited to passwords, bank account numbers, credit card numbers, Social Security numbers, and more.

How are these types of attacks performed?

Usually a hacker will pose as a reputable source asking their victim to allow them access to their computer or to click a specific link. They impress upon their victims that the reason for doing so is incredibly important and they must provide key personal information. These types of attacks happen via phone, email, and text message.  Often, they have what appears to be a legitimate email address but when you really look at it, you will see they are not who they pretend to be.   Be on the alert and never ever click on a link or open a document from someone you do not know or a generic email address because they are after your personal information.

3.)  Pharming:

Pharming is the term for website spoofing. In this type of attack, the hacker has compromised the naming system in the website’s server so that a visitor to the legitimate site is instead redirected to a fraudulent one. Once on the fraudulent site, the victim is prompted to provide their sensitive data, such as a credit card number or Social Security number.

4.) Malware

Malware is malicious software that is specifically designed to gain access to or to cause damage to a device. The goal is usually stealing personal data such as passwords, bank account numbers, credit card numbers, Social Security numbers, and more. Malware comes in many forms from adware to spyware to Trojan horses. All are extremely dangerous.

These are only a few of the potential risks your business faces. Other common attacks include point-of-sale hacks, drive-by-downloads, and ones that are so new they haven’t even been named yet. The best thing you can do is to take the time and effort to create and enforce strong cybersecurity policies. Stay on top of what is happening in the world of cybersecurity and help protect yourself, your employees, and your business.

By Debbie Gregory.

There is no way to completely secure any business against hackers. Even if you take every single precaution, you are still at risk from diligent criminals. Hackers seek out weaknesses and are very good at exploiting them. Thankfully there are a few things you can do to lower your chances of being hacked.

Focus Areas To Protect From Hacking:

1.) Professional IT support

If you do not have a professional IT (information technology) person or company working for you, get one. Criminals rarely discriminate between large and small companies and anyone can be exposed to a data hack. Paying a professional to evaluate your risks, install the right software, monitor activity, and keep everything up to date is a critical and essential business cost in our world today.

2.) Employee Training

Most security problems stem from employee-related errors. Things like clicking on bad websites, accidentally downloading or installing malicious software, opening up infected files, allowing fake IT companies remote access to their computer, etc. Invest in training a few times a year with a good IT security firm so that your employees are more aware of the potential problems they can face and how to avoid doing things that make your business more vulnerable.

3.) Employee Turnover

When employees leave a company, they tend to take data with them. This is usually not done maliciously.  However, there are always some people who may take things on purpose to sell to a competitor or for other potentially vengeful reasons. It is a good idea to have procedures in place for data when an employee exits your company.

4.) Remote Employees

Employees that are moving around outside of your company with your data are at a higher risk of that data being lost or stolen. If an employee or contractor is remotely connecting to your database or server through online services, these also have a chance of being hacked. Again, work with a professional IT person to make sure you have strong data management and connection tools in place for these remote workers and make sure they are being actively monitored.

5.) Employees’ Personal Devices

Are your employees allowed to bring and use their own devices for work? If so, their devices can create an easy way in for a hacker. Much like remote employees, any person using their own device for work should be monitored and secured by your IT professional.

6.) Old Outdated Computers and Operating Systems

Running older, out of date versions of Microsoft Windows or Apple’s iOS will leave you incredibly vulnerable to hackers. Make sure that all computers in your company are using the most recent version of whatever OS you utilize. If the hardware is unable to run the latest OS, then upgrade the hardware.

7.) Security Software

All devices used in your company need good security software. Always make sure that the software is up to date and that it is configured to run routine scans. Most security software applications are relatively inexpensive, they run quietly in the background of the device and check for malware, viruses, infected websites, and any other vulnerabilities in the system.

8.) Strong Passwords

Most people are still pretty lax with their passwords.   Can you believe the most common password today is still “1234?”  Make sure that you require strong passwords (a combination of letters, numbers and symbols) for all devices and make sure that those passwords are changed every month or two.

9.) Secure Your Data

Make sure that all data you handle is encrypted, backed up regularly, and stored securely. If your company handles data such as health, financial or other personal information about your customers, and it is stolen, you can have a huge problem on your hands. Make sure that you have polices and procedures in place to safeguard confidential customer data; and make sure that you train your employees to handle the data securely.

Unfortunately, you can’t completely avoid being hacked… but making sure you are taking care of the nine items listed above will increase your chances of avoiding hackers by quite a lot.