Cyber Security Tips for Small Businesses
In recent years, the world has seen some of the most well-known companies affected by a cybersecurity attack or issue.
23:34 05 May 2022
In recent years, the world has seen some of the most well-known companies affected by a cybersecurity attack or issue. In 2011, Sony saw the personal information of 77-million users compromised in turn forcing them to turn off online services for nearly a month. A couple of years later, eBay fell victim to an attack that allowed those responsible to gain 145 million accounts worth of customer data. These two examples pale in comparison to what happened with Yahoo. It took three years for Yahoo to realize that a hacking attempt which had taken place in 2013 had netted the hackers the information of over one billion people. Later, this number was adjusted to every single Yahoo account. It is staggering to realize the damage a cyberattack is capable of. If cyber-attackers are capable of wreaking havoc on such large companies, imagine what they would be capable of should they target a small business. James Scott, a senior fellow for the Institute for Critical Infrastructure Technology, spoke to the importance of having a well-rounded security system in place, “Your organization’s illusion-based security theater will lose to the reality of cyber-attack any day of the week.”
Seeing as cybersecurity cannot be mastered in a day let alone at all, it is important to highlight the tips that will prove useful for small businesses. To do so, we connected with a few people with experience.
There is no such thing as too many backups
Alex Wang is the CEO of Ember Fund, an app offering cryptocurrency portfolio management. He believes multiple copies of file systems and information is the best approach.
“The last thing any company wants to happen is to have large portions or even all their data wiped from existence. For many companies, this is a hit that will be nearly impossible to come back from. Therefore, every company must be vigilant in making regular and numerous backups of every piece of data they have. It’s one of those things where you may not need it at all but having it will give you great peace of mind and if you do need it, you’ll be so thankful. You can never have enough backups especially when they live in different physical locations.”
Consider mobile devices
Cool Links specializes in cooling towels. Their Managing Member, Alex Chavarry, suggests paying close attention to how a company handles smartphones and tablets.
“Prior to portable and personal internet devices, cybersecurity was far more straightforward than it is today. You only had to worry about your in-house stuff on many identical devices. Times have changed and with that has brought on a new set of cybersecurity problems. It’s very common for employees to have their work email on their personal phone or to take a company phone home with them. This is where the problems arise. With portability comes an increased potential for public exposure. In the world of cybersecurity, public exposure is something to avoid at all costs. This is reason enough for every small business to take stock of all their mobile devices and how best to secure them.”
Any time an outsider can gain access to a company’s wi-fi network, it is a recipe for disaster. Manhattan Beachwear is a business providing swimwear and sportswear for women. Their VP of eCommerce, Karim Hachem, considers it wise to account for this.
“Did you know that there are legal regulations pertaining to how a business should have their wi-fi network setup? It’s true and enforced by the FCC. The biggest thing they emphasize is the importance of hiding your network from being seen publicly. On top of this, and it seems incredibly logical, they also require you to have a password. Failure to do either of these things could result in fines that everyone would rather avoid. This policy is one of the better ones out there. It’s become too easy for anyone to set up a network but that doesn’t mean they’re capable of configuring it correctly. Take the time to adhere to the FCC for headaches sake, but I’d also suggest you take wi-fi security a step further as well.”
Natália Sadowski is the Director of Aesthetics of Nourishing Biologicals, a brand offering indulgent products to nourish and rejuvenate your skin. She advises others to keep every device and application running on the most recent software.
“There was a time in my life where I sat down at my grandmother’s computer and simply because it had not been updated in a long time, it had become overrun with malware. Software updates exist for many reasons but one of the biggest is often security. As cyber-attackers continue to find new ways around seemingly state-of-the-art technology, it’s necessary to stay ahead of their efforts. You can have updates scheduled regularly in a variety of ways but so long as you don’t let your devices become pieces of evidence for history, you should be doing just fine.”
AdQuick specializes in out-of-home advertising. Their VP of Marketing, Lina Miranda, believes establishing the first layer of security is vastly important.
“The term firewall may seem somewhat vague to those unfamiliar with how computers work. But trust me, you’re going to want to ensure that you have a quality one in place. Without it, you’re exposing your network to so many potential dangers. Essentially, a firewall utilizes multiple applications to guard your network from infiltrating in any capacity. To paint a picture, it is the moat and wall of a traditional castle. Whether your team is working in the office or from home, every device is equipped with a firewall to steer clear of any unwanted visitors.”
Give proper training
People employed by a company play a pivotal role in keeping data secure. Orgain is a business providing nutritional and healthy products. Their Sr. Director of Performance Marketing and E-Commerce, Jeff Goodwin, proposes preparing employees for this reality.
“At the very bare minimum, employees should be required to have passwords that meet strength criteria and be aware of how to navigate the web properly and safely. There are too many examples of companies suffering a data breach or cyberattack because an employee did not understand the extent of what they were doing. Obviously, mistakes are going to be made, some of which are unavoidable. But if you can train your employees on the proper cybersecurity procedures, a lot of those avoidable mistakes will not pose a threat.”
Virus and malware protection
Soumya Mohan is the COO and Co-founder of Poised, a brand offering AI-powered communication coaches. Mohan cautions others to seek protection geared towards specific types of attacks.
“I guarantee you that if a device can be hacked, someone somewhere has already done it. And then, they’ve found another way to hack it again after the first exploit was patched. So long as technology is around, hackers will be present. Financial gain, curiosity, personal values, or a sense of accomplishment are a few of the driving forces behind motivating hackers to do what they do. But sometimes, try as they might, they cannot find an in-road to sneak past a cybersecurity system. There is an abundance of cases where software protection aimed at viruses and malware has been responsible for keeping them at arm’s length.”
Virtual private networks
Navi specializes in finding the perfect mobile phone and plan for everyone. Their Co-founder and Chief Customer Officer, Patricio Paucar, considers the use of VPN’s to be wonderful for providing security.
“The internet is arguably the most wide-reaching tool of the modern era. It has allowed for so much advancement across as many industries as you can think of. But with great innovation can sometimes come great danger. Like it or not, the internet is not some secure portal where nothing can go wrong. It’s the opposite in fact, as you’re more likely to experience something cybersecurity related than physical safety related. Virtual private networks can mitigate the risks associated with working online. From data encryption to identity confirmation, VPNs are more powerful than you might think.”
Without being intentional about cybersecurity practices, a company is volunteering themselves as a victim for the next available cyber-attacker. If you or your company are feeling as if there is a danger associated with a specific aspect of the IT system, then it is best to take a closer look at this feeling’s point of origin. Stephane Nappo, the global head of information security for Societe Generale International Banking, summed this up, “Threat is a mirror of security gaps. Cyber-threat is mainly a reflection of our weaknesses. An accurate vision of digital and behavioral gaps is crucial for a consistent cyber-resilience.”