As a small or medium-sized business, you may think that computer security isn’t relevant to you, because you’re too small for anyone to target.  But really, you are the ideal target.  Because you have more sensitive data than an individual but less security than a large business, attackers will go after you specifically.

According to a recent infographic by the National Cyber Security Alliance, 71% of attackers target small businesses and 60% of small to medium-sized businesses (SMBs) that undergo a data breach go out of business after 6 months.

Businesses can’t avoid addressing computer security.  The problem is that small and medium-sized businesses don’t typically have the resources to spend thousands of dollars for an IT professional to create and implement security measures.  Additionally, many businesses don’t know where to start with computer security. They don’t understand what options are out there for them, and when they research their options, they are overwhelmed by technology jargon.

Fortunately, there are affordable, easy, and innovative solutions for SMBs to boost cyber-security.  Below we highlight 4 tips for small and medium-sized businesses to increase business computer security.

 

1. Educate Employees

A 2015 report by Ponemon Institute LLC states that 19% percent of data breaches are caused by employee negligence. To prevent negligence, begin educating your employees on cyber-security. Explain the most common ways that data breaches can occur. Tell them not to share passwords and to keep their passwords protected; this means no writing passwords on sticky notes that employees keep on their desk. Research the latest phishing schemes on Google and make employees aware of them.

You should create guidelines for employees on computer security best practices.  Educating employees won’t cost anything except a few hours of your time and your employee’s time.  If this stops a data breach, it’s a no-brainer to begin educating employees.

 

2. Get an SSO

Another common contributor to data breach are disgruntled ex-employees.  It’s happened to many of us.  You fire an employee who storms out of the office cursing and throwing things.

The boss gathers the employees and asks the fatal questions.  Which passwords did he know?  Which ones do we need to change?  How fast can we change all of them?

Hours can be spent replacing passwords for the numerous applications that companies use. Or, even worse, companies often forget to change passwords and ex-employees maintain access to applications.

According to the same 2015 Ponemon report, $217 is the average cost for each stolen record after a data breach.  If an employee has access to hundreds of records, the damage could be catastrophic.

To prevent these issues, we recommend getting a business-grade single sign-on service.  With single sign-on applications (or SSOs), users login with one username and password and gain access to all of their prescribed applications without knowing any other passwords.

This enables owners to easily manage employee access, while making access removal simple.  Since employees don’t know any of the actual passwords to applications, employers only need to remove access to the SSO application when an employee leaves.  Additionally, SSO is usually pretty inexpensive and does not require IT personnel to manage or implement.

There are many SSO options for companies, but we offer ConnectID in our business tech plans, because of it’s simplicity, functionality, and ease of implementation.  You can get more information on ConnectID here.

 

3. Maintain Security Software

Obtain and maintain malware detection software and antivirus software on workstations and servers and make sure firewalls are up and working. New and dangerous malware and viruses are frequently released.  Keeping your malware and antivirus software up-to-date is integral to preventing the latest threats.  You can easily search Google for reliable malware and antivirus software, and there are both free and paid options.

 

4. Secure Your Files

Contrary to some opinions, the cloud is not insecure.  Rather, business-grade cloud file sharing is often more secure than having a file server, and significantly more secure than consumer file share products like Dropbox.

 

When employees externally share sensitive files, they typically do so via email.  If an email account is compromised, any emails with attachments will be accessible to whomever has accessed the account, and if they contain sensitive data, this could cause huge data breach issues.

 

Furthermore, at some point in email transition, it’s possible for emails to be unencrypted, which poses further threats to privacy.  To prevent this, documents should either be shared through encrypted file sharing software, or they should be password protected.

 

With sensitive internal documents, it’s important to reduce and protect access.  You should password protect sensitive documents and only provide the passwords to personnel that need access.  This will prevent unwanted access and reduce the threat of data breach.

 

When selecting a file sharing software, look for software that focuses on security.  Important features include: at rest and in transit encryption of documents, the ability to password protect documents, and the ability to see who has edited and accessed documents.  We include ShareSync as a file sharing solution in our business plans and recommend it to our clients, because it has all of these features.  Many other file sharing options either don’t focus on security or have limited security features.  ShareSync also does not require IT setup or maintenance.  Unlike a traditional file server, it is easily implemented and user friendly.

 

With 60% of SMBs going out of business after 6 months when they undergo a data breach, waiting to implement computer security measures could be deadly to your company should a data breach occur.  Completing the above steps is an inexpensive and easy to way to boost your security and help prevent data breach.