Data breaches have already been in the news this year, from Equifax to CareFirst. The scariest thing for small business owners about this is that each new attack makes it more likely that their data will end up in the hands of someone who wants to harm. But you may not have much money to spend on ways to improve your business security from being a target.
Ways To Improve Your Business Security
The good news is that there are several easy steps you can take to protect your small business from cyber threats.
Here are six suggestions to get you started.
1. Change Your Passwords
Changing your passwords is the easiest thing you can do to improve your business security and sleep better at night. If you haven’t already, you should run your most important email addresses and usernames through Troy Hunt’s HaveIBeenPwned program. This program checks your information against any personal account data that has been stolen illegally and then made public. Troy says, “Data breaches are common, and many people don’t know how big or often they are.” It’s important to remember that this is only information that’s been made public, so it’s possible (and likely) that we haven’t heard about any other security breaches yet.
But you shouldn’t change login information so often that your users get tired of coming up with new passwords and settle for variations on a theme. In 2016, FTC Chief Technologist Lorrie Cranor got a lot of attention for promoting research from UNC-Chapel Hill that showed this.
“The UNC researchers found that if people have to change their passwords every 90 days, they tend to use a pattern and do what we call a transformation,” Cranor said. “They take their old passwords, change them in some small way, and develop a new one.” These small changes are much easier to predict than they would normally be.
2. Use a Password Manager
If you care about passwords, you should use a password manager like LastPass, Dashlane, or Sticky Password to keep track of everything automatically. These programs let you make secure passwords that are different for each website you use and keep track of them for you. So, you can improve your business security and get the benefits of changing your password without making your employees’ lives too hard. Even better, if you need a team member to access one of your accounts, you can share password sets with them so they can update your website, post to your social media sites, and do much more.
3. Delete Any Unused Accounts
An attacker can easily get into your network by using passwords that are no longer valid. If you don’t have a good offboarding plan, you might end up with a lot of old accounts if you’ve had a lot of employees or changed to a new system. Cleaning up your old accounts is a great place to start if you want to improve your security on the cheap.
4. Enable Two-Factor Authentication
If you haven’t already done so, you should turn on two-factor authentication to make your logins safer. Most of the time, it’s as simple as registering a phone number or downloading an app. However, it adds an extra layer of security that makes it harder for an attacker to get into your accounts.
5. Keep Your Software Up to Date
Software updates always seem to come at the worst time, so it’s easy to just ignore them and put them off until later. Because your software is, well, broken, you are being asked to update it. The Equifax data breach was one of the biggest in recent years. It happened because a software bug wasn’t fixed.
As with passwords, it’s important to know that once hackers find out about these flaws, they look for people who use the software that has them. Install the update you’ve been meaning to for a while. Even if it comes at an inconvenient time, installing an update will probably take less time than dealing with a real data breach.
6. Training to Identify Phishing and Spear Phishing Attacks
Phishing and spear phishing are two of the most common and effective ways hackers attack a specific target. Phishing attacks are more general, but spear-phishing is made for each person and is often very convincing. Training is the only way to improve your business security and to make sure that your workplace is safe. If you are the target of a spear phishing attack, your staff needs to know about all possible situations and what they should be on the lookout for.
What You Can Do Right Now
Cybersecurity is important for any small business, even if they don’t have enough money for a big IT program. There are several cheap ways to improve your business security, which is good news.
Here are some things you can do right away:
- Check your login information and, if necessary, change your passwords.
- Update your software as soon as you can.
- Teach your workers how to spot possible dangers.
- Use tools like password managers and two-factor authentication to improve your security.
What is One Tip for Small Businesses to Better Improve Their Business Internet Security?
Keep clean machines: having the latest security software, web browser, and operating system are the best defences against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available.
What Do You Think Presents the Greatest Security Threat to Businesses?
The biggest, most damaging, and most widespread threat facing small businesses is phishing attacks. Phishing accounts for 90% of all breaches that organizations face, they’ve grown 65% over the last year, and they account for over $12 billion in business losses.