There are simple and effective best practices to help secure your small and mid-sized business.
Small and midsize businesses (SMB’s) have been constantly bombarded with cyberattacks. The reason for this can be summed up with some pretty surprising statistics:
- 1 in 323 Emails to Small Businesses are Malicious.
- Approx. 99% of businesses are small and medium sized businesses with less than 1,000 employees.
- There was a 424% Increase in Authentic and New Breaches of Small Businesses in 2018.
- There are 83% of SMB’s that lack the funds to deal with the fallout of a cyber attack.
- Smaller businesses do not have the resources to implement Security Operation Centers (SOC’s).
- Smaller businesses do not have the budget to purchase Security Information and Event Management (SIEM) solutions to detect threats on their networks.
- Malicious Attackers target small businesses specifically due to the reasons listed above, and 60% of all small businesses that were hit go out of business within 6 months.
Hopefully, most of the business leaders are aware that their IT teams or contracted Managed Service Providers have lacking cyber-security capabilities, and improving these departments are a daunting task, or is an extra charge from their MSP. So here are five free tips for SMB’s to follow to help keep your business data safe.
- Keep all of your computers up to date, and try to automate patching.
- Most systems have a way to enable auto-updating. Start by working with your IT team or MSP to ensure that the best practices are met when it comes to updating your businesses computer systems.
- Ensure multi-factor authentication (MFA) is on everything that is compatible.
- Invest in FIDO U2F keys, and work with your IT team or MSP to get software that supports these multi-factor authentication best practices.
- Back-up all of your computer systems.
- Ensure that if your business somehow gets infected with ransomware, you are protected with backups of your sensitive and your clients sensitive data.
- Purchase products for your business that have been vetted by cyber-security professionals.
- Cheapest is sometimes not going to be the best when it comes for security cameras, alarm systems, and other physical security products for your business. Most of the time, these devices have built-in back-doors that malicious attackers use to gain entrance to your small business.
- Invest in training for your employee’s on what to look for with suspicious e-mails.
- Invest in some training for your employee’s to ensure that they know what to look for with suspicious e-mails. There are plenty of resources online that you can use to ensure e-mail security is part of your next employee’s hiring process and training.