Security is like the forsaken child of technology. It’s something we
all think about, yet few of us have policies in place to ensure our
businesses are as secure as they should be. We know about social media,
we’re still struggling with email marketing, many of our web sites are
useful and impotent tools (but at least we know it), our sales could be
so much better, I could go on.
But security – we don’t have the faintest clue what to do or how to
protect ourselves. We think we’ll never be hacked or attacked. Yet many
businesses, yeah, small businesses are attacked each month.
The National Cyber Security Alliance (NCSA) and Symantec have
partnered together to conduct a survey on the cyber security awareness
practices and habits of roughly 1,500 small businesses in the United
The results showed that while 65 percent of those surveyed believe
that Internet security is critical to their business, only 28 percent
have formal Internet security policies.
Here’s five things you can do, right now, to better protect your business:
1. Educate your employees: Only 38 percent of small
businesses provide training to their employees about Internet safety
and security. Your employees are vital to your company’s security
posture, so empower them to keep your information and systems safe! A
security awareness program with training and guidelines to enable
employees to carefully consider the security implications of their
online behavior. Require your employees use passwords that mix letters
and numbers (not names or dictionary words) and change them often.
Educate employees not to use file sharing programs or download free
programs from the Internet.
2. Combine policies and technologies: More than 33
percent of small businesses do not have the most basic protection of
all—antivirus. As the number and sophistication of Web-based viruses
and malicious code continues to rise, small business need to be secured
with more than just traditional antivirus technology as they are
susceptible to the same type of attacks as large businesses. Polices
and education need to be coupled with an integrated solution to protect
information wherever it is accessed—from servers to desktops and
laptops. Install an integrated security suite solution that will
prevent virus infection, block intruders, protect privacy, and stop
malicious programs. This will be simpler to install and manage and will
keep you completely protected.
3. Protect Your Mobile Workforce: More than 66
percent of employees take computers or PDAs containing sensitive
information off-site. 62 percent of the companies surveyed have a
wireless network but 25 percent of them do not password protect their
wireless networks. All network-connected computers and inbound/outbound
traffic should be monitored for signs of unauthorized entry and
malicious activity. Create and enforce policies that identify and
restrict applications that can access your network and ensure employees
follow best practices when they work remotely.
4. Backup Valuable Data: Small businesses are
handling valuable data: 65 percent store customer data, 43 percent
store financial record and reports, and 33 percent store credit card
information and a 20 percent have intellectual property and other
sensitive corporate property. It is critical to back up important data
regularly and store extra copies of this data off site. Train your
staff to perform basic back-up tasks unsupervised. Backup systems as
well as applications and files at least daily, and test the backup and
recovery process periodically to be sure it works.
5. Stay informed and update often: Only 53 percent
of small businesses have someone check company’s computers to ensure
that their operating systems and security software are up-to-date. Stay
aware of the security threats you face by reviewing reports published
by industry experts. Keep antivirus software up-to-date by downloading
virus definitions as soon as they are available and regularly apply
updates and patches.