Small to mid-sized businesses are under attack from hackers. In fact, 66 percent of small businesses have suffered a cyberattack in the past year. Why? Because small businesses are usually easier to penetrate than large corporations.
This means your business needs to prepare for a cyberattack and have a plan in place for if something should happen. It costs between $1 million and $3 million on average when a small to mid-size business gets attacked, according to a 2018 Cisco report.
If you protect your data before you get hit, you can save yourself a great deal of downtime, money, and headache. Here are a few tips that can help you protect your data.
Educate your employees
Training, training, training. Companies spend millions of dollars each year training employees, and that should include some cybersecurity training. Educate your employees as to best practices, key terms, and what to look for while working each day.
Talk about how to set passwords, use company VPNs, and take advantage of two-factor authentication. Share with them the dangers of downloading just any program off the internet. Each new employee should have cybersecurity training built into their training plan. Refresher training should be held once a year, just to keep employees updated on the new threats that could be coming their way. If your company uses an MSP to manage their systems, bring in the managed security provider to do the training.
Manage your passwords
This is something that can never be said enough. Most employees know that they should use different passwords for each system and that they should change them regularly. Unfortunately, knowing they should do it isn’t enough. Most employees use the same 8 character password for everything, and they change it only if they are forced to do so, leaving you vulnerable to attack.
You can do a few things to change this pattern. Set it up so your employees must change their password every 60 or 90 days. Within the system, mandate that your employees must use 10- or 12-character passwords. This will force them to think of some new passwords to use and change things up a bit. Use a password management tool to track everything. These tools can help employees use unique passwords, but they also keep track of the passwords, making it easier for the employees.
If passwords truly become an issue, switch to two-factor authentication when you can. It adds an extra layer of security to accounts and is usually as simple as registering a phone number where a verification code is sent during the login process.
Invest in a VPN
Invest in a virtual private network as part of your infrastructure, teach your employees how to use it, and then be sure that they start using it regularly. A VPN is a secure network that is used to protect online interactions. This is a fantastic tool when you have remote employees. Since the VPN secures your data, making it impossible for hackers to decode, your remote employees can safely connect with your servers.
Monitor software and hardware usage
About one in four security breaches are internal, meaning an employee has downloaded or opened something they shouldn’t have touched. By monitoring the websites that your employees visit, you can stop a cyberattack before it starts.
Also, watch out for employees that start downloading random programs onto their desktops. Some of these programs are not safe. You can block your employees’ access to certain websites and their ability to download software. Just as your MSP monitors your networks and servers, you should monitor your employees to keep your business up and running.
Cyber threats are real and cybercriminals are going to keep coming at your business. It’s up to you and your employees to manage the threat. These tips can help you on the path to success.