With small business relying more and more on the Web to remain competitive in today’s global marketplace, they are becoming much more vulnerable to various forms of cybercrime activity. This means you! Cybercrime can have major impact on your business if you lack the technological infrastructure and staffing resources to ward off and fully recover from cybercrime episodes. You may even unwittingly foster such attacks by using unsecured computers that can easily be compromised by savvy hackers.
So how do you protect yourself?
While there are technological tools available that small businesses can utilize to more effectively secure their online presence, these tools are rarely sufficient unto themselves to effectively combat all instances of cybercrime. In effect, it is necessary for small businesses to realign their culture to instill a “mindset of security” in all staff and customers.
According to the results of a survey by the National Cyber Security Alliance and Cisco Small Business, only about 50 percent of small business owners are currently taking even such minimal precautions as having employees review and adhere to online security policies. However, by signing and adhering to such policies, small business owners can better ensure that their employees are safeguarding company information.
Here are five technological and culture changes that small business owners can take to reduce their exposure to cybercrime attacks:
Strategy 1: Determine Your Risk
Small business owners need to evaluate those aspects of their online presence computer hardware that are most susceptible to attack. For example, is internal financial information and other highly sensitive data, such as your small business credit cards account information, linked to the Web in any way?
Part of the risk assessment should include regular monitoring and updating of anti-virus and anti-spyware software and firewalls. All staff should also change their passwords every 45 to 60 days.
Strategy 2: Back It Up Baby!
It is important to establish a consistent schedule to perform data backups and system maintenance. Performing back-ups ensure that important data is not lost should your business be the victim of a cyber-attack. Store all files on a remote device, such as flash drive and make sure to encrypt all sensitive data regarding your firm, its employees or customers.
Strategy3: The Contingency Plan
It’s important to create a contingency plan should your business be the victim of cybercrime. The plan should include the steps you will take to ensure that your business continues to operate. This may include the need to set new passwords, encrypt data with new codes, or using alternate computers.
Strategy 4: Security on the Brain
In order for your employees and customers to take the issue seriously there must be a top-down value placed on security and that the issue is taken seriously by senior staff. This involves training employees and customers regarding Internet-security best practices and technological solutions to cybercrime. This issue should be reviewed annually with all staff, and be part of new hire orientation.
Strategy 5: Verify Understanding with Staff
All employees (from the top-down) should sign a security awareness policy that verifies that they have been made aware of and agree to abide by the security precautions established by your company. This will help to foster a secure online presence for all staff. The agreement should include a section requiring employees to notify their supervisors of any suspicious online activity or known cybercrime. This activity should also be reported to local authorities and the Federal Bureau of Investigation (FBI). Some states have also mandated that business owners notify their customers if their sensitive information has been compromised.
While there are undoubtedly costs associated with implementing a secure Internet environment, the financial losses your company may suffer, along with damage to its reputation, far outweigh the initial outlay of funds to prevent such attacks in the first place.
Daniela Baker is a small business blogger at CreditDonkey, a credit card review website.