By Rieva Lesonsky
Cybersecurity is in the news lately, with President Obama recently proposing legislation that would set federal standards for notifying consumers about data breaches. Consumers aren’t the only ones worried about their cybersecurity: Small business owners, too, are concerned, says a recent report from the National Small Business Association (NSBA).
More than nine out of 10 small business owners in the study cited cybersecurity as a concern. This is not an unfounded fear: Half of them report they’ve already suffered a cyberattack, with 61 percent of those attacks taking place in the last 12 months.
What happened to these entrepreneurs as a result of the attack? A service interruption was the most common problem, followed by the business website going down. In addition, 19 percent had either their business credit cards or bank account hacked.
The cost of cyberattacks is also on the rise. In 2014 the average cyberattack cost a small business $20,752, a substantial increase from the average of $8,699 an attack cost businesses in 2013.
What do you need to know to prevent a cyberattack? First, know that small businesses are actually more likely than big ones to suffer an attack, because they’re less likely to have protections in place. (As one cybersecurity expert recently put it to me, “It’s like shooting fish in a barrel.”) So, taking data security seriously is the first step to safety.
By taking a few simple steps, it’s fairly easy to protect yourself. Follow these security basics:
- Make sure your business software is up-to-date, with the latest updates, security patches and bug fixes installed. You can set your software to update automatically for best results. Using cloud-based software apps ensures you’ve always got the latest version installed.
- To protect your computer network, install a small business security suite and implement a strong encryption plan. Encryption scrambles data so it can’t be deciphered if intercepted by hackers. A virtual private network (VPN) offers secure wireless use.
- Choose and use a secure backup system that allows you to save your business data off-site and restore it quickly and easily in the event of a cyberattack. For those of us without a big IT staff or loads of time to manage backup (that’s all of us, right?), cloud backup services offer a simple, affordable way to protect your business information from loss. Just make sure you know what you’re getting from a cloud backup service before you sign on—how is your information stored and protected? How fast can you get it back? How frequently can you back up?
- Train your employees in cybersecurity. Unfortunately, people are still the weak link when it comes to cybersecurity. Make sure your employees know not to click on links in emails, download anything from unfamiliar senders or send sensitive company or financial information on public wireless networks when they’re working out of the office. All it takes is one employee (or entrepreneur!) to let a hacker into your network, and your entire business could be at risk.
- Do a security audit every month, looking for viruses, malware and anything suspicious such as unusual transactions.
When it comes to cybersecurity, an ounce of prevention is worth a pound of cure. If you’re not IT-savvy, it’s well worth hiring an IT consultant to get you set up properly and make sure your business is safe.