Prove you’re not a sitting duck for hackers

50

The Internet has affected how we learn, work and live. It is inseparable from almost everything we do nowadays. Businesses, even small ones, now rely on tools requiring a connection to the Internet.

For instance, the Point-of-Sale machine has completely replaced manual cash registers, allowing payment via debit card and credit cards. Sales and payment data have never been this easy to record, store, and report. Unfortunately, such advancements are not without risk.

Small business have been the target of hackers, with many falling victim to scams, fraud, and ransomware. While not much can be siphoned off of small businesses when compared to large corporations, it is easier for hackers to make successful attempts at infiltrating small businesses.

While established operations can survive an attack, small businesses are not as resilient – in fact,  it’s not unheard of for businesses to close after being hacked.

One of the biggest reasons why hackers are targeting small businesses is that they do not have the same level of security as bigger enterprises, partly due to the cost involved but also due to a lack of awareness: alarmingly, some don’t even know when they’ve had a brush with a hacker. It’s been reported that only 2% of small businesses prioritise cybersecurity.

Without the right knowledge and tools, hacking small businesses is almost like shooting fish in a barrel for online crooks. Here are six tips to help small businesses protect themselves against the risk of being hacked:

1. Increase awareness

Awareness is the number one key in preventing hackers from doing their thing. Being vigilant will leave small businesses in a position to act when risks arise.

The business owner must not be the only one knowledgeable of the risk of hacking. Staff must also be aware. A general rule is to avoid opening suspicious emails and clicking on odd links.

2. Update your systems

Don’t ignore system updates.

Updates are essential – this ensures you have the latest protection available. Threats are evolving and security tools must be updated regularly to ensure that you are equipped with the needed protection to combat them.

3. Back up your data

Some forms of hacking involve blocking out access to your files by locking or encrypting them. These hackers will ask for money (ransom) in return for returning access. Authorities don’t encourage paying these hackers the ransom demand – when you pay, they will only come back, and you cannot even ensure that they will give you back your access.

Backing up your data ensures that when the worst case happens, you can continue with your business with no fuss.

4. Think before you consider implementing a bring-your-own-device policy.

Some business believe that a bring-your-own-device (BYOD) policy will help their business save on costs. Small businesses are, of course, most interested in such an arrangement. However, a BYOD policy can post great risk at is hard to impose high level security for personal devices.

If you are seeking to implement BYOD policy in your business, ensure the following:

  1. Be specific with the type of devices that you allow to be brought by employees.
  2. Ensure that even if the employees are using their own devices, they still practice security measures such as using passwords to lock their device.
  3. Inform your employees that you will have to implement security protocols and that they should not be surprised when you make security checks. It may be their personal device but since these devices connect to your network, protection must be ensured.
  4. Clarify your contingency plan. When devices under a BYOD policy is lost, are you given the permission to wipe out all data from the device? Also ensure which data can be backed up by the employee so that it can be retrieved.

5. Have trusted security tools

Make sure you have effective security tools that afford your business a high level of protection.

Basic protection would be a reliable anti-virus and anti-malware software that should be updated regularly. You should also consider installing secure sockets layer  (SSL) optimised for small businesses so that your connections would be kept private.

Finally, endpoint protection systems could provide more security. Endpoint security restricts access to devices on your network that do not comply with the set policy. Endpoint security is especially recommended for devices on a BYOD arrangement so that protection can be further guaranteed.


About the author

Alex Trinidad is a community security analyst for global security provider Comodo. They provide endpoint protection to businesses with 7 layers of defense together under a single offering for customers of all sizes, to protect them from both known and unknown threats.