Even with the security breaches at Target, Neiman Marcus and the like, you might think that your small or medium business is safe from cyber attacks because of its size. But it’s just not true.
Even if you know you need to make your company’s data and processes more secure, where do you start? With the help of the National Institute of Standards and Technology, we’ve compiled a list of things your business can do today to improve your cyber security.
Cyber Security Best Practices For SMBs
- Install anti-virus and anti-spyware software on every computer – this includes ensuring that personal computers used for work have them and laptops that travel with employees do as well.
- Use a hardware firewall that protects your internal network at the office from the Internet. Again, you’ll want your employees that work at home to have the same setup.
- Enable software firewalls on your computers as well. This will limit a breach of the hardware firewall to one computer instead of giving a hacker access to information on every device in your network if they find a way in.
- Change the admin username and password regularly. Never keep the default password, which can be easily guessed.
- Update your software regularly. Often, updates are released because developers have identified and patched a possible security threat.
- Utilize privacy screens, lock up laptops nightly and set up automatic screen locks on all devices that are not in use for a few minutes. Understand that anyone with physical access to a computer can obtain data on it.
- If your business uses WiFi, make sure it is encrypted (WPA-2 is the ideal encryption).
- Set up individual user accounts, create strong password requirements (i.e. must use combination of capital and lowercase letters, special characters and numbers), require changes every few months.
- Limit access to especially sensitive information and limit the authority to install software. Often employees will unknowingly install malicious software because a pop-up window indicated that it was necessary.
- Educate your employees on cyber security best practices.
- Reinforce that staffers should never open an email attachment unless they recognize the sender, the message appears to be normal communication, and they recognize the file extension. ZIP files should especially be avoided unless you know and trust the sender. When in doubt, ask a co-worker or IT chief.
- Never click OK in a popup window from the Internet.
For a more detailed account of these recommendations, read Small Business Information Security: The Fundamentals from the U.S. Department of Commerce’s National Institute of Standards and Technology.
© 2014 Generational Equity, LLC All Rights Reserved
Interested in selling your business one day? Don’t miss these free, educational whitepapers that will better prepare you for the process from the mergers and acquisitions experts at Generational Equity.