In a recent SecurityInfoWatch article, Paul Lipman says of hackers, “If you have a bank account, you’re a target.” This is true. All persons in this now digital world are exposed. That being said, all businesses, small to midsize businesses (SMBs) included, can be hacked, attacked, breached or otherwise exploited in seemingly infinite ways.
Sophisticated firewalls once held hackers at bay. Now the threats are coming at businesses from all angles.
You set up a Wi-Fi access point for guests and employees. Someone infects a user’s mobile device with a Trojan or virus. Even if your company’s Wi-Fi isn’t compromised, any employee who takes their tablet or smartphone to lunch or to the coffee shop is also at risk. Hackers lurk where people congregate. They seek out the vulnerable. They might get your credit card information. Or better yet, they might hit the jackpot and make it onto a corporate network with even more valuable data that is ripe for picking. And if that doesn’t scare SMBs enough, there’s always the fear of internal breaches from current employees or even third-party vendors.
Sadly, smaller businesses don’t usually have the funds nor IT expertise to implement strong data security plans. And as Lipman says in his article:
The security industry has let SMBs and SMEs down. Their incentives are clear: call out and create urgency around the latest security threat, produce a targeted solution to address the problem, and sell it at premium prices to the large organizations with the resources to implement it. Obviously, this model is not accessible or sustainable for SMBs. They are left to fend for themselves, which is frightening when you consider that small business accounts for nearly 50 percent of the US GDP. The more SMBs stick their head in the sand, the easier they are to prey on.
Instead of living in fear of the next big cybersecurity attack, TechZone360 gives SMBs a list of steps to become more prepared to prevent a breach or handle an attack should one occur. The list includes the following information:
- As the owner, take control of your business processes, logins, and network access. (Or put a trusted employee in charge.) Make sure that if a breach occurs, passwords can be changed “across the board without relying on employees to take action.” Be sure to change passwords when employees leave the company.
- Be sure third-party vendors and service providers employ strict security policies and rely on encryption and authentication of data transferred between your business and the cloud or other networks.
- Provide ongoing security training for your employees. School them on password protection, encryption, proper security practices and how and where to properly access company data.
The good news for SMBs is that the government is now on the side of smaller businesses. The Department of Homeland Security is pushing IT security vendors to create more affordable options for SMBs. However, these scalable, budget-friendly options have yet to surface. So until then, take precautions and provide a strong security policy for your company and back it up with regular discussions and education.
Kim Mays has been editing and writing about IT since 1999. She currently tackles the topics of small to midsize business technology and introducing new tools for IT. Follow Kim on Google+ at google.com/+KimberlyMays6 or Twitter @blumoonky.