Small business owners tend to think that they are flying under the radar when it comes to properly securing their business data. Unfortunately, hackers are targeting more small businesses than ever due to lax system security.
Limited budgets and few or no technical experts on staff, small businesses generally have weak security. Cyber criminals have taken notice. In 2010, the U.S. Secret Service and Verizon Communications Inc.s forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa Inc. estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.
Read the whole article if you think it cant happen to you but odds are that you have some network security and data protection problems that can be fixed very easily and you wont need to go through all of the expensive remedies the gentleman had to go through.
Here are 3 simple things you can do to improve your small business information security:
Improve Your Password
Far too many businesses do not enforce strict password guidelines which makes it easy for a hacker to get into your system. Passwords such as 1234, love, password and qwerty may seem cute and are easy to remember, but believe it or not, hackers know that people are too lazy to choose strong passwords. If your password is not on this list, congratulations, but hackers have lists of thousands of common words, names, dates, and products that they use to evade IT security. Why make it easy for them?
Strong passwords are at least 8 characters long and consist of a combination of capital and lower case letters, numbers and symbols. Instead of using your boyfriends name Jason, try using *JAson98! or (jAsOn98). Anyting is better than using a word anyone can guess.
And, for goodness sake, change your password every 3 months. This will help lock out anyone who has infiltrated your system. Remember to change your password after employees leave and delete their login accounts. Good terms or bad, if they no longer receive a check, they should not be able to gain access. I know of an ex-employee who threw out a folder of hand written notes which contained his username, password, email server, network login, IP addresses and enough information for anyone snooping in our trash to have root access to our entire network. I found the folder and shredded the documents. Do not leave sticky notes with the password on the monitor, under your keyboard or in your drawer. Everyone knows where to look.
Keep Your Computers Updated
The longer any software is available, the more time there is to find security holes in it and figure out ways to exploit them. Hackers have nothing better to do than sit around and find faults in software. As these exploits are discovered, the software manufacturers develop patches that close those holes and fend off unwanted intruders for a little while longer. be sure to do all software updates on all of your computers at least once a month.
Use Anti-Virus and Anti-Malware Programs
This is 2011. If you are not using a good anti-virus program then you deserve anything that happens to your data. In the article above, the gentleman had malicious software (malware) on his computer since 2009. This means he was not scanning his computers with updated anti-virus and anti-malware programs. There are free programs out there that will keep your system clean and automatically update themselves daily so you always have the latest patches for any new viruses.
Play an active part in your small business IT security program. It will save you more in the long run.