Pin It

Online and On Guard: Protecting SMBs from Cybercrime

data security1

Running a small online business brings large security concerns. Today’s hackers are no longer satisfied with merely disrupting files or posting a message. Many work with organised gangs and aim to steal data and personal and financial details from businesses. Along with damaging a company’s reputation, a hack of this kind can cause huge financial damage – costing over 300 billion annually to the global economy, according to a report from the Center for Strategic and International Studies.

As cyber criminals continue to become more sophisticated, it is increasingly important not to use outdated tools to fight this modern threat.  Staying vigilant and taking a multi-faceted approach are the keys to protecting your online business.

Basic Bytes

Online security can be complicated, but implementing these simple steps are very effective at improving your online security:

  • Use complex passwords and change them often. Once a hacker has cracked a password, they can instantly access other sites that use the same password. Don’t use personal information like birthdays or addresses to create a password, as this makes them easier to guess. Make sure all employees are using their own passwords, don’t use the same password for different sites, and change passwords every couple of months.
  • Install internet security software, and keep it up to date. Many small business run their IT on home devices, allow use of personal devices, or use remote teams who are working from home. Make sure that every device in your small business has installed internet security software.
  • Don’t click suspicious links. If you don’t recognize a link or have reason to suspect it, don’t click it. You can check the validity of the link by typing the main URL directly into your browser.
  • Limit when and where information can be accessed. Restrict the amount of information that employees can take out of the office or access remotely – this means that staff should not be able to store information on devices. For commonly-used resources like email, web, CRM and records management, it’s recommended to use well-established providers of cloud and hosting services.  Even if this is the only security measure you put in place, you can greatly reduce the threat of a hack with this one step.

The Triple Threat

The biggest thing that small businesses need to understand is that the modern cyber criminal is persistent and resourceful, which makes them a multi-faceted threat. If a hacker is not successful at getting into your system via a particular route, phishing email or social media site, they will simply try another. Business security strategy can be broken into three main areas, physical, technical and personnel:

1. Technical. Cover your bases with the basics in security software – antivirus, screen lock, storing sensitive data in an ISO 27001 secure environment and protecting the most valuable data with additional layers of security And this can’t be stressed enough – every piece of software or application should be updated with the latest patch, which guards against the most recent vulnerabilities.
2. Physical. You can have all the IT protection in the world but if someone can have physical access to a PC, laptop or your server room (it has happened) it is not worth anything. Beware of strangers and people behaving suspiciously around you.
3. Personnel. With the increasing sophistication of phishing and social media attacks, the weakest point in most organsation’s security are its staff. Educate staff so they understand that hackers try to get system access through social engineering, and make sure they know how to behave appropriate online. Train staff in cyber security and keep employees on a need-to-know basis, so only those who truly need to have access to the most sensitive data.

Have a good – and safe – attitude

Whether your online company is 10 people or 1000 people, security is everyone’s responsibility – ultimately it is the business’s responsibility to protect its data and infrastructure from cyber criminals. So have a ‘safe’ attitude – online security is a frame of mind that leads to technology deployments, never the other way around! Looking for a great way to protect your customer’s financial data? Adding Payza as an online payment processor  is an easy way to make sure your customers have a secure payment option.