5 common small business cyber-security myths

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.grbj.com/blogs/9-small-business-startups/post/83711-common-small-business-cyber-security-myths

It’d be difficult to find a business today that doesn’t use at least one
computer based or online system. With online cloud-based services available
for anything from accounting to file sharing, it’s no wonder that small
businesses are adopting (and inventing) these new technologies. However, as
technology gets smarter, so do hackers.

Though cyber attacks on large companies like Target or Home Depot may make
headlines, hackers are increasingly targeting small businesses.
Unfortunately, most small businesses are unaware of cyber-security threats,
leaving them especially vulnerable.

In order to better understand small business cyber security, let’s start by
investigating five common cyber-security myths:

1. Hackers only target large companies

Unfortunately, small businesses make excellent targets for hackers. Most
small businesses don’t have the resources to invest in heavy-duty security
measures but still possess valuable information. Additionally, many small
businesses are simply unaware of cyber-security risks and how to mitigate
them. Hackers are a real threat to small businesses and developing a
cyber-security strategy is incredibly important no matter a business’ size.

2. Cyber security is too expensive

While your business may not have an extensive cyber-security budget, making
smart decisions now can save you thousands of dollars in the long run. Here
are three simple strategies to better protect your business:

Passwords: The longer your passwords are, the safer they are. Ideally, all
passwords should include upper and lowercase letters, numbers and special
characters. Never use the same password for multiple sites or logins, and
never display your passwords publicly.

Enable two-factor authentication (2FA): Two-factor authentication is a
technology that uses two different components to identify users. For
example, with an account using 2FA you may be asked to enter your username
and password and then sent a text message with a verification code. You
will need to enter the verification code before being able to access your
account. If a hacker were to obtain your account password, 2FA adds another
level of security by sending a unique code to your phone. Without this
unique code, the hacker is stuck.

Train your employees: Your employees are your first line of defense against
hackers. Take the time to establish cyber-security policies and procedures
and make sure all employees comply. Additionally, not all hacking takes
place behind computers. Some hackers may walk into your business, claim
they are from an IT company and ask an employee for access to your
database. Physical security is just as important as online security!

3. Hackers only target businesses with online stores

Though your business may not have an online store, chances are you still
have information that is valuable to hackers. A cyber hacker could be after
e-mail addresses, intellectual property, access to your internal e-mail
accounts or databases. Don’t ignore cyber security just because you don’t
process credit cards online!

4. All cloud-based services are automatically secure

Cloud-based services offer small businesses an easy way to collaborate,
manage e-mails, store files and much more. However, before you transfer
your entire business to the cloud, take some time to determine what service
is the safest for your business. Choose a cloud service that provides data
protection during upload, storage, backups, data recovery and technical
support. Additionally, some of your most sensitive data may require extra
encryption, so ask any cloud-storage provider about their encryption
options. As always, applying general cyber security best practices like
changing your passwords often will improve the security of your cloud-based
accounts as well.

5. Using public Wi-Fi to conduct business is always safe

Many small business owners are on the clock 24/7. While mobile phones,
laptops and public wireless Internet make it convenient to conduct business
wherever you are, they also offer hackers another opportunity to infiltrate
your network. It’s incredibly easy for a hacker to log into that same Wi-Fi
network and intercept all of your activity. Think twice before sending a
confidential email, accessing client data or processing payments on public
Wi-Fi. An even better solution is to set up a Virtual Private Network
(VPN). Click here for more information on VPNs.

There are many opportunities for small businesses to improve their cyber
security. Now that we’ve addressed these common myths, review your own
cyber security best practices!

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!