When it comes to smaller and medium sized businesses, anything that distracts from the day to day concerns about bringing in revenue tends to fall by the wayside. With that in mind, we have put together a list of seven things that a small business needs to prioritize if you want to keep your business up and running. Remember, a cyber attack on your data security could be the biggest threat to your revenues that you face, even more serious than a recession or a pandemic
Software
Everything you have uses software programs, all of which can be vulnerable to hacking. Make sure all of your software programs are up-to-date. Software companies release program updates, security patches and critical updates for their applications. In addition to providing new features or fixing bugs in the program, these updates and patches prevent cybercriminals from exploiting the vulnerabilities that exist in the program to gain access to your network and data. So, you need to take the time to make sure that all of your software applications, including operating systems, and browsers are up-to-date. And do not forget your smartphone. It is important not to leave out your smartphone applications and mobile devices as well, because cybercriminals can find a way to invade your network and data from your smartphone For example, you have your work email configured on your phone. Hacking into your phone can give them access to your work email and consequently to work data.
Backups
There are things we all know we should do that are good for us, but that doesn’t mean we do them. Eat your vegetables, exercise every day… and back up your data. So here is a reminder of what you should do. Make sure you have clean and up-to-date backups. Backups come in extremely handy, especially in the case of ransomware attacks. Ransomware attacks are where cybercriminals gain control of your network or data and lock you out of your own system preventing you from accessing crucial business data. Sometimes your data is encrypted, which means it won’t be “legible.” They then demand a ransom to unlock or decrypt your data. Unless you pay up, you won’t have access to your data or your data won’t make any sense to you as it is encrypted. Having up-to-date, quality backups ensures you don’t have to worry about losing access to your data or paying the ransom, as you would have a most recent copy of your business data readily accessible. You can make backups on external hard disks, servers located at a place different from your place of business or even on the cloud (think Google Drive or One Drive or cloud servers). That said, contact an MSP to design workable backup procedures that don’t include copies of the ransomware. Just routine backups may not be enough to protect you.
Train everyone in your organization
Never forget the human factor in how cybercriminals get through your defenses. Training your employees to identify and respond correctly to cyberthreats plays a big role in any organization’s cybersecurity initiative. Regular cybersecurity training sessions along with mandated assessments should be conducted for all employees. Based on the assessment results, you may conduct follow-up training or refresher sessions for those who need it. You should also create an IT security policy document or handbook and share it with everyone in your company. This handbook or policy document must be updated on a routine basis to keep up with the latest in cybersecurity protocols.
Cybersecurity might seem like a lot of work, especially when you have a business to run and clients to focus on. However, it is certainly not an element that you can afford to ignore. The price you may have to pay if your business becomes a target of a cybercriminal is too high to take cybersecurity lightly. Consider bringing an experienced Managed Services Provider (MSP) on board to help manage the cybersecurity aspect of your business, while you can focus on your clients.
Questions? Contact Direct One for suggestions on improving your data security. Your business depends on it.