SQL Injection Attacks. Scareware. Password Crackers. BOTs. They sound like alien attacks from an episode of Star Trek – not real threats to your small business.
But, the threat is real. Cyber crime has reached new heights, and the criminals do not care if you’re a Fortune 500 company or a mom-and-pop shop. In fact, as hackers look for the easiest way into a network, small businesses and their less sophisticated security measures are prime targets. A 2010 Panda Security survey of 10,000 small and midsize businesses worldwide showed that 36 percent of respondents did not use any security tools besides free anti-virus protection. And a study from Symantec found that 73 percent of respondents had been victims of a cyber attack during the last year.
A popular belief is that cyber crime is motivated by a desire to disrupt business and gain notoriety for advanced hacking skills. The more prevalent motivator, however, is money. Even if no money or records are stolen, a security breach can have financial repercussions in terms of damage to a company’s reputation and ability to partner with firms that have more sophisticated security in place. More and more, companies are requiring that their vendors and partners have digital defenses in place. There are also laws that require companies to notify customers if their personal information has been compromised and even offer them free credit protection and monitoring in some cases.
Tips for Protecting Your Business
Your business can be threatened in multiple ways: the network, your applications and company data. Many companies invest in security tools for one level, but neglect the rest. The key is to keep criminals from gaining entry in the first place, and to prevent them from causing deep levels of damage if they do. Here are some precautions you can take:
Although most small businesses do not have them, firewalls are now considered essential, as they control who has access to your network.
Recognize the value of a strong password. The best ones use a combination of upper- and lower-case letters, numbers and symbols, are eight- to 12 characters long, and do not include any personal references.
Know your application software vendors. If your vendors offer regular updates and patches, make sure you use them.
Cyber Crime 3.pngFurther protection is available through web application firewalls and web application vulnerability scanning, which look for security holes without requiring you to shut down your business.
If you have a limited budget, focus on email filtering and web filtering technology, as these are two of a small business’ most vulnerable areas.
Investigate newer technologies like data-leakage protection software, which will alert you if sensitive data is going out of your network.
Consider encryption software for your laptop and smart phone. (Remember, they are computers too).
Remember to educate your staff. You can buy the most sophisticated password encryption software, but it won’t help you if a staff member writes the password on a Post-it.
Finally, as ubiquitous and useful as social networking sites are, small businesses should be aware that they come with added security risks. A 2010 study showed that the number of companies attacked through social media networks jumped 70 percent between 2008 and 2009, and that social networks spread malware at 10 times the rate of email networks.
None of this is meant to spread panic. Computers, software, social media, mobile technologies and websites are integral parts of your small business. And, you will most likely see an increase in automated communication between systems in the years to come. If you include security tools in your arsenal, you will be able to keep cyber crime at bay while focusing on what’s really important: Running your business. It’s insurance you can no longer afford to do without. Have you ever encountered a cyber attack?