When we see Sony, Target, and Home Depot get cyberattacked, we think that it’s only going to happen to big companies and organizations. But we’re wrong. Cyber attacks can happen to any business, no matter how small you are. According to a study by the U.S. House Small Business Subcommittee on Health and Technology, about 20% of cyber attacks hit businesses with 250 or fewer employees. How bad can a cyber attack be for small companies like this? About 60% of the small businesses close within six months of their attack.
Cyber attacks are not prejudice. The malware programs that hackers are using are set up to attack any business. Hackers are criminals who have mastered the ability to identify and exploit vulnerabilities on the Internet. If you use the internet and you’re a business, you’re a target. CyberFactors says that around 40% of reported breaches are committed by in-house employees. Often the in-house employees don’t even know that what they are doing is unsafe. But we’re not here to scare you. We’re here to help. So how can you protect your company?
- Train employees on IT risk. It’s usually the people who are not aware of their risky behaviors who get into the biggest problems. You should teach your employees how to recognize scams and phishing schemes. Train your employees about giving out credit card or other confidential information out to others. Make sure that your employees know the dangers of putting personal information on the Internet and run a training on hot to protect data on their PCs, tablets, smart phones, and other devices. The best thing you can do for your company is help your employees make smarter choices when it comes to IT.
- Create a clear policy on technology. This clear policy should be simple and easy to understand for your employees. Make sure that they understand when and how they should use their own devices on company networkds. Create a policy to have passwords strong and changed regularly (every 3-6 months). Train your employees on other ways to save their passwords rather than a sticky note on their desk. Hiding your passwords under or in anything on your desk is not as safe as they might think. Once you have created and implemented this policy, run routine checks to ensure that the policies are being followed. Establishing consequences and holding employees accountable for their actions is a great way to get employees to follow policy.
- Have someone in charge of security. While larger companies have armies of IT and security specialists, you just need one person to have a clear responsibility of security in a small business. It can be a part of someone’s position rather than a full-time job. Without keeping focused and giving security attention, your company could suffer the consequences.
The only way to protect yourself from these cyber attacks are by investing in putting basic protections and trainings in place. By implementing a policy on technology, giving security time, attention, and effort, and training your employees on safe use of the internet and devices, you can protect your company, employees, and most importantly, your customers.