By Rieva Lesonsky
Has your website ever been hacked? If not, consider yourself very lucky and know that your good luck could run out at any time. Unfortunately, I speak from experience when I say having your website hacked causes incredible stress and takes a lot of time and precious working capital to get it back up and running again. In my company’s case, we ended up having to recreate what had taken months and months to develop.
You might think your business is too small for anyone to care about hacking your site. Well, according to a data breach investigations report from Verizon, small businesses are actually the most likely of all companies to be victims of cybercrime. Small businesses don’t usually have a dedicated IT department to keep an eye on their computer security, and new report from Symantec shows cybercriminals are increasingly targeting small businesses due to their less sophisticated defenses. Companies with 250 employees or less suffered 18 percent of targeted attacks in 2011, but the figure jumped to 31 percent in 2012. And while it’s true small businesses have less cash on hand for hackers to steal, they may have other data, such as customer information or intellectual property, that’s valued by hackers.
The chief security threats small businesses face include malicious websites, email spam, phishing, malware and securing sensitive data. To protect your business from cybercrime, try initiating these five steps:
- Set up guidelines. Have an IT security expert help draft IT guidelines for you, your employees, your vendors and even your customers—anyone you share company information with. A clearly written IT policy can help avoid second-guessing on what is appropriate and allowed. Let employees know what websites can be accessed on company computers, and prohibit downloading of new programs without approval. You can find security policy templates online.
- Create a mobile policy. According to the Symantec report, attackers also use malicious software designed to steal information from employees’ mobile devices. Make it a policy that employees cannot access classified company information from their mobile device, nor download any apps without approval.
- Stay updated. Firewalls are only the first step in protecting your company’s computers. Make sure all systems and applications are regularly updated with the latest security patches and pay for a top-notch virus protection program. Is your data backed up regularly? Don’t forget your website backup. Find out what security measures your Web host has in place and make sure its systems are the best that cyber security has to offer.
- Keep changing. Change passwords often (there are many programs that can help you do that automatically) and make sure passwords are strong and stored securely—especially when an employee or an outside contractor leaves.
- Get insured. Did you know you can buy business insurance specifically for the cyber security threats small businesses face? You’ll need insurance money if your company is taken to court because a cyber attack caused the disclosure of a client’s confidential data or if you need to get your business back on track after the loss of data or digital assets, or the introduction of malicious code or viruses.
Rieva Lesonsky is CEO of GrowBiz Media, a media and custom content company focusing on small business and entrepreneurship. Email Rieva at firstname.lastname@example.org, follow her on Google+ and Twitter.com/Rieva and visit her website, SmallBizDaily.com, to get the scoop on business trends and sign up for Rieva’s free TrendCast reports