If you own a small business it’s far more important than you might think to take some time to protect yourself from hackers and cyber-criminals.
But we get it…It’s a hassle, and unless you are running some sort of IT related company, the idea of implementing effective cybersecurity might seem as daunting as trying to plug the hole in the Titanic with a cork and some sticky tape.
Don’t panic; this guide will help take the worry and the stress away so you can concentrate on running your business.
As a small business owner, you may think that like 87% of other small business owners (according to a recent survey) you are somehow immune from the perils of hackers and cyber-attacks.
After all, the cybersecurity news stories seem to surround the hacking of international banks, multinational corporations and government agencies. It can appear that cyber-criminals should be more concerned about trying to hack the companies with all the millions in their bank accounts and their limitless deep pockets.
It would be fantastic if this was indeed the case, but the truth is unfortunately much more stark.
Recent studies have shown that small businesses are regularly targeted. And tragically, the statistics also show that small business owners are among the worst prepared to deal with cyber-attacks.
87% of small businesses don’t believe they are a target for hackers.
The cold hard truth of the matter is that small business owners are incredibly appealing targets for hackers because they know that they are intrinsically less careful, and less likely to be prepared for a cyber-security incident.
Running your own business is hard enough.
Are you a target?
Why would a small Shoe-Shop owner, a Nutritionist, a Garage, a Hairdresser, a Café-owner, an Architect’s office, or any one of a thousand different small enterprises, find the time or have the innate knowledge required to have a fully functional cyber security system in place?
It’s really easy to understand why you wouldn’t think your business is threatened.
After worrying about sales, taxes, invoicing, transport customer service, rent, employees, wages, the long hours, working on weekends, finding time for family, and just making sure the business stays on an even keel, never mind making a profit; finding the time to look after the IT side of your business other than just making sure your computers let you do all of the above, can rapidly slide down the list of important things that need to happen.
Fortunately, improving cybersecurity for your small business can be a much simpler, less time-consuming, and a much easier process than you might think.
The world of technology changes all the time, and new threats are constantly emerging.
Protecting your bottom-line, your data, and ultimately the future fate of your company is a fairly straightforward process.
Believe it or not in the guide that follows, 5 out of the 7 steps that can help protect your cyber-security and your business don’t actually cost money.
The 5 cost free steps simply require some time, but a lot less than you might think. (Also, it may require some Google searching, but when did anything ever not? As a sidenote, did you know that 90% of the good stuff in an apple is in the skin? I googled that.)
Without further ado, here are your 7 simple steps to creating an effective, viable and workable cybersecurity system for your small business.
You, if you get yourself a functioning cybersecurity policy. (Probably)
1. Create a Cybersecurity Policy and ensure all employees are involved.
Just because your business isn’t a multinational corporation with headquarters in different continents doesn’t mean that this somehow precludes your business from having a Cybersecurity policy or plan. But it’s not as complicated as you might think.
Cybersecurity policies and plans can be as complicated or as simple as you like, and you can pay an expert to do it all for you, but that can be expensive, especially when you can do most of it yourself with just a little bit of research (See the bit about Google, above).
Steps in your policy can be as simple as never going online without an active VPN (Virtual Private Network), never using open WiFi, and never opening email attachments from unknown sources.
It’s important that your employees are made aware of their responsibilities and kept updated and well-informed when it comes to detecting and addressing possible cyber security issues, especially if they are using the business’s devices. Awareness of potential threats and not being ignorant to their potential severity means that no threat goes by undetected by the business.
Laptops can be left on trains, external hard drives can be stolen, phones can go missing. As well as the hardware costs involved, any customer credit card information or confidential personal information on missing or stolen devices could land your company in an embarrassing or costly legal situation.
Having simple security checks such as password protecting devices, enabling two-factor authentication, limiting data available on mobile devices, using solid antivirus, and utilizing encryption can save you from having to report yourself to authorities and from hoping that clients and customers will forgive you for losing information about them when you have to write a begging letter asking them to continue to do business with you.
Also, a data breach like that could put you out of business.
2. Update, update, update.
Seriously. We’ll say that again: Update, update, update.
