Some SMB owners believe their company is too small to be worth a hacker’s time. For others, the idea of incorporating security technology is so daunting that they opt for the most basic security, thinking it will be enough. However, a survey last year conducted by the British Chamber of Commerce* found one in 10 SMBs have been the victim of a cyber-attack in the last year and yet only one in five SMBs have cyber-security accreditations in place.
If you’re worried it’s too expensive to invest in data security, you should really consider not only how a cybersecurity attack will hurt your business but how it can impact of your customers.
Even the smallest businesses are trusted with vital information, like email addresses, and credit card information. In the wrong hands, this type of data can ruin a person’s life, costing them money, time and causing extreme stress.
Investing in strong cybersecurity technology will protect your business’s reputation and your customer’s sensitive data.
Hackers will also exploit your trust; this could be something as simple as an employee clicking an untrustworthy link or sharing sensitive information with a hacker posing as someone else.
All in all, when you’re online – either at work or home – you should be focusing on two things:
- Protecting your data connection
- Protecting your credentials
Below are some quick tips you can follow to protect your business’s most vital information.
1. Protect Your DNS Server
DNS stands for Domain Name System and is responsible for mapping an IP address to readable names. Anytime you type in a web address, like Cisco.com, a DNS server identifies the IP address associated with that query and directs you to the proper site. This process occurs during every connection online.
However, hackers can be quite sneaky, using programs to trick a DNS server into redirecting a user to a fishy website where they can collect your data for their use. It’s important to have a cybersecurity tool that protects you at a DNS level, so every connection is protected. A product like Cisco’s Umbrella provides DNS-layer security to block malicious domains before they reach you.
2. Protect Against Credential Theft
People often don’t give their credentials much thought unless they are actively using them. Unfortunately, just because you’re logged out of a site doesn’t mean your credentials aren’t at risk.
Multifactor authentication (MFA) remains one of the best ways SMBs can guard against credential theft. Whenever you provide your credentials to log into a platform, an autogenerated password is sent to your phone or inbox to verify your identity. Many MFA products like Duo will also alert you if a failed log in is attempted, this allows you to securely update your details and stay secure.
3. Use a Password Management Tool
You’ve probably heard it time and time again, “Don’t reuse your passwords!” But let’s be honest, we’re all guilty of it. Maybe you’re on a lunch break and you just need to set up a quick account to buy that pair of shoes that just went on sale. Why take the time to create a brand-new password that you’ll just forget anyway?
This type of scenario is exactly what hackers are banking on, which is why you should vary your credentials across all platforms.
When an organisation is hacked, hackers will reuse passwords across the web to see if they can access more valuable information. Suddenly, that password you used to buy your weekly food shop is being used to access your banking information!
Providing a good password management tool for your employees allows them to store hundreds of passwords safely so you never forget them. Best yet, most password management tools are accessible from any device, so you can get your passwords from anywhere.
4. Manage Your social media
Social media has become a way of life, not only for individuals but for companies as well. Nowadays, you can use your social media credentials to buy products, log into third-party apps, or even order food. While convenient, these connections can lead to vulnerabilities within your business.
For example, an employee may unintentionally link their private email to log into a business application. If their personal email is compromised, hackers can potentially infiltrate that business application, resulting in a cybersecurity breach.
Several programs, like Umbrella, use a Cloud Access Services Broker (CASB) that manages and monitors all connections to your cloud service, blocking any unwanted connections from occurring.
From a user standpoint, employees should practice good social media hygiene. Businesses should educate employees about the dangers of posting personal information on social media. Hackers often search employees’ personal social media pages for information to gain their trust. This information can be used to make phishing emails look legit.
Cybersecurity and More Solutions for SMBs
If you’re looking for more ways to improve your small business’s security – and a whole lot more –check out our SMB solutions. Our IT experts are happy to show you how to optimize your technology solutions, protect your data, and more.
