All it takes is one employee to open a malicious email message for a cybercriminal to gain access to a company's network to gain access to confidential customer or financial information. Yet just 53 percent (PDF) of companies with fewer than 50 employees attach a high priority to cybersecurity. In an increasingly digital world, that's an invitation to trouble.
Smaller businesses obviously can't match what their large enterprise counterparts are able to spend on cybersecurity. Still, there are ways to compensate for any budgetary limitations and put in place a comprehensive defense before cybercriminals target you.
Here are 10 tips you can apply to the task:
1) Seek security help
If you can't set up your security and processes properly, contract a professional
2) Head for the cloud
For the sake of convenience and security, move more of your data to the cloud.
3) Back up your data
You ought to back up your systems so there's a pristine copy of your data somewhere safe.
4) Update everything
Make it part of the routine. This includes updating your operating system -- and don't ignore Microsoft's monthly security patches if you're a Windows shop -- your apps, Java and any browser-related plug-ins.
5) Make multifactor authentication a must
There's no excuse not to do this -- yesterday. Two-factor authentication should be applied not only to your VPN, but to your organization's LinkedIn and Google accounts, as well as any other online accounts.
6) Scan for malware
Scan regularly for malware: weekly if possible, monthly at a minimum.
7) Password management
Use complex passwords and never reuse them across different sites. Remembering them all can be unwieldy so you may find it useful to try a password management utility, such as LastPass.
8) Keep close watch on the digital supply chain
Small businesses are increasingly connected to enterprise supply chains for software and services.
9 ) Preach the security gospel
Take time to educate your staff about the acceptable use of corporate resources. Demand adherence to security protocols and make employees aware of the risks entailed when they open emails from strangers and click on the attachments.
10) Look into cybersecurity insurance
Talk with a broker to discuss insurance options to protect your company in case of a breach and loss of customer data. In case there's a lawsuit, you need to be protected.