How Small Businesses and Their Employees Can “#BeCyberSmart”Jill Quash
Why #BeCyberSmart? Cybercriminals come in all shapes and sizes. What they’re looking for is simple: access to confidential data they can use for malicious purposes.
Today’s small businesses are more vulnerable to cyberattacks, given they’re not typically as well protected as their larger enterprise counterparts. A fact supported by Verizon’s 2020 Data Breach Investigations Report that shows one-third of data breaches in 2020 involved small businesses.
Research also alarmingly shows 43% of small companies don’t have any cybersecurity defense plan in place, leaving sensitive financial, customer and business data open to security breaches.
Equally, the current remote work environment with many employees’ BYOD (bring your own device) laptops, smartphones and tablets digitally connected to lucrative company data only increases small business’ cybersecurity concerns. An organization’s cyber-defense is only as good as the weakest link, which tends to be their own employees and their lack of basic cyber hygiene.[Tweet “43% of small companies don’t have any cybersecurity defense plan in place, leaving sensitive financial, customer and business data open to security breaches. Read more here: https://www.smarthustle.com/becybersmart/”]
Now more than ever, it’s imperative that small businesses and employees practice overall good cybersecurity hygiene and implement best security practices as cyber threats continue to escalate in both sophistication and volume. This year’s theme is “Do Your Part. #BeCyberSmart” and it bodes the question: What can small businesses and employees do to protect their privacy and security?
Here’s the answer:
Create CyberSmart Employees.
Undoubtedly, employees’ security posture is inherently less secure at home than in the office, sitting within the corporate network. However, there are some basic steps employees can take to lower their risk profile. Practicing good cyber hygiene is vital, especially now when the BYOD environment is on the rise.
Here are five ways employees can “do their part” and “#BeCyberSmart:”
- Never click on links from someone you don’t know, an email address you don’t recognize, or that looks suspicious or seems too good to be true.
- Use complex passwords on all accounts, and be sure to use different passwords for every site. Include a variety of letters, numbers and special characters as well as 2FA (two-factor authentication), whenever possible.
- Run anti-malware and anti-phishing software on all devices — including those you bring from home. Anti-malware will detect and remove viruses, ransomware, and more in real-time. Anti-phishing services identify phishing content, usually while also giving the user a warning.
- Ensure all OS and apps are up-to-date with the latest version and patches.
- Utilize a Virtual Private Network (VPN) any time you connect to public Wi-Fi, which will ensure total privacy on the internet and protection against data theft, privacy breaches, malware and cyber attacks. And, If out and about while working, don’t assume the first “public Wi-Fi” name that pops up is the correct one to use. Always ask an authorized official for Wi-Fi login details and the (hopefully) regularly changing password.
Make Sure Your Security Posture Is a Priority.
Small businesses are not immune to cyber attacks and data breaches and become targets specifically because they often fail to prioritize security. Many small business owners may want to skip cybersecurity because of inadequate consumer solutions and overly complicated enterprise software.
This is a mistake, as it only takes one attack to bring a business to its knees.
Here are five ways small businesses can #BeCyberSmart:
- Regularly backup files. Businesses should do backups somewhere off-network, such as an exterior hard drive or cloud server. This way, if attacked, all data can be restored.
- Develop a cohesive cybersecurity plan that includes and communicates standards for security software to be run on every device on which work is done.
- Ensure all employees’ devices run endpoint security software, and ensure that your employees are continuously updating software.
- Remember security software must include anti-phishing capabilities to protect data and prevent security breaches.
- Don’t forget to continue cybersecurity education. Make sure your employees receive proper and up-to-date training on all of your company’s cybersecurity practices.
Organizations need to defend a fully distributed workforce, enforce adequate security controls, policies, and monitoring. This requires a fundamental rethink, but it’s not hopeless. Ensuring all employees follow the tips above and making sure cybersecurity is a top priority can make the difference. The key is to make cybersecurity a priority now. Do your part and #BeCyberSmart.
Paul Lipman is CEO of BullGuard, an award-winning cybersecurity company focused on the consumer and small business markets. He has extensive experience building and leading security and consumer technology companies. He is a recognized thought leader on cybersecurity, data privacy and IoT.