Small businesses are the target for a third of cyberattacks and cybertheft. And the results can be devastating. Nearly 60 percent of small businesses fail within six months of a cyberattack. Software might be a good start to protect your business, but is it enough? Here are some additional steps you can take to help guard against this potential threat.
Create a Comprehensive Plan
Cyber theft is a multi-faceted threat. So, you need to have more than a one-solution answer. A more comprehensive approach can include several factors like data security, how you take and process payments, and employee training.
The Federal Communications Commission (FCC) offers Cyberplanner. This online resource helps small businesses look at multiple areas so they can create a customized plan. It includes expert advice from a number of security companies. While it may not be a substitute for a professional opinion, it can help you identify key areas.
A plan is only as good as the people implementing it. So be sure to provide training for your staff. One important area is to educate them about phishing attempts. That’s the fraudulent use of emails to get confidential information like your passwords (or worse yet, customer data).
Another topic is the safe use of the internet. The Small Business Administration (SBA) offers several tips. For example, don’t download software from unknown web pages or respond to popup windows requesting you to download drivers.
Remember to include yourself in the training process. The SBA offers a free, online class. In 30 minutes, you can learn more about cybersecurity and how it can impact your business.
Double-check Before You React
How do you know that request you received came from your actual customer? A common tactic of cyber criminals is to pose as a customer in order to get access to your information.
Some businesses use a multi-factor authentication process for payments or customer requests. That means verifying a request using a channel other than the one a customer uses. For example, before processing an email request to change the billing address of a customer, the business might require a password or a one-time code that is texted to their mobile device.
Secure Your Network
Secure your internet connection with a firewall or encryption software. If you offer Wi-Fi, require a password login and do not broadcast the network name. Some businesses separate the Wi-Fi network for customers from the network they use. Talk to your website administrator about establishing a secure connection, perhaps using an SSL (Secure Sockets Layer).
Cybercriminals are constantly finding new ways to get information. That’s why it’s important to have the most current version of your security software. Configure your software to update automatically, so you don’t miss potential threats or patches. As an added measure, some business owners make it a practice to run scans after an update.
There are also a number of free resources available to stay informed about cybersecurity. The SBA offers a small business toolkit that includes links to local resources and workshops. And the Department of Homeland Security’s Stop.Think.Connect. program provides links to materials specific to small businesses.
Cybertheft represents a significant threat to small businesses and the customers they serve. Consider these additional steps to help protect your business.