Information security can have a huge impact on the survivability of your business. Preventable data breaches can cripple not only the finances of a company but its reputation as well. New technologies like blockchain encryption are taking security to the next level, but even as our defenses evolve, so do the threats. Here are five steps that any business owner needs to take to keep their online operations secure and thriving.
1. Know the Threats
You can't solve a problem that you don't understand, and many business owners who aren't in the IT field struggle to grasp both the nature and scale of online security issues. A large number of systems have a single point of failure which, if compromised, can bring down an entire network. The Cybersecurity & Infrastructure Security Agency (CISA) has a clearinghouse of information on pertinent dangers. It could also be a good idea to employ an expert from an ethical hacking organization to test the strength of your systems and identify specific weak points. Cyber crime and security is fundamentally a battle of information, so put yourself at an advantage by elevating your knowledge.
2. Install Antivirus and Firewall Software
By far the most important defense is one that many business owners still neglect. Make sure to have antivirus and, if possible, firewall software installed on every device that your business uses. Remember to include all personal devices in this equation if smartphones are being used for business communication. They often are; in fact a Deloitte study in 2018 showed that a full 35% of adults use their smartphone for business purposes at least fairly often. Malware delivered via email attachments in a phishing attack is one of the most common online security threats, but a high-quality firewall can mitigate this threat. Remember to regularly update all defensive software on a regularly scheduled basis and install security patches on your devices as soon as their parent company makes them available.
3. Backup Your Data
According to a groundbreaking study by the Ponemon Institute, the average cost of a data breach is $141 per record compromised. Given the amount of data that even a small business stores, this cost can be crippling. There are two main tactics that you can use to mitigate data loss. The first is to make copies of all of your important information, and don't just back them up on the cloud. Use flash drives and even old-fashioned hard copies to make sure that your most vital information isn't permanently connected to the internet. The second is to always have a regular maintenance protocol for all devices. Something as simple as a power outage or short circuit can wipe a computer's memory especially if work isn't saved properly and regularly.
4. Properly Dispose of Records
Have you ever heard of "dumpster diving?" It's a strategy used by hackers to find sensitive information by looking in the literal trash can for it. This is more effective than it should be, and that's because many employees aren't trained in the proper disposal of physical records. For this reason, passwords should never be written down. Also, hard copies should either be completely shredded or safely burned in a specialized disposal device to ensure that they can't just be pieced back together. Educate new workers on these protocols beginning at onboarding, and drill regularly to keep those skills fresh.
5. Keep Physical Security in Mind
When focusing on cyber security, it's easy to neglect the importance of keeping the devices themselves safe from physical intruders. Make sure that any devices with business or personal information on them are stored in a secure location after you lock up. Depending on your available capital, consider beefing up security with biometric locks and/or closed circuit television (CCTV) monitors. This is an especially good idea given that many cyber attacks are inside jobs by disgruntled employees.
For better and for worse, the internet is still a wide-open frontier. Security problems will always crop up, but by having a firm knowledge of these issues and a cohesive plan for dealing with them, you can mitigate the threats and have greater peace of mind.