Small Business Planning 2016- Cyber Security

January 31, 2016 by Ed Becker

Small Business Planning 2016- Cyber Security

Cyber security is a huge deal for any company. If you sell online or work in the cloud, you are at risk for a data security breach. Large companies that have been hacked are normally given a lot of publicity. From Target and EBay to health insurance companies, nowhere is “safe.” What this type of publicity leads many to believe is that small businesses are not targeted in cyber-attacks.

Small businesses are definitely not safe from cyber-attacks, data breaches or hackers, whatever you choose to call it. Whether someone breaks through your systems and steals your data, or they use your system and data as a backdoor to a bigger fish, it is happening all the time. Small businesses are actually an easier target due to less cyber security. And the fact that hackers can use small businesses to reach larger companies makes them an even better target. If you are not tech savvy or you are not large enough to have any IT staff, it is very wise to seek out professional help. It will safeguard not just your customer data, but also reduces risk for your company to be liable for any data breaches.

Obviously, it is not just companies that have eCommerce, they are also hacking into health insurance databases. Data can be gold for identity theft. If you store any consumer data, or you are connected to larger corporations as vendors or customers, you are at risk as well. Of course, if you also sell online or over the phone, or you accept credit and debit cards at all, you are at risk. With the new laws you could also be financially responsible if there is a breach that can be traced to your company.

What can you do as a small business to ensure that you are as secure as possible?

• First and foremost, you want to know that any networks or WIFI that you have is secured, hidden and pass coded. Install firewalls for your internet connection and keep all your systems clean from malware, viruses and other online threats. Separate user access so that no single employee has access to all systems, use a need to know basis.
• Train your staff to choose strong passwords when they login, change their passwords at least every 90 days and to be on the lookout for anything that looks fishy. Teach them email and browsing safety and awareness as well as not to open any executable files or attachments that they are absolutely sure are safe.
• If you accept payment cards, you should be PCI compliant. You can find out what steps you need to take at https://www.pcisecuritystandards.org. This reduces your risk financially if a card breach traces back to your company.
• If you store data on a cloud based forum or you engage in eCommerce, ensure that your sites are as secure as possible. This could mean you need to hire/outsource your IT security and your web security to another professional. Not doing, this is why small businesses are a prime target for cyber-attacks.
• Backup all important company and customer or vendor information on a regular basis. Critical data include: databases, documents, financial information, human resource files and all account receivables and payables. Your sensitive data may include other files as well.
• Limit access of computers and hardware. Give each employee a login and limited access to systems and data.

The above items are not all-inclusive, but are the very basic ways to secure your company’s data. You can get more information about cyber security for small businesses at the Small Business Administration’s website. The more that you are able to do to protect your company and your customers the less risk you have of going bankrupt from a cyber data breach.