Many small and medium businesses (SMBs) are vulnerable to security threats. Whether they’re aware of the risks and know that they need improvements or they’re operating in blissful ignorance of the costs of a cybercrime, discussing security and data protection upgrades can be challenging. Many of these companies consider themselves a low priority target for attackers, or simply feel that their current antivirus is adequate protection against an attack. These businesses typically focus more thought on daily operations than on whether or not they are at risk for a data breach.
However, companies of all sizes must protect themselves against malware attacks, injections, and similar hacking techniques to avoid extreme losses. For SMBs, this discussion is vital, because a major breach can cause insolvency. In fact, Experian estimates that as much as 60% of SMBs go out of business within six months of a cyberattack. By understanding what to discuss with their service provider, SMBs can develop stronger protections against catastrophic events.
Operating and Mission Critical Systems
First, identify the primary operating system (OS) and version of it that is running. Many older OS versions, such as Windows XP, no longer offer support for the latest protocols. Patches that were put in place four years ago won’t cut it today, so companies that are operating on systems that are no longer supported should upgrade immediately.
Software that is critical to daily business operations should also be considered. Web services, communications, and planning systems should undergo examination concerning the type of securities in place.
Current Authentication Practices
Another area that SMBs should discuss involves internal policies. When considering how to heighten data protection, companies should examine current password policies and physical restrictions. Often, weak passwords open up a variety of cybersecurity concerns. A qualified service provider will ascertain whether or not an SMB is using the best password development system for strength, duration (if needed), and confidentiality. A recent study by Verizon determined that in 2015, stolen credentials accounted for more than 30 percent of attacks.
Password policy best practices include:
- Using at least 8-12 characters
- Never writing passwords down anywhere
- Creating passwords that are complex (have upper and lower case letters, numbers, and symbols), but are also easy to remember.
Password encryption services are also an effective tool. The idea is to fortify the weakest link in business data protection, which is most often the human factor.
Know the Risks
A cyberattack has the power to cause serious repercussions for SMBs that aren’t prepared. Whether it comes in the form of denial of service (DoS) attacks, malware infiltrations, language injections, brute force attacks, package transmissions that are susceptible to man-in-the-middle attacks, or some other malicious trespass, SMBs can’t afford to ignore data protection and cybersecurity concerns.