Assess risk and identify weaknesses
As small business owners, you should analyse online and operating systems to determine the area’s most at risk. For example, is your customer data,
internal accounting information and other sensitive data linked to the Internet? It should not be directly and always connected to the internet as this
presents a huge risk, hackers love computers with accounts.
As part of this risk assessment, you should also ensure that updated anti-virus programs, anti-spyware programs and firewalls are installed on all
computers and that employees are required to change their passwords every 30 to 50 days. Microsoft market leaders in protection software offer security
essentials as a free download - get it. It can be updated every 24 hours free of charge.
Back-up critical information
You should establish a schedule to perform critical data backups and system upgrades on a regular basis throughout the year. Sad to say many do not
until the horse has bolted! Shut that stable door before it’s too late! Creating back-ups on a regular basis ensures that critical data is not lost in the event of
a cyber attack or natural disaster. Store all backup copies in remote locations away from the office, such as on an external hard drive, and encrypt any
sensitive data about company or customers.
Create a contingency plan
You should also draft a contingency plan to follow if the business suffers a cyber attack. This plan should include steps on how to continue business
operations at an alternate location when necessary. Be sure to test the plan annually. Have a computer or computers away from the business location
somewhere safe like home, which contains everything you may need in the event of a disaster. Sounds irrational but we live in a modern society where
events beyond our control can and do happen. Be prepared.
As I mentioned earlier education, knowledge, know how, being aware all helps to combat this crime against business and us personally.
In order to create a culture of security, you must demonstrate to employees and customers that cyber fraud is a concern you take seriously.
This involves educating employees and training them on proper Internet practices and technology solutions, as well as encouraging customers to protect
themselves, as consumers, against cyber fraud. You should also integrate a cyber security roll out plan within the yearly business plan. This plan should
also include steps for measuring success. Make the fact you have safe business practices a bonus point for staff. A case of beer or a free meal goes a
long way to saying thank you.
Implement a security agreement
Now this is a difficult area to educate your staff with how ever again it is your business and your money that gets lost.
You should require employees to sign a security agreement to demonstrate that they are active participants in helping to maintain a secure online
environment. This agreement also should require employees to report any suspicious online activity or known Internet crime to the proper authorities.
BWNF has a good rapid response form on the home page under the heading (inform us please make this hyper linked)
If fraud or criminal intent is suspected, you should report it not only to us but the local Police team.
Cyber security is good for your business and your finances
Not only are you, as a small business owner, obligated to inform your customers if their personal information has been compromised, but you can also
earn their respect as a trusted business partner by promoting the security practices that you have implemented to protect their data.
Consumers are starting to take notice of how businesses secure their data and are more willing to trust and reward businesses for good security
practices. In fact, nearly 85 percent of consumers in a recent survey said they would increase their shopping at a store known for good cyber security
practices, while only 20 percent said they would continue shopping at a store that had a recent data breach, according to a market research firm.
The losses resulting from cyber crimes, which can severely damage a businesses’ reputation, often outweigh the costs associated with the
implementation of a simple security program. By implementing a security program that involves both technical controls and cultural adjustments, you, as a
small business owner, can take a big step in fighting cyber crime.
Cyber Crime and your Business
As small and large businesses increasingly rely on new Internet technologies to remain competitive within the local and global marketplace, they are also
becoming more susceptible to cyber crime attacks.
Cyber crime can have a devastating impact on a small business, which often lacks the in-house technical expertise and resources to quickly and fully
recover from cyber attacks. Small businesses can also even unknowingly aid in cyber crime by using unsecured computers, which cyber criminals can
hijack and use to attack other online businesses; the economy’s life blood. While there are numerous technological steps small businesses can take to
better secure their environments, IT infrastructure and controls alone are not effective in combating cyber fraud.
Small business owners must also take steps to create a “culture of security” among both their employees and customers. BWNF will advise on these
measures, simple guidelines to help protect your business. Unfortunately, many small business owners are not currently taking such measures. In fact,
only a little more than half of small business owners employ such simple precautions as requiring employees to sign security policies. Harsh, yes, but it’s
your business you are protecting.
By taking such basic steps as requiring employees to sign security policies, small business owners can establish expectations with employees about their
role in protecting customer and company data and set the tone for a “culture of security” in the workplace.
Below are five technological and cultural adjustments small business owners can make to better defend themselves against the serious threats posed by