The month of October is the tenth anniversary of National Cyber Security Awareness Month. (NCSAM) This is a great time to take a look at your business practices regarding computer security, network security, web site security, and data protection. A great place to start is the StaySafeOnline.org website provided by the National Cyber Security Alliance.
On this web site you can find tips on how to:
- Assess your risks
- Monitor threats
- Report cyber attacks
- Implement a security plan
- Protect your customers
- Train your employees
Smaller businesses are attractive targets for cyber-criminals because they generally have fewer defenses, and they generally have no formal policies or training in place for employees relative to computer and network use or network security. The web site reports:
- 77% do not have a formal written Internet security policy for employees.
- 63% do not have policies regarding how their employees use social media.
- 52% have a plan or strategic approach in place for keeping their business cyber secure.
- 45% do not provide Internet safety training to their employees.
- 67% allow the use of USB devices in the workplace.
- 59% say they do not require any multi-factor authentication for access to any of their networks
- 50% say that all of their machines are completely wiped of data before disposal.
You cannot afford to be one of these small businesses any longer. A couple of recent cases reported on this blog illustrate what can happen to the unprepared. Please read Escrow Firm Loses $1.5M In Cyber-Heist or NC Fuel Company Loses $800K to Cyber-Thieves for some disturbing examples of what can happen to your business if it is improperly secured.
A good start is to team up with a company that specializes in providing IT security services to small businesses. A security audit, vulnerability scan, or penetration test can uncover weaknesses in your cyber security that you and your system administrator or computer support provider can address. Doing nothing and hoping for the best is not a good choice.Share