Regularly update your computers, including desktops, laptops, and mobile devices. And by this, we don’t just mean keeping your antivirus up-to-date, but everything. Make sure your operating systems and web browsers are up to date to help protect against the latest threats.
You’ll also need to regularly check for new versions of software, including security software, as outdated software can leave you open to cyber threats.
If this seems like it might take up a lot of your valuable time, consider getting an automatic software updater to let you get back the good stuff: running your business. Avira has a great standalone software updater, or you could even get one included in your business antivirus (we’ll get into this later…).
3. For the love of whatever you believe in, keep regular backups.
The cloud is your friend
Backups should form a fundamental part of your Cybersecurity policy. They help protect you from not only hackers, but also if your business is destroyed by an Act of God, or finds itself in the middle of a movie franchise like the Avengers or Die Hard.
You don’t have to back up everything, but all the important information should have a copy.
This doesn’t necessarily involve buying expensive physical hard disks anymore, and you can quite safely have most of it saved in the ‘cloud’, but it’s important it’s all copied and backed up somewhere, on a regular and frequent basis.
4. Use a VPN.
Virtual Private Networks (VPNs) are a key part of securing data as it travels across the internet. VPNs used to be the preserve of large corporations, but these days there are any number of them available that cater to both smaller business and even home users, and for a lot less than you might think.
VPNs work by securing (encrypting) the internet traffic between your computer and or mobile device through a remote server meaning that even if a hacker manages to eavesdrop on your web traffic, all they will get is an unintelligible bunch of random numbers and letters.
For a proper guide to how VPNs work, and for a list of what we at Filehippo consider to the best, read this guide here. There are free VPNs, but they come with advertising, and may not be as secure as the paid for options, which in most cases, are extremely good value for money and cost pocket change per month.
If you want to jump straight to the best, Cyberghost VPN is one we rate really highly, and could be a great choice for a small business. One subscription can cover up to 7 devices, and even offers router coverage so everything internet-related in your office will be protected, even your printer.
5. Passwords galore.
Skilled hackers have been using the default passwords that come on devices such as routers to hack companies for years. It’s one of the easiest ways they can gain access to businesses, so change your passwords pronto.
You should also not use passwords such as 12345 or Pa55w0rd1. Instead put three or four random words together such as ChairButterIslandBarbie and then something like an old phone number after it. This is just as secure as a random string of frustrating letters and numbers.
And of course, every password you use should be unique, so you’ll probably want to keep track of these somehow.
Again, we know your time is valuable, so you could use a password manager and save yourself the hassle (hint: you can get one of these included in your antivirus, too).
6. Have an Emergency Response Plan.
It is better to have a plan for emergencies and not need it, then to not have one, and suddenly find yourself staring down the barrel of a Ransomware demand for thousands of dollars.
If you and your employees know what action to take when such a threat hits, you can limit or even negate any hazards that come your way.
Having backups from last week, and copies of everything also turns a hacker’s demands or a catastrophic hardware failure into something that’s just annoying, as opposed to having to file for bankruptcy.
7. Use the best, most reliable, and highly rated business antivirus software that comes with a firewall and you can afford.
Well, let’s face it, you all knew this one was coming. It’s step 7, and it’s the one that definitely does cost money. But it’s the most important part of cybersecurity, and everyone should have one, whether they are Amazon, a government agency, a student, a grandmother, or a small business.
Use the best all round antivirus and Internet Security package you can, in tandem with the other steps above. As you may have guessed, a good antivirus solution will actually help with a lot of what’s been said in this article already.
Antivirus such as that by the industry wide recognized and critically successful, Avast, Avira, or Norton Symantec brands will help keep your computers and mobiles up to date and safe from hackers and other cyber security threats.
New cyber security threats emerge almost every day. Therefore it is important to have the best protection to be constantly protected.
If you opt for Avast Antivirus Pro Plus, for example, you’ll get a software updater, password manager and VPN as part of the deal, so you don’t have to worry about sourcing each of these separately.
But of course there are other options, too. Most of them will give you a 30-day free trial, so you can see what works for you.
At the end of the day, cybersecurity is an important issue for everyone, regardless of whether they’re running a business or not.
It’s your responsibility to keep your business safe and protected, and as we’ve discussed in this article, in real terms, it’s not as complicated or as difficult as you might think.