7 STEPS TO ENHANCE YOUR SMB CYBERSECURITY
Douglas Marcille, CPM, LSSBB
CEO/Managing Partner | New Business Development, Procurement Contracting
Simply put, the size of an organization doesn't matter; cyber criminals want data. While most assume the large companies are a better target for criminals, new studies suggest small to medium businesses offer a targeting advantage. Small businesses are targeted because they often don’t have measures, so thieves can evade detection. The same is true of the virtual world too. Unfortunately for small business, the consequences of compromise can be severe because they are less able to cope with the cost and damage.
Small businesses have much to lose from data breaches. Recovering and repairing damaged databases, hiring consultants to investigate the breach, notifying potential victims, arranging credit monitoring and other recovery actions can cost a lot of money and your reputation.
Let's review some steps you can take:
1. Appoint a cyber security point person
If you can’t afford to hire a security person, you should consider at least appointing one individual to act as your cyber security guru. This person may have other responsibilities, but it’s critical to have someone keeping track of the latest news and trends in cyber security. However, don’t put it all on one person—make sure other technicians know at least the fundamentals of strong security practices.
2. Back up your data
Use a cloud-based backup independent of any hardware that exists in your office to protect your data. While this won’t keep hackers from compromising your customers’ data, it can help ensure you still have access to the data after a security event
3. Take physical security seriously
Strong physical security at your offices is paramount to keeping them safe. You may not have full control over this, but it’s worth educating your customers on protecting their offices.
4. Ensure wireless security
Don’t assume your wireless is protected against cyber criminals outside your building. Any hacker with a decent antenna can connect to a Wi-Fi signal from far away. For this reason, you should always use a strong password for your wireless, along with the WPA2 protocol.
Set up a guest network for people who visit your offices. This network should only provide access to the internet. This way, you can give Wi-Fi access to guests without access to your internal network.
5. Limit data access to the appropriate people
Make sure you know who can access specific data at your customers’ locations. For example, Phil from accounting shouldn’t have access to HR data just because he can access other parts of the system. If you don’t know who can access data, address this as soon as possible for your customers.
6. Use endpoint security software
Using endpoint security software gives you several ways of dealing with an attack across multiple operating systems
7. Train your employees in security
User education plays a critical role in keeping SMBs protected. Make sure to offer security awareness training to your employees—and ask them to make attendance mandatory.