Okay friends. We’ve survived a pandemic (sort of), a few record busting recessions, and a number of other “should be once-in-a-lifetime” events and there’s no hint of things slowing down. If you’re looking at the headline on this article and thinking that cyber attacks are way above your paygrade and you’re “too small” to be attacked, consider this: As we go deeper into the Russia-Ukraine crisis, cybersecurity threats to the rest of the world have climbed steadily, according to CNBC. In addition to the frequency steadily climbing, the cost of a data breach to companies has steadily increased from an average $7,000 ransomware attack in 2018 to an average of $4 million in 2021; with the cost being higher for companies that operate remotely.
What does this mean to you (and to me) as a business owner?
It means you have to actively take steps in your day-to-day business practices to help keep your business – and your client’s information – safe from hackers. If you’re a solopreneur, or a small business owner like me, you don’t have an IT department you can deputize to keep you safe, and you have a limited amount of time to devote to keeping your business safe. So where do you begin?
Understand the most common threats
Not all hacking is created equal. The most common ways your business can be attacked will include one or more of the following things:
- Malware. It’s a piece of software designed to “disrupt, damage, or gain unauthorized access” to a computer system, according to the Oxford dictionary. Once it accesses your system, malware will need to be identified, detected, frozen, removed and remediated.
- Ransomware. A specific type of malware that will restrict access to a computer or a certain number of files until a ransom is paid. Your computer system effectively becomes hostage of the attackers.
- Phishing. A type of attack that makes an email or a website look like another in order to collect your information and then infect your computer.
- Man in the middle attacks: A type of attack where your communications get intercepted. Mostly happens when you’re connected to a public wi-fi hotspot for convenience and someone can snoop into your communications.
How to keep your systems safe
- Protect your passwords. Long unique passwords with at least 8 characters and a combination of letters, symbols and numbers are the minimum you should be using. This includes your wi-fi passwords.
- Consider using a password management service. Apps like 1password and Last Pass can help you keep individual passwords for every account you use; and can also help you generate complicated passwords in a pinch.
- Change your passwords twice a year.
- Enable multi factor authentication whenever possible. This system makes you use a second device or application in order to be able to access a password-protected system. It does add a step to logging into an account, but also helps keep you safe.
- Watch for suspicious email attachments. If you receive an unexpected email with an attachment — even from a known contact — don’t open it without scanning it with a virus detection software. Whenever possible, send and receive your attachments through encryption services.
- Install virus protection services, and scan your system often.
- Update your systems when new versions are released — this includes your website and plugins. New versions include protection for identified new risks and installing updates helps your systems deploy the latest level of security available from the manufacturer.
- Password-protect your computer and your smartphone.
- Activate “wipe if stolen” services on your computer and your smartphone.
- Backup your files offline. As cloud storage becomes more available and popular, we tend to keep and store all our files on the cloud. Keeping an offline backup on an external hard drive is a good way to ensure your files are available even in case of a disruption.
- Consider cyber breach insurance. A good policy will cover your liability if your files were to be lost and your business income affected by cyber crime.
If you’re concerned about the safety of your website, email or current business setup, talk to your insurance agent and your favorite IT professional about the steps you can take to keep your business safe from hackers.