16 Oct CNBC’s Small Business Cybersecurity Update – Five Cybersecurity Tips to Protect Your Business Now
By: John Patton, Director of Managed Services, Focus Data Solutions
As CNBC reported on October 13, 2019, new studies by insurance carrier Hiscox indicate that 43% of cyberattacks are aimed at small business, but only 14% are prepared to deal with such an attack. Additionally, these attacks are costing small business, on average, $200,000 and forcing 60% of those businesses out of business.
The scarier fact is that Keeper Security reports in its 2019 SMB Cyberthreat Study that 66% of senior decision-makers at small business are holding fast to the belief that is won’t happen to them.
Let us put this idea to rest. Your small business will be the target of a cyber-attack.
CNBC’s article is a great overview of this issue and what small businesses should do to protect and defend themselves from cyber-criminals. Many of the tips are addressed by professional IT organizations and managed service providers as part of a standard small business service offerings.
We encourage you to look at our top five favorite tips from the CNBC piece that any small business can implement on their own. Our thanks to CNBC for keeping us all informed on such a serious issue for small business.
Ensure your business makes daily backups
Having a backup is essential if your systems are hacked or a ransomware attack occurs. Be sure employees are saving files to a share drive on a server or creating a backup of locally stored files in a secure manner.
Prohibit the use of removable media devices.
USB drives are one of the most dangerous ways cyber-crime happens. If an employee takes a USB drive with your clients’ information off premises – and loses it – your company is exposed.
Limit employees’ access
Employees should only be allowed to access the information, files and folders they need to do their jobs. Unlimited access is not safe and is not good cybersecurity policy.
Train your staff about cybersecurity
Make this a routine part of your training plan. The standard recommendation is every 90 days on the latest threats. Your IT provider can help you with this type of training.
We love this suggestion. Use drills and practice tests to show employees real-world scenarios to help team members identify, and hopefully avoid, cyber-scams.
Teach team members to ‘stop, think, don’t click” if they receive unsolicited emails, attachments or other kinds of “phishing” emails.
Each of these suggestions can be implemented by the smallest of businesses. Take the time to protect yourself, your clients and your business by ensuring the security of your computer network now.