News/PR

Cybersecurity Essentials for Small Businesses

December 23, 2013

Author:  
by kmurray, Community Moderator

Source:  
SBA.gov

You may be hearing the term “cybersecurity” more frequently these days and wondering how it applies to your small business – if at all. It does. Cyber threats are an issue for everyone, and small businesses are becoming more common targets for such threats and crimes because they often have fewer preventative or responsive resources. So, what do you need to know? Here are some essentials as featured in one of our latest online trainings.

What is cybersecurity?

With the help of technology and best practices, cybersecurity is the effort to protect computers, programs, networks and data from attack and damage.

Why is cybersecurity so important?

Consider all the information you have that needs to be secure:

Personal information for employees
Partner information
Sensitive information for customers/clients
Financial and sensitive business information
It’s essential to do your part to keep these details safe and out of the hands of those who could use your data to compromise you, your employees and the foundation of your small business. Think it can’t happen to you? Think again:

CNN reports nearly half of the data breaches that Verizon recorded in 2012 took place in companies with less than 1,000 employees.
A Symantec report showed that 31% of all attacks in 2012 happened to businesses that had less than 250 employees.
A different Symantec report Download Adobe Reader to read this link content showed cyber attacks were up 81% in 2011.
What are common cyber threats and crimes?

There’s a broad range of information security threats. Some of the most common include website tampering, data theft, denial-of-service attacks and malicious code and viruses.

Website tampering: Website tampering can take many forms, including defacing your website, hacking your system and compromising webpages to allow invisible code that will try to download spyware onto your device.
Data theft: Data theft can come in various forms, and the problems that come with it depend on what kind of data is stolen. Some examples include:
Theft of computer files
Theft of laptops, computers and devices
Interception of emails
Identity theft
Denial-of-service attacks: A denial-of-service attack happens on a computer or website and locks the computer and/or crashes the system with which you’re working. This results in stopped or slowed workflow and prevents communication. The ultimate goal of this kind of attack is to prevent you from conducting business with your internet-connected systems.
Malicious code and viruses: These threats are sent over the internet and aim to find and send your files; find and delete critical data; or lock your computer or system. They can hide in programs or documents and make copies of themselves – all without your knowledge.
What can I do to protect my business?

The first step to protecting the information in your business is to establish comprehensive security policies – and keep them up to date. Make sure your employees know and adhere to your policies and best practices for internet, email and the desktop. Here are just a few to keep in mind:

Don’t respond to popup windows telling you to download drives
Don’t allow websites to install software on your device
Don’t reply to unsolicited emails
Use screen locks and shut off your computer at the end of the day
Ensure that your computer hardware and software are updated regularly on all devices throughout the company. Change passwords periodically and use firewalls to protect your systems. You should also consider backing up your data on a regular basis so that if anything is compromised, you have a copy.

Want to learn more about how to help make your business more cyber secure? Check out our self-paced online training course, “Cybersecurity for Small Businesses,” which features more tips and additional resources to help you along the way.

Click here for more information. »