Does the idea of data security and your confidential business data being accessed by users around the world who aren't your employees scare you? Did you know that network security issues can surface for days, weeks and months before you or your IT department might even be aware?
Some Numbers to Back Up The Fear
IT security professionals have a difficult time keeping up with the latest data security threats and counters. It's nearly impossible for the one and two-man IT departments of small businesses to stay on top of everything. Keeping anti-virus programming up-to-date on all employee computers is a core piece of any security strategy, but the truth is many small and medium businesses don't have the in-house expertise to keep on top of data security issues. And with IT security expertise increasingly in demand, it will become harder and harder to keep these experts on staff for smaller businesses.
So with all of this doom and gloom, what are small and medium business owners to do? The Federal Communications Commission (FCC) recommends ten tips geared toward small business security. The list may look daunting, but with the help of Fraser's Managed IT Services you can accomplish your goals and remain secure.
Ten Cyber Security Tips for Small Businesses
- Train employees in security principles. This may seem like basic advice that you already do with your staff, but did you know that Fraser offers a cyber security training program to teach your staff how to spot phishing, ransomware and other cyber security threats? Our own staff are required to complete this comprehensive training to help US protect our network and data. By teaching employees about the threats out there and how to handle and protect customer data, you can feel safe that your staff is keeping data safe and secure.
- Clean and update. Something many IT departments just don't get to are those pesky patches. Those patches are the latest security updates that keep your network and computers safe from attack. So set reminders and keep the latest versions of software, security software, browsers and operating systems up to date to protect against cyber attacks.
- Provide firewall security for your Internet connection. Firewalls are a set of related programs that prevent outsiders from accessing your company's data on a private network. Just like the name implies, the wall keeps what's on the other side safe. This wall protects your company from intruders. So double check your operating system's firewall is enabled. Also, if employees are working remotely from home, make sure their systems are protected by a firewall as well.
- Create a mobile device action plan. Mobile devices (smartphones, tablets, laptops) all create significant security and management challenges if they hold confidential information or can access your corporate network. Make sure all mobile users who have access to your corporate network with their device have the devices password protected, encrypt their data and install security apps. Also, set up a standard procedure for reporting lost or stolen devices.
- Backup all company data, information and documents. With our work days filled with all sorts of tasks, sometimes backing up data falls through the cracks. That could be a huge mistake for a business. Critical data that should be backed up includes word processing documents, electronic spreadsheets, financial files, human resources files and accounts receivable/payable files. With Managed IT services, you can back up your data automatically. Storing copies of your data offsite or in the cloud is also a safe way to keep track of all the data you need.
- Control physical access to your computers and create user accounts for each employee. Your company and all of its data is confidential and should only be accessed by you and your employees. It is imperative to prevent access or use of business computers by anyone who is not authorized to see this data. Laptops are very easy targets for theft and can easily be misplaced or lost. Be sure to lock them in a safe place when unattended. Also, have each employee assigned a separate user account that requires a strong password.
- Secure your Wi-Fi networks. Most businesses have a wi-fi network for their workplace. This should always be secured, encrypted and hidden. It should also require a password that only employees can utilize. Hiding your wi-fi network provides even more protection. To do it, you can set up your wireless access point or router so it doesn't broadcast the network name to any other location or business nearby.
- Employ best practices on payment cards. Working with online banking systems or processors has its inherent risks because of the amount of stored, sensitive data your business has online. It is important that your company use the most trusted and validated tools in this arena. You can also have additional security obligations with your bank or processor. Be sure to isolate payment systems from other, less secure programs, and do not use the same computer to process payments and surf the internet.
- Limit employee access to data and information. It might make sense to have just one employee control all access to your company's data systems. This, however, is not the best way to prevent network security issues. Employees should only be given access to the specific data that they need to perform their jobs and should not be able to install any software without permission.
- Password upkeep. This is the simplest way to avoid network security issues because it doesn't require a whole lot of time. Require your employees to use unique passwords and change them every three months. This is a great way to make sure employees' computers are protected.
This list can be quite a daunting task. At Fraser, we know the importance of data security and keeping your business safe and protected. Talk with your IT staff to ensure your company is doing the minimum to keep your data secure. If you don't have dedicated IT staff, consider Fraser's Managed IT Services to help you stay protected.