If you think cyber-attacks only happen to big businesses, think again. Over the past 5 years, the rate of attacks on small and midsized businesses has nearly doubled. Your IT is your foundation. And the security of it is even more significant.
Thinking "It Won't Happen to Me"
There's this crazy notion that company size will keep you safe. There is no way - I repeat - no way to avoid malware and hackers by doing nothing. Being underprepared for potential threats is a HUGE mistake.
Studies have shown that 48 hours of critical data loss can and will likely make a business go out of business. Think about your sensitive data. Could you really go 48 hours without access to it? What if you didn’t have a good backup and that data was gone permanently?
There are no companies too small for an IT security plan.
Ignoring Software Updates, Patches, and Terms of Agreement on Downloads
Are you paying attention to your software? Software is a two-part process. There are the updates/patches and agreeing to the terms.
First, if you postpone updates and patches, that's a HUGE risk. These updates are not for vanity. They are released to keep you safe from jeopardizing security issues. Talk to your IT professional about keeping those updated and protecting your system.
Updates should be tested as soon as they're available and rolled out to the organization as soon as the testing is complete. Sometimes the updates can cause issues with other technologies. So there's a balancing act between applying the patch quickly for security, and waiting until after it's been tested to make sure your employees will still be able to work after it's been applied.)
Same topic, different discussion - downloads. You restart your computer and boom you have a new toolbar on your browser. That’s what happens when you agree with the terms without reading the consequences.
The toolbar, although annoying, isn’t really the problem. The problem lies when additional downloads can cause browser and antivirus software issues. Little cracks here and there are what break the dam that is your computer's security. Avoid this by reading the terms before accepting, or have your IT team set a policy for what can and can't be downloaded to work computers.
Using the Same Password
We are all guilty of this one. We all have this terrible habit. We use the same password or slightly varied versions of the same password on all the sites we visit. That's almost as safe as setting 123456 as your password!
Here are some password best practices:
- Never use your name
- Never use your birthday
- Reset password every 90 days
- Use a phrase instead of just a word(s)
- 8 characters or more
- Never use anything that can be traced to you
- Mix numbers, letter capitols, and special characters
It’s super important that you make your password easy for you to remember, but difficult for anyone else.
And don’t forget about cookies. Cookies are like little arms on websites that reach out and store your info. They use them to keep track of users on their websites. Cookies also are the reason you can allow websites to remember your passwords. But keep in mind if the web page is remembering it, it is being stored somewhere. If it’s being stored it can be hacked and stolen. We’d suggest you don’t allow websites to store any login information.
Making Cyber Security Just an IT Problem
Most cyber security issues come from the failure to stick to security policies. This can be from a lack of employee awareness, training, or regulation. Business owners make the assumption that cyber security is exclusively an IT issue.
You're underestimating the breaches and damage that happen by simple employee mistakes.
To help your IT department and business, here are some best practices to keep your employees on track:
1. Create an Effective Security Policy - clearly, outline rules and regulations on how to manage data.
2. Educate Your Employees – make employees aware of the dangers and educate them on potential security risks.
3. Monitor Employees – it isn’t always easy to distinguish risks. Monitor your users to keep away from and quickly detect leaks or attacks.
If anything on this list is commonplace in your workplace, it might be time to revamp your security. These mistakes, although small, can ruin an entire company’s ability to function. The best thing you can do is routinely work on strengthening your security. Keep up with inside and outside threats. Keep your valuable data safe by keeping employees up to date on your policies.
Tech Alert
Things change rapidly in the world of tech. We'll keep your business up-to-date on the latest information technology news so you can stay in the know.
Related: Tech Minute: The Deep Web's Effect on Small Business