Run a More Cybersafe Business

Within seconds, cyber criminals could tear down the small business you've built from the ground up. The following actions will help strengthen your defenses, and keep cyber criminals on the outside looking in.

Educate your employees on cyber safety.

Even the most sophisticated security software won't protect your business if employees click on improper pop-ups or fall for phishing scams. Train your employees on the threats they face and the safest way to use the company's Internet and email.

Keep your software and operating systems up-to-date.

When an update to your operating system becomes available, download and install it immediately. Updates often contain improvements to security based on recent viruses and attacks. Though it may seem tempting to ignore it and cut costs, it'll help protect your system from a much larger loss in the future.

Install the right security software.

Make sure your computer systems are installed with most up-to-date antivirus and anti-spyware software. Many security software companies offer software programs tailored to small business needs, for prices that will fit within your budget.

Set up firewall security.

Firewalls protect your internal networks from Internet threats. Make sure to install them not only on your server, but on all office computers, laptops and mobile devices as well.

Secure your wireless networks.

If you leave your wireless network unprotected, you won't just be giving free Internet to anyone walking by, you'll leave a door open for cyber criminals. First, make sure your wireless network is set up to hide the service set identifier (SSID). Then encrypt your network with strong passwords, and don't forget to change the default administrator password that came with the device to something only you'll remember.

Decide who has administrative privileges.

Restrict administrative privileges to the key decision makers within your business, which can range from top IT staff to senior executives. This will help control unexpected changes to your network, and limit your exposure to cyber threats.

Secure physical access to your network devices and computers.

Cyber threats don't just come through viruses and scams, they're also lurking in your physical environment. Ensure that your office space is safe from unauthorized visitors, and that easy-to-grab laptops and mobile devices are stored securely and installed with remote tracking software.

Control use of P2P sharing software on office devices.

Prevent installation of software that allows employees to share files on computers that contain sensitive information, and minimize its use on other devices. Work out a P2P policy that is appropriate to your business, and communicate it to your employees.

Educate employees on USB stick usage.

Though useful for employees working from multiple devices, a USB stick can be used to accidentally transport a cyber threat from home directly into your business system. Educate your employees on the risks they run when using USB sticks, and consider having a USB usage policy.

Learn the risks of cloud computing.

If you're using cloud computing for your small business, make sure to prioritize the assets you store there. Learn the security controls available to you from your cloud provider, and use them. Inquire about the security and reliability certifications the provider has earned, and build security controls into your contract.

Back up your important data.

It's critical that you regularly back up your important business data and information, from customer records to accounting files. This will lessen the damage in the case of a breach or computer problem.

Consider encrypting your computers, laptops, and USB keys

The latest versions of most operating systems provide built-in encryption as a standard or optional feature. Turning this on will greatly reduce the value of any data that a hacker may obtain. Encrypting portable devices such as laptops, USB keys, and DVDs is easy to do and can significantly reduce the damage done by a lost or stolen device.

Date modified: