Is your small business at risk during the holidays? It might prove faulty during this time because cyber crimes happen more during the holidays. Take these steps so you don’t lay your business bare to bigger-than-ever cyberbullies before, during, and after the holidays.
The statistics are startling: Cyberattacks now cost companies $200,000 on average, putting many out of business. A whopping 43 percent of online attacks target small businesses but only 14 percent of these businesses adequately put up defenses.
You may already know that having the latest security software, web browser and operating systems are the best defenses against viruses, malware, and other online threats, but what else can you do to go the extra mile to evade cybercriminals?
Here’s how to stop them in their tracks — and sometimes it simply takes a security audit.
Your first step is to get the basics in place in your company — particularly if you have employees. You may be thinking about getting a professional in to your business (particularly if you don’t have an IT department — most small businesses don’t!) to review your cyber capabilities. Even if you plan to do this, make sure you do what you know you need to do before a professional arrives. This includes:
If you’re pretty clueless about security or don’t have a dedicated IT team, you’ll want to get an official security audit or have a security professional into your office to assess your specific network. An auditor assesses a network and its weak points to determine whether a cybercriminal would be able to easily get into the network from the outside. In fact, the auditor will pretend to be a cybercriminal — to “assault” your network in order to test its limitations.
Here’s how it works:
Getting expert advice can really help you turn the corner in avoiding cybersecurity threats.
Note: A comprehensive network security audit will cost anywhere from several thousand dollars to $20,000. Though this may seem expensive (especially for a small business with a potential modest income), it’s far less than you’d pay if you had to wade through a serious security breach.
Based on the security expert’s advice, ask for an exact cybersecurity plan. Make sure you ask for as much detail as possible, including an execution timeline and strategy from the security auditor.
Ask questions and hopefully, your auditor will want to talk to your company’s employees to warn them of phishing attacks and other security risks. If they don’t do this, encourage them to do so, with a complete presentation and careful visuals (sometimes this stuff is hard to visualize unless there’s an exact visual representation of what the security expert is talking about.
Don’t forget to put an emphasis on passwords. Require your employees (and keep yourself accountable!) to use unique passwords and also change passwords every three months. You may want to seriously consider implementing multi-factor authentication, which sounds complicated but it really just means that it requires you and your employees to add additional information (beyond just a password) to gain entry.
Did you know that Wi-Fi equipment is not secure when you first purchase it? Your device comes with a default password, but don’t forget to ensure that your network gets encrypted with your own specific (complex) password.
Talk through keeping your system software updated with your security auditor — it’s crucial for the cybersecurity of your business.
Ask the following questions:
You can do a number of other things to protect your hardware. Employ anti-theft cables or brackets, set up surveillance or web cameras, or lock your server and communications rooms. Do you have ultra-sensitive and confidential customer data? It’s a really good idea to consider adding a biometric scan to unlock the doors or add in an alarm system!
Ask your security advisor what other new technologies are available to help you further protect your livelihood.
Has COVID-19 put your employees at home for good? How about yourself? Are you making sales calls from your home office or basement? Check the firewalls everyone has in place. A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Even if you do your due diligence to make sure your operating system's firewall is enabled at the office, make sure it’s the same at your employees’ homes. If employees work from home, ensure that their home systems also benefit from firewall protection.
Also limit your employees’ access to just the files, folders, and applications they need to perform routine on-the-job tasks — and no more.
Get CoverWallet on your side. Cyber Liability insurance covers a broad range of security-related claims, including data breaches, network failures, and media or content liability.
One breach (even an employee's stolen laptop could be the culprit!) could cost your business, so get cyber liability insurance to cover your business even more.
Are you making high-tech security a top priority? Be honest with yourself. You may be a pro at employing antivirus software to run a scan after each update and add key software updates right when it’s scheduled, but what other things can you do to ensure you’re protected this holiday season?
Get temporary help in the form of a security auditor to make sure your holiday remains merry and bright.
Author Bio: Melissa Brock, the founder of College Money Tips and Money editor at Benzinga, spent 12 years working in college admission. She loves helping families navigate their finances and the college search process. Check out her essential timeline and checklist for the college search!