Make Cyber Security a Priority This Year (Infographic)
43% of cyber-attacks target small business owners, so we sat down with Mike Blache, Chief Information Security Officer at TaxSlayer, to understand why you should make your company’s cyber security a priority and to learn steps to protect your business.
Small businesses don’t usually spend as much money on cyber security as larger corporations, and cyber criminals are looking for easy access to sensitive information. As regulations begin to mandate that large corporations take greater steps to protect their businesses from cyber-attacks, small businesses have become more frequent targets.
You may think that because your company doesn’t have a lot of money in the bank, your company is safe from cyber-attacks. Cyber-criminals, however, still want access to personally identifiable information (PII), like your customers’ information (including credit card numbers and billing addresses) and your employee data (including social security numbers).
A cyber-attack won’t just hurt you, as the small business owner, but it will also hurt other individuals, like your customers and employees. If you don’t take appropriate measures to protect your company, you can have criminal and civil suits brought against you.
How Can I Protect My Company?
Don’t download anything from unknown sources.
Keep your software and operating systems up-to-date. Updates often patch holes in the system and provide important security updates.
Choose a reliable antivirus software and keep it updated. An antivirus software is not the be-all end-all, but it will block a large percentage of cyber-attacks.
Set up firewalls. You don’t need anything extremely expensive because attackers don’t want to spend more effort than your company is worth.
Store PII on the cloud.The cloud provider you choose is already spending money to protect their data, so they’ll also be able to protect your data. This will take much of the burden off you, but it’s still your responsibility to do your due diligence to ensure you’re using a reliable cloud provider.
Implement a strong password policy. Consider using 12+ character passphrases, instead of passwords. Passphrases are easier for you to remember, but the length makes them difficult for a cyber-criminal to crack through brute force.
Don’t reuse passwords for multiple accounts. If one account is compromised, it will be easy for an attacker to gain access to all your accounts.
Use a password management program. It can be difficult to remember different passwords for every account you have, so let a password management program remember for you. Password management programs include LastPass, Dashlane, and 1Password.
Take advantage of your service providers’ multi-factor authentication (MFA). MFA makes it more difficult for an attacker to gain access to your accounts. Ideally, MFA should include: something you know (like a passphrase), something you have (like an email address or phone number), and something you are (like fingerprint or facial recognition).