Cyber security isn’t just something that multinational corporations need to consider; it’s a topic that impacts organisations of all sizes.
Thankfully there are lots of ways that small businesses can boost their cyber security and avoid falling victim to malicious activities. Here are just a few steps to consider taking to help mitigate the risks your firm will face in the digital age.
According to Inc.com, More than 50% of small businesses are the victims of hacking, with more than 70% of all hacks being directed at small businesses. The reason being is that small businesses have so much on their plate just to stay alive, freeing up time to focus on their cyber-security is not a priority.
Unfortunately, this creates opportunity for nefarious hackers looking to gain financially and ultimately inflict misery on your small business.
Fight Against Phishing
Last year the volume of ransomware attacks rose tenfold, according to stats published by Malwarebytes.
This pernicious type of software, which locks businesses out of their mission-critical data and literally holds them to ransom, is most often spread via phishing campaigns. Because of this, it pays to stay abreast of the latest social engineering tactics that cybercriminals are using to trick users into installing their damaging code.
Ransomware and other types of malware can be distributed via email, or through compromised websites. Small businesses need to ensure that employees are aware of the risks and are familiar with the underhanded strategies that might be deployed in order to stay safe.
Perfect Your Password Policy
Password-based login systems can be the weak point of an otherwise resilient cyber security system, especially if users are not made aware of how to pick a suitably strong one.
The temptation to choose an obvious password is significant, with new research conducted by Virginia Tech University showing that ‘123456’ is still one of the most commonly chosen, in spite of its innate vulnerability.
Poor password habits can be eliminated by enforcing minimum requirements for password strength within your business IT system. It is also worth getting employees to change their passwords on a regular basis, and ensuring that they do not repeat the same password across multiple platforms. A random mixture of numbers, letters and symbols is the best option, although combining three or more random words to form a password can be easier to remember.
Monitor Your Network
Cyber attacks against your business will often be achieved through a breach of your network security. If such exploitation goes unnoticed, hackers could have free reign to siphon off precious information indefinitely, so you might want to consider investing in an intrusion detection system.
Another factor to consider here is whether or not the Wi-Fi at your premises is adequately protected against the advances of malicious third parties. Running an open network, which is free for customers and clients to use, may be a good idea. But if this is also linked to the rest of your IT resources, then it could give hackers a backdoor to your underlying networking infrastructure.
Keeping your public Wi-Fi separate from your private internal network is a sensible step because of vulnerability. You should also regularly change any Wi-Fi passwords to ensure total peace of mind.
Get An IT Health Check
Investing in a thorough IT Health Check, also known as an ITHC, is a good idea for small businesses that are worried about the resilience of their cyber security services.
Carried out by a qualified team of independent experts, you will benefit from a comprehensive probing of your IT resources that should weed out any weak spots and give you a plan of action to shore up your defences going forwards.
An ITHC can scrutinise everything from your public-facing assets, including your website, to the way you manage mobile devices. And as BYOD (bring your own device) culture has resulted in a rise in cyber security incidents across small and medium-sized businesses in the UK, this is not something that should be ignored.
Consider Penetration Testing
If you’re a small business who’s extremely concerned about your security and process lots of transactions online, it’s definitely worth looking into penetration testing.
The concept is actually pretty cool – You hire an outside expert or company, known as an penetration tester, but more commonly as an ‘ethical hacker’, who essentially tries to mimic a would-be hacker in every way. They’ll look for vulnerabilities in your business and your employees and will try every trick in the book.
There’s a compelling and frightening case study from a professor who challenged ethical hackers to target him, with the results that they could access pretty much anything they wanted including his online banking.
Of course you’ll have a secure contract in place with the hacker which says that they’re allowed to use whatever nefarious means necessary to find weaknesses in your system. After all is said and done, the penetration tester will help you to improve your security and give actionable suggestions to tighten things up.