When big companies like Dropbox or Ashley Madison are hacked, the whole world hears about it. But how often do you hear about cyber attacks on the SMBs of the world? Probably not often, or never. Well, today, that’s all about to change. The New York Times recently ran an article telling the story of a small business, just like yours, that suffered a major cyber attack. Here’s the story, and some ideas as to how to protect your business.
Last holiday season, Rokenbok Education, a small, California-based toy company of seven employees, realized its worse nightmare. During the busiest time of the sales year, the files in their database became unusable—infected with malware. The hackers encrypted Rokenbok’s files using ransomware, a malware designed to hold a business’s data hostage, then demanded a payment to make them usable again. However, instead of paying the ransom, Rokenbok restructured their key system. It took them four days. That was four days of downtime, lost sales, and confused customers who likely lost confidence in the integrity of their company. Luckily, this did not put Rokenbok Education out of business, but many SMBs aren’t so fortunate, and are forced to close after such a security debacle.
Why do security breaches like this happen to SMBs?
There are many reasons, but a common one is that small- and medium-sized businesses often focus on profits over security. And really, it’s hard to blame them. When you’re small, you want to grow your organization as quickly as possible. And you likely think that because you’re small, no one is going to attack you. However, nowadays hackers are onto this way of thinking. They know that SMBs don’t focus as much on security, which makes them a perfect target. In fact, according to Timothy C. Francis, the enterprise lead for Cyber Insurance at Travelers, 60% of all online attacks in 2014 targeted SMBs.
So what can your business do to protect itself against online attacks? There are a range of options, but it’s best to start off with an audit of your current security system to see where the holes are. This audit should check areas of risk, including customer data, employee access, and assets such as servers, computers, and all Internet-enabled devices.
After that, an obvious thing to do is to strengthen your passwords. While this has been said thousands of times over, many SMB owners do not take heed. Clay Calvert, the director of security at the Virginia-based firm MetroStar Systems, notes that hackers analyze how we create passwords and use big data analytics to crack them. “They have databases of passwords,” Calvert said. The best way to create a strong password is to make it long with a mix of characters. Password managers that encrypt your passwords can also help.
Aside from passwords, there are many other ways to boost your business’s security. You can install a firewall, keep your anti-virus software up to date, and move data over to the cloud (instead of storing it on company servers). Since many security attacks occur because an employee clicked on a malicious website or link, training your employees is also a smart move. A good way to start this training is to create an employee manual that includes security guidelines they must follow. For ongoing training, you can keep them up to date on the latest security threats through email updates and regular meetings. Once you feel confident that your employees are up to speed and your security practices are updated, you can hire ethical hackers to test your systems by trying to break through your security. This will let you know if there are any security holes you missed.
Calling in a security specialist
If all of this sounds like far too much to bother with, consider outsourcing your security to a service provider that specializes in digital security. This can oftentimes save valuable time and money in the long run. Best of all, this can provide peace of mind, knowing that you have a security specialist watching over your business.
If you’re feeling overwhelmed and unsure where to start with your business’s security, we’re happy to help perform a thorough audit and provide you with the digital security solution you need to keep your business protected. Security worries don’t have to keep you up at night, and we can help you implement the measures that will protect your business from disastrous security problems.
Leave a comment!
You must be logged in to post a comment.