UNDERSTANDING BASIC CYBERSECURITY FOR SMALL BUSINESSES

Hacker working on a code on dark digital background with digital interface around.

We recently published a blog that discussed setting up an Employee Identification Number (EIN). It is important to understand that while registering for an EIN or certain types of services, your business’s data could be at risk of theft.

Cyber threats should be on the mind of every business owner, whether they operate a large corporation or a very small company. Criminals may access your network or information to steal identities, financial information or simply to cause as much damage as possible. Fortunately, there are multiple steps you can take as a business owner to protect your assets and employees.

Cybersecurity Should Be a Priority

Every employee that has access to your network or financial information, no matter how important or minor a role they play, should have an understanding of company rules for cybersecurity.

Employees should use multifactor identification and safe password practices to prevent unauthorized access. Good passwords have upper and lower-case letters as well as numbers and symbols that have no special significance (such as birthdays or Social Security numbers). Passwords should be changed regularly. Employees should also have a solid understanding of what phishing is and how to avoid falling for phishing attempts.

In addition, employee mobile devices or computers that can access your network should have optimal security settings. Many employees have their own devices. Failing to take this into account could mean you are putting your business at risk.

Back-Up Your Data

You should have multiple copies of important data stored in safe locations. Depending on your needs, you can make backups automatically, every few days or each week. If possible, you could compress this data and store it on external hard drives that are not connected to the internet.

According to the Small Business Administration (SBA), you should store backups in separate off-site locations in case of theft or natural disasters. You should make sure any backups are password protected. Cloud-based backup services may also be useful but are unfortunately prone to security risks – even if the risk is small.

Businesses may benefit from encrypting their data as an extra layer of security against theft. If a thief did obtain an external hard drive, they would be unable to access the data because it is password protected and encrypted.

Have an Emergency Plan

Always assume the worst can happen. When it comes to cybersecurity, we live in an increasingly dangerous world. You can include all employees, including your IT department if you have one, in mock exercises to practice your response. Cybersecurity professionals can help you create a cybersecurity and disaster response plan that can protect your business.

Don’t Ignore Patches and Updates

Skilled hackers are good at exploiting zero-day exploits. These are exploits that have not been patched yet because the security issue is not known to the software’s developer.

Although it is very difficult to defend yourself against an unpatched exploit, software developers will release patches once a zero-day exploit is discovered. These patches can prevent additional users from falling victim to the same exploit. Pay close attention to patches and make sure your employees are regularly installing security updates for software used by your company.

It should go without saying, but all devices should have some type of anti-malware and spyware software installed. Even browsers and email accounts should utilize security software.

Consider External and Internal Firewalls

Firewalls create an extra layer of protection from criminals who are trying to access your devices or network. In addition to creating a firewall for your office, you should also require firewalls and security software for employees who work from home.

You should monitor the firewalls and any security software services you and your employees are using. This will allow you to potentially catch unauthorized attempts to access your devices or network. Be sure to use a business-grade firewall, as it has multi-faceted layers of protection.

About Our Palo Alto Business Lawyer

Winghart Law Group, Inc. understands the needs of Palo Alto and Redwood City business owners. We frequently update our blog with helpful tips for business owners who want to protect their bottom line or who are trying to start a business. Follow us on Facebook for future blog updates.

If you have questions about starting a small business or handling legal issues affecting your business, then we encourage you to call our Palo Alto business lawyer at (650) 456-2925. You can also contact us by using the online contact form on our website.

Scroll to Top