In today’s age of digital information nothing is more important than keeping you data secure. However, we see stories in the news about large corporations and governments having information stolen all the time.
But, those large corporations aren’t the only ones at risk. The fact is that more than 70 percent of security breaches are targeted at small businesses. In fact, if you are a small business owner, there is a 50-50 chance your company will be the victim of a cyber attack.
You might be thinking if large corporations can’t seem to avoid cyber crime, there’s little you can do to prevent the same thing from happening to your business. But there are several things you can do to safeguard your online data.
What to Look For
In many cases, especially with today’s sophisticated hacking schemes, there aren’t as many telltale signs of being hacked as you might imagine. However, you should always be alert for:
• Slow or lagging computer response time;
• Pop-up windows that you can’t close;
• Your contacts report questionable or strange emails from your account that you did not send;
• Strange programs or websites asking for your credentials.
If you do discover malware or a virus in your system, you’ll first want to see if any data was compromised. Recovering that information is usually impossible, but your priority is to piece together what happened, how bad it was and which customers might have been impacted.
Preventing Breaches
Many businesses only discover the weaknesses in their online security protocols after they suffer a data breach. It’s often only after getting the situation under control that steps are taken to tighten security to prevent another incident from happening. But experiencing a breach should not be a prerequisite to taking the basic steps to prevent one.
To best minimize the risk of an attack, you should do the following simple things:
1. Back Up your data daily –While you should back up data to an external drive, it’s important to back up regularly, and to secure backups in a different location from your computer. The most reliable way to safeguard files is to back up to a cloud server with multiple security and failure-protection protocols.
2. Have a good Firewall – A firewall is designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Establishing a good, true firewall is your first defense against data breaches. Software firewalls are typically built in to home computers and turned on by default. If you have more than one computer connected in a small office network, you should have a hardware firewall to protect your network. A quality professional Firewall can also help prevent the spread of viruses if one of the networked computers becomes infected.
3. Install Antivirus Software on all computers – Antivirus software / Anti-malware software, is computer software used to prevent, detect and remove malicious software. Don’t cut corners with your antivirus program. Although most products offered by the major providers may be sufficient, our top brand recommendations are Trend Micro™, Malwarebytes, and Kaspersky™.
4. Use an Anti-Spam system – Spam is most often defined as electronic junk mail or junk newsgroup postings. More than just annoying, spam can also eat up network bandwidth and may carry attachments with viruses or spyware. It’s important to install a third-party type of anti-spam software to examine incoming email and effectively separate spam from legitimate messages. The filtering software built into computers typically does not do a good job of identifying and detecting all spam or offensive emails and preventing those messages from reaching your inbox.
5. Multiple Backups – Again, the single most important thing is to make sure you regularly back up your computers and servers, but go a step farther and ensure you have multiple backups or multiple versions of the backup. Any mistake can be undone and all work can be restored if you have a reliable, tested, secure and redundant backup system in place.
There are many popular online backup services for individual computers. While I agree they are simple to use and good for keeping a copy of your information off site, they are slow during the restoration process if you lose your entire computer, and these should not be used with servers. One of my favorite brands for computers and servers to backup with an external drive is StorageCraft®.
Response Planning
Like any emergency plan, you should outline your response to a cyber-attack in advance so you can be prepared to act immediately if your computer system is hacked.
The first step in an emergency plan should be to immediately physically disconnect affected computers from the network and the Internet. Then, copy and securely store access and activity logs from the machines. If possible, attempt to identify the type, nature and categories of compromised information.
Once you’ve assessed the initial damage and potential cause, you must have a plan in place to break the news to your business partners, vendors, customers or any other affected stakeholders. Notifying stakeholders quickly will demonstrate the organization’s transparency in dealing with the situation and allow you to get ahead of any reports from outside sources, such as the media.
Above all, understand that your business needs to stay vigilant and informed from the risks a cyber-attack could have on your company, your reputation and your future.
Keith Fletcher is the Chief Operations Officer at Speros and has been a C level executive with multinational corporations for the past 30 years. Speros provides technology solutions for businesses, offering telephone systems, IT services, surveillance systems, web design and branding solutions, and cloud computing. Fletcher can be contacted at 912.665.2429 or kfletcher@speros.com