Cybersecurity mistakes small businesses should avoid
- 2nd March 2016
- Posted by: Mark Dodds
- Category: Office 365
Being in Birmingham we get to speak to many small business owners and the conversation often goes onto talking about cybercrime, either they have been a victim or just find it all a bit too daunting having to deal with a potential cyberattack.
Cybersecurity can be a big issue for any small business and to plan to address these risks, the whole business has to work together. The needs of every business is different as risks can vary but there are some basic principles that should be followed in order to create a level of security that can deal with attacks.
So on that note we`ve put together a list of some cyber security mistakes commonly made by small businesses and what they can do to remedy them.
It will never happen to you
Wrong, it could happen to you because every business is vulnerable, large or small. Hackers are looking to penetrate networks of many different businesses and this means that it is important to understand this and work towards a solution.
Therefore, it is important to use an IT provider to advise on solutions that will help your business with the fight against cybercrime.
It is not just an IT problem
While it is down to your IT provider (if you have one) to put the right security in place, it is, in fact, the job of all employees to ensure that they do their bit. Everyone within the company has access to, or owns data and so they have to help protect these assets. To deal with this, companies should focus on protecting both intellectual property and personally identifiable information. It is also down to those in charge to understand the threat so they can make the right plans should they have to react to an attack.
Failure to update your network
It is important to understand the working and layout of your network (however small) as well as the benefits of updating your businesses software. Failure to do this will result in the network becoming even more vulnerable. To get around this, the simple solution is to ensure that software is always up to date. You also need to understand where all your critical data is stored, the size of the network and how it can be accessed. If these details are unknown, then there is a possibility that the company is at risk.
Don’t just rely on antivirus software
As threats are always there, it is not a wise move to rely solely on antivirus software Those who carry out the attacks work at a faster pace than the security companies which means that they are always a small step behind. To solve this issue, companies have to put solutions in place that can understand the objectives of those who are carrying out the attacks and their reasons for doing so. They also have to be able to understand what damage the attacks could cause and whether there are any known signatures. Small businesses need to invest in a `layered security` model with the very best antivirus, email protection, web security as well as endpoint detection.
Lack of a security policy
We`ve realised after speaking with small business owners that few have any type of security policy in place, even some very simple ones such as when do they change their computer passwords – some have never changed it!. You need to have a well-written, clear, and concise security policy in place, making sure that it includes which employees need access to what data, and what the data access rules are for them. Your security rulebook must be strictly enforced for all employees to follow, making sure it gets updated regularly with the changes and growth your company goes through.
We hope that these pointers help your small business to get onto the path of being more cyber security aware. To help you gain further understanding of cybercrime we have other blog articles on what the cost of cybercrime is for your small business and how to stop ransomware damaging your small business.