Small and medium-sized businesses (SMBs), vital to the U.S. economy, are vulnerable when it comes to cybersecurity. Small business owners often make the mistake of thinking that their data will have little value to hackers. Yet, financial accounts and employee, customer or partner information are all appealing to cyber criminals, and if SMBs are unprepared, even more accessible.
The cybersecurity experts over at F-Secure have compiled the following information to help small and medium-sized business owners assess their exposure to cyber threats.
Click through for six questions SMBs should ask to determine their cybersecurity readiness, as identified by F-Secure.
Do you have a dedicated IT person?
Cybersecurity is a complex, extremely fast moving and dynamic challenge for our nation and for every business. Today’s security solutions automate many of the processes involved with protecting individuals or businesses. However, businesses are much better off having someone knowledgeable such as an IT person or team, or a value-added reseller or managed services provider, who can make sure software is deployed correctly and keep you abreast of security issues.
What type of security software do you use?
Some small businesses rely either on free security software that comes with their computers or consumer-grade security software suites. These solutions are better than nothing at all, but they are insufficient for business use. Moreover, businesses tend to have multiple employees with multiple types of devices – that’s why it’s important to have a solution that can fully protect your business. Security as a service is also a great idea for small businesses versus licensed software because it requires little management and the software is always up to date.
Do your employees use a range of computing and mobile devices?
Nowadays, your employees are likely using multiple types of devices for personal and work use. This creates more points of exposure – or a greater potential threat surface for hackers to exploit. It is thus important that all your employees’ devices – from PCs to laptops to tablets to smartphones – are protected and considered in your security program.
Do you or your employees use Wi-Fi?
Wi-Fi can be yet another point of exposure if not properly secured. It’s critical that businesses understand the risks of Wi-Fi and how to properly secure it. Be sure to use WPA2 to secure your network and use a strong password. In addition, it’s a best practice to create a separate Wi-Fi login for quests logging onto your network. This helps reduce exposure of your regular work Wi-Fi network. In addition, many public Wi-Fi hotspots are easy targets for hackers, and often people don’t protect or use the highest level of protection on their home Wi-Fi. It is all the more reason that you should ensure that all employees protect their mobile devices and networks used for work and personal use.
Do you have a security policy and do you train employees on IT security?
Software and expertise can only protect you so much. The biggest weakness in the fight against cybersecurity has always been the human factor – risky online behavior engaged in by employees. The only way to help reduce this exposure is to have clear policies in place, train every employee on Internet security and provide regular reminders and refresher trainings.
How do you ensure the software your employees use is up to date?
Software flaws are also a common way hackers gain access to devices and critical information. When flaws are found, hackers quickly exploit them until the software maker discovers the problem and is able to send out a fix. If you or your employees delay updating software or apps, you are exposed and could be easy pickings for hackers